|
Rootkit.Agent bringe ich nicht los C:\Windows\system32\Drivers\rlmij.sys Hallo. Ich bin mit Rootkit.Agent verseucht. Malwarebytes Anti Malware findet auch nach Beseitigung nach dem Neustart immer wieder den selben Eintrag. Trotz Einsatz des CC Cleaner auch kein Erfolg. Ich bin verzweifelt. Bitte helft mir!!! Hab vor meiner Anmeldung hier gegoogelt und hier in den Foren nach Anleitungen gesucht. Danke für die Infos. Leider kam ich nicht weiter was den rootkit.agent betrifft. Digital protection hab ich zumindest durch die Infos aus den Foren losbekommen. Hier also die Logdatei von Anti Maleware: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4058 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 19.05.2010 20:00:51 mbam-log-2010-05-19 (20-00-51).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 17427 Laufzeit: 4 Minute(n), 59 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Windows\system32\Drivers\rlmij.sys (Rootkit.Agent) -> Quarantined and deleted successfully. Danke Daveomillo |
Hallo und :hallo: Bitte Logs mit GMER und OSAM erstellen + posten. |
sorry, aber sehe meine Antwort von eben nicht im Forum unter meinen Beiträgen hier zum Thema angezeigt. weiss jetzt nicht, ob die logdateien ankamen? alles da? oder sehe ich meine erste Antwort erst, wenn Du auf meine erste Antwort wieder antwortest. Sorry für meine Unwissenheit, aber ich hab noch keine Beiträge in Foren verfasst. Bin aber lernfähig.:daumenhoc Danke Daveomillo |
Hallo. Alles klar jetzt. Die Logdatei war zu lang. Hier der Erste Teil: Logdatei von GMER Teil1: GMER 1.0.15.15281 - hxxp://www.gmer.net Rootkit scan 2010-05-22 02:57:22 Windows 6.0.6002 Service Pack 2 Running: e7tr3c5p.exe; Driver: C:\Users\David\AppData\Local\Temp\fwlcapog.sys ---- Kernel code sections - GMER 1.0.15 ---- ? System32\Drivers\rlmij.sys Ein an das System angeschlossenes Gerät funktioniert nicht. ! .text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8E406340, 0x3EB347, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- ? C:\Windows\System32\svchost.exe[2956] image checksum mismatch; time/date stamp mismatch; .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!CreateWindowExW 776B1305 5 Bytes JMP 6C4DDAC4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!DialogBoxParamW 776D10B0 5 Bytes JMP 6C405505 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!DialogBoxIndirectParamW 776D2EF5 5 Bytes JMP 6C5D473F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!DialogBoxParamA 776E8152 5 Bytes JMP 6C5D46DC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!DialogBoxIndirectParamA 776E847D 5 Bytes JMP 6C5D47A2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!MessageBoxIndirectA 776FD4D9 5 Bytes JMP 6C5D4671 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!MessageBoxIndirectW 776FD5D3 5 Bytes JMP 6C5D4606 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!MessageBoxExA 776FD639 5 Bytes JMP 6C5D45A4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!MessageBoxExW 776FD65D 5 Bytes JMP 6C5D4542 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!CreateDialogParamW 776A72A2 5 Bytes JMP 6C4DDE50 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!GetAsyncKeyState 776A863C 5 Bytes JMP 6C3F8EF7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!SetWindowsHookExW 776A87AD 5 Bytes JMP 6C4D9A75 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!CallNextHookEx 776A8E3B 5 Bytes JMP 6C4CD101 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!UnhookWindowsHookEx 776A98DB 5 Bytes JMP 6C44466E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!EnableWindow 776ACD8B 5 Bytes JMP 6C4DDCDD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!CreateWindowExW 776B1305 5 Bytes JMP 6C4DDAC4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!GetKeyState 776B8CB1 5 Bytes JMP 6C4DD28B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!IsDialogMessageW 776C0745 5 Bytes JMP 6C405A17 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!CreateDialogParamA 776C17AA 5 Bytes JMP 6C5D53AB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!IsDialogMessage 776C1847 5 Bytes JMP 6C5D4C47 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!CreateDialogIndirectParamA 776C26F1 5 Bytes JMP 6C5D53E2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!CreateDialogIndirectParamW 776C9A62 5 Bytes JMP 6C5D5419 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!SetKeyboardState 776D0987 5 Bytes JMP 6C5D4FB6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!DialogBoxParamW 776D10B0 5 Bytes JMP 6C405505 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!DialogBoxIndirectParamW 776D2EF5 5 Bytes JMP 6C5D473F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!SendInput 776D2F75 5 Bytes JMP 6C5D5B73 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!EndDialog 776D326E 5 Bytes JMP 6C407EC2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!SetCursorPos 776E6FB2 5 Bytes JMP 6C5D5BC7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!DialogBoxParamA 776E8152 5 Bytes JMP 6C5D46DC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!DialogBoxIndirectParamA 776E847D 5 Bytes JMP 6C5D47A2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!MessageBoxIndirectA 776FD4D9 5 Bytes JMP 6C5D4671 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!MessageBoxIndirectW 776FD5D3 5 Bytes JMP 6C5D4606 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!MessageBoxExA 776FD639 5 Bytes JMP 6C5D45A4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!MessageBoxExW 776FD65D 5 Bytes JMP 6C5D4542 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] USER32.dll!keybd_event 776FD972 5 Bytes JMP 6C5D5EF7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] SHELL32.dll!SHRestricted + D95 76758988 4 Bytes [4D, 30, EF, 6C] {DEC EBP; XOR BH, CH; INSB } .text C:\Program Files\Internet Explorer\iexplore.exe[4160] SHELL32.dll!SHRestricted + D9D 76758990 8 Bytes [57, 2F, EF, 6C, 9C, 5B, EE, ...] {PUSH EDI; DAS ; OUT DX, EAX; INSB ; PUSHF ; POP EBX; OUT DX, AL ; INSB } .text C:\Program Files\Internet Explorer\iexplore.exe[4160] ole32.dll!OleLoadFromStream 77201E12 5 Bytes JMP 6C5D4AA7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[4160] ole32.dll!CoCreateInstance 77239EA6 5 Bytes JMP 6C4DDB20 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [749A7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [749FA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [749ABB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7499F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [749A75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7499E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [749D8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [749ADA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7499FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7499FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [749971CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [74A2CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [749CC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7499D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74996853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7499687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2728] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [749A2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!HeapSetInformation] 51EC8B55 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] 1845DB51 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!CreateActCtxW] F855DD56 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!ReleaseActCtx] E8084DDC IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!LCMapStringW] 000004D2 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!lstrlenW] FF184589 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] 40516015 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!InterlockedExchange] F845DD00 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] 8B104DDC IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] 1865DAF0 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!GetModuleHandleA] 0004B9E8 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] 8BC88B00 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!GetTickCount] F74199C6 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] C28B5EF9 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] C9184503 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] 6015FFC3 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!TerminateProcess] 8B004051 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!GetCurrentProcess] 2B08244C IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] 9904244C IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!GetCommandLineW] 8BF9F741 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!ExitProcess] 244403C2 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!SetProcessAffinityUpdateMode] FF56C304 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!GetProcessHeap] 244C8B00 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!SetErrorMode] 748D9908 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!HeapFree] 2BC28B5E IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] 244403C1 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!LocalFree] 15FFC308 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!CloseHandle] [00405160] C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation) IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!LocalAlloc] 04244C8B IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] F9F74199 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] FFC3C28B IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!FreeLibrary] 40516015 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!Sleep] 646A9900 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!GetProcAddress] 33F9F759 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!DeactivateActCtx] 24543BC0 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] C09C0F04 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!GetLastError] EC8B55C3 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!ActivateActCtx] 0204EC81 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!lstrcmpW] 00000100 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!lstrcmpiW] 8B590040 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!__p__commode] 8D500000 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!_adjust_fdiv] FFFEFC8D IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!__setusermatherr] C93351FF IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!_amsg_exit] 558D5151 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!_initterm] 8D5052FC IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!exit] FFFDFC85 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!__p__fmode] FF5150FF IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!_exit] 40504415 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!memcpy] 56216A00 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!memset] FFFC75FF IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!__set_app_type] 40515C15 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!?terminate@@YAXXZ] 0CC48300 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!_except_handler4_common] C01BD8F7 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!_controlfp] C95EC623 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!_cexit] EC8B55C3 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!__wgetmainargs] 458B5151 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [msvcrt.dll!_XcptFilter] 33565308 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!GetTokenInformation] 33FC7589 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] 01518DFF IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] 8441198A IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] 2BF975DB IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] 802974CA IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] 7420063C IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] 75FF850A IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!RegDisablePredefinedCacheEx] 45FF470C IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 8A01518D IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] DB844119 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!RegCloseKey] CA2BF975 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] D772F13B IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!SetServiceStatus] 5FFC458B IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!OpenProcessToken] C3C95B5E IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] 56530CEC IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ntdll.dll!RtlFreeHeap] 68F63357 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ntdll.dll!RtlCopySid] 00000400 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] FFF87589 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] 40515815 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ntdll.dll!RtlAllocateHeap] 085D8B00 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ntdll.dll!RtlInitializeSid] C38BF88B IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ntdll.dll!RtlImageNtHeader] FC758959 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ntdll.dll!RtlSetProcessIsCritical] 8D0007C6 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] 108A0148 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [ntdll.dll!RtlInitializeCriticalSection] 75D28440 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [RPCRT4.dll!RpcServerListen] 1E048D66 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] 74203880 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] FC7D8328 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] FF0A7500 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] 45C7F845 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] 000001FC IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] 0C4D8B00 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] F84D3941 IAT C:\Windows\System32\svchost.exe[2956] @ C:\Windows\System32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] 016A3275 IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [6CEE1AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6CEE007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [6CEDE1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [6CEE0994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [6CEDEE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6CEDA3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6CEE1D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [6CEE3ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [6CEE2999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [6CEE3035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6CEDFBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6CEDE860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6CEDDC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6CEDFD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6CEDD4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6CEEFBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [6CEF051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [6CEEEB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [6CEEF817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [6CEEEF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [6CEEE5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [6CEEED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6CEE007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6CEDFBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6CEDE1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6CEDFD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6CEDE860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [6CEE1AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6CEDEE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [6CEE3ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [6CEE2CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [6CEE2926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [6CEE3035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [6CEE2999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [6CEDBD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [6CEE173F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [6CEDBFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [6CEE0F0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [6CEE14E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [6CEDED1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [6CEDBEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [6CEE1D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [6CEDC0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [6CEE103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [6CEDEE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [6CEE0994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [6CEE1614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [6CEE0921] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [6CEDFBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [6CEDA073] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [6CEDA3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [6CEDE717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [6CEDE860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [6CEDFD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6CEDFD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [6CEE0C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [6CEDDC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [6CEDD4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [6CEDD361] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6CEDEE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6CEE007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6CEDC0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6CEDE860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [6CEE3035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [6CEE2999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [6CEE1AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [6CEDBEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6CEDBFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6CEDE717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [6CEE2CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [6CEE2926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [6CEE3ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [6CEE23A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [6CEDBD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6CEDFBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW] [6CEDFAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA] [6CEDF973] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [6CEEED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [6CEEE43D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [6CEEEDE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [6CEEF9B7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [6CEEE9C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [6CEEE5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [6CEEEB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [6CEF020D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [6CEEF4DB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [6CEEEF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [6CEEFBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [6CEEF817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) |
und der 2. Teil IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [6CEF051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [6CEEFF19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [6CEF0085] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [6CEF0395] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [6CEEFDAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [6CEEF677] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [6CEDCFA8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [6CEE2999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [6CEE0C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [6CEDD22A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [6CEDD9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [6CEDDC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [6CEDEB68] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [6CEE1D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6CEDE1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [6CEDCAA7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6CEE007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [6CEDA3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6CEE0994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [6CEE3035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [6CEE3ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [6CEDC709] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [6CEDBD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [6CEE1AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [6CEDCD20] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [6CEDD4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [6CEE1614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [6CEE103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [6CEDEE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [6CEDC0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [6CEDBEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6CEE09B9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [6CEDC848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6CEDFD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [6CEDE860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [6CEDC368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6CEDFBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [6CEDC5D8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6CEDF0D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [6CEDFAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [6CEDF5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [6CEE65DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [6CEE620B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [6CEE7595] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [6CEE60AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [6CEE615B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [6CEE75E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [6CEE6533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [6CEE799A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [6CEE684F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [6CEE6E45] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [6CEE6AFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [6CEE6B47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [6CEE7281] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [6CEE6716] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [6CEE71ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [6CEE7021] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [6CEE7FBE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [6CEE7159] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [6CEE68E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsSystemFolderW] [6CEE6BE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [6CEE6803] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [6CEE6F81] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [6CEE63A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [6CEE80BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [6CEE8513] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [6CEE8176] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [6CEE7BA4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [6CEE8235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [6CEE697F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [6CEE6DAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [6CEE6D15] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [6CEE731F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [6CEE6EDD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [6CEE6C7D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [6CEE6AAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [6CEE78EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [6CEE63F4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [6CEE76D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [6CEE8732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [6CEE777E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [6CEE7831] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [6CEE667B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [6CEE7636] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [6CEDBB38] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [6CEE3ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [6CEE3035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6CEE007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [6CEE1AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [6CEDA3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [6CEDEE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [6CEDC848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [6CEDC368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [6CEDE860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6CEDFD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [6CEDBEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6CEDFBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [6CEE8235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [6CEE81D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [6CEE72CD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [6CEE75E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [6CEE76D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [6CEE65DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [6CEE788F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [6CEE86D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [6CEE78EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [6CEE8732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [6CEE6533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Program Files\Internet Explorer\iexplore.exe[4160] @ C:\Windows\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [6CED82F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [749A7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [749FA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [749ABB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7499F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [749A75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7499E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [749D8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [749ADA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7499FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7499FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [749971CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [74A2CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [749CC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7499D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74996853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7499687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[4868] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [749A2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 869E32C8 AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation) ---- Services - GMER 1.0.15 ---- Service (*** hidden *** ) [BOOT] rlmij <-- ROOTKIT !!! ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272013b31 Reg HKLM\SYSTEM\CurrentControlSet\Services\rlmij@Type 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\rlmij@Start 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\rlmij@ErrorControl 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\rlmij@Group Boot Bus Extender Reg HKLM\SYSTEM\ControlSet002\Services\rlmij@Type 1 Reg HKLM\SYSTEM\ControlSet002\Services\rlmij@Start 0 Reg HKLM\SYSTEM\ControlSet002\Services\rlmij@ErrorControl 0 Reg HKLM\SYSTEM\ControlSet002\Services\rlmij@Group Boot Bus Extender Reg HKLM\SYSTEM\ControlSet003\Services\rlmij@Type 1 Reg HKLM\SYSTEM\ControlSet003\Services\rlmij@Start 0 Reg HKLM\SYSTEM\ControlSet003\Services\rlmij@ErrorControl 0 Reg HKLM\SYSTEM\ControlSet003\Services\rlmij@Group Boot Bus Extender Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\000272013b31 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\rlmij@Type 1 Reg HKLM\SYSTEM\ControlSet004\Services\rlmij@Start 0 Reg HKLM\SYSTEM\ControlSet004\Services\rlmij@ErrorControl 0 Reg HKLM\SYSTEM\ControlSet004\Services\rlmij@Group Boot Bus Extender ---- EOF - GMER 1.0.15 ---- und hier die Logdatei von OSAM: Code: Report of OSAM: Autorun Manager v5.0.11926.0Danke, Daveomillo |
Zitat:
Poste danach ein neues OSAM Log um zu kontrollieren, dass der Eintrag auch wirklich weg ist. |
Hallo. Hier der neue Osam Log. Habe alle Schritte zuvor ausgeführt. Code: Report of OSAM: Autorun Manager v5.0.11926.0 |
Gut, der Eintrag ist deaktiviert. Bitte jetzt nen Vollscan mit malwarebytes machen und Log posten. Aktualisiere das Programm vorher!! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
|
o.k. hier zuerst der Log von malewarebytes: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4134 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 24.05.2010 00:45:32 mbam-log-2010-05-24 (00-45-32).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 274337 Laufzeit: 1 Stunde(n), 4 Minute(n), 7 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> No action taken. Danke Daveomillo |
gut. und jetzt noch der Log von OTL. war übrigens nur 1 Datei, nicht wie in der Beschreibung 2 Logdateien: Code: OTL logfile created on: 24.05.2010 00:58:02 - Run 1Daveomillo |
Das andere Log ist nicht ganz so wichtig, brauch ich nicht unbedingt. Das Log was Du gepostet hast, sieht unauffällig aus. Noch Probleme oder Meldungen? |
Hallo. Ist mein System nun wieder komplett sauber? Hab eben noch nen Quickscann von Malewarebytes gemacht (s. u.), keine Meldung. Im vorherigen Vollscann (wie von Dir empfohlen) war noch eine Meldung (Infizierte Dateien: C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> No action taken.) Den Eintrag hab ich eben gelöscht aus der Quarantaine. Noch ne Frage: Telekom hat mir den Versand von emails z. Zt. beschränkt (abuse-Meldung). Kann ich mir mittlerweile die Sperre wieder freischalten lassen, sprich, ist also mein system wieder sauber? Hier der aktuellste Log von Malewarebytes allerdings nur quickscann: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4137 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 24.05.2010 15:56:43 mbam-log-2010-05-24 (15-56-43).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 129677 Laufzeit: 5 Minute(n), 18 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) vielen Dank Daveomillo |
Hab nochmal einen Vollscann in Malewarebytes gemacht, kein Eintrag mehr (s. Logdatei hier). D.h., eigentlich ist jetzt alles wieder sauber, oder? Hier die Logdatei v. Malewarebytes: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4138 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 24.05.2010 17:23:38 mbam-log-2010-05-24 (17-23-38).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 276248 Laufzeit: 1 Stunde(n), 5 Minute(n), 56 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) vielen Dank Daveomillo |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 16:31 Uhr. |
Copyright ©2000-2025, Trojaner-Board