Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: TR/Rootkit.Gen in fuodwd.sys

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 31.05.2010, 21:58   #16
Avanki
 
TR/Rootkit.Gen in fuodwd.sys - Standard

TR/Rootkit.Gen in fuodwd.sys



Gmer Part1 :

GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover
Rootkit scan 2010-05-31 22:39:39
Windows 6.1.7600
Running: 0joy4kic.exe; Driver: C:\Users\MIA\AppData\Local\Temp\ufldypow.sys


---- System - GMER 1.0.15 ----

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82025AF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82025104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 820253F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8200E2D8
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8200D898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 820251DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82025958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 820256F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82025F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 820261A8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82085599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 820A9F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text peauth.sys A4962C9D 28 Bytes [84, F3, 33, 78, FB, E3, 63, ...]
.text peauth.sys A4962CC1 28 Bytes [84, F3, 33, 78, FB, E3, 63, ...]
PAGE peauth.sys A4968E20 101 Bytes [89, FA, 9F, C8, 9D, 08, 94, ...]
PAGE peauth.sys A496902C 102 Bytes [10, 8B, 4D, C3, 87, 54, C3, ...]

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\system32\taskhost.exe[736] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\taskhost.exe[736] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\taskhost.exe[736] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\taskhost.exe[736] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\taskhost.exe[736] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\taskhost.exe[736] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Windows\system32\taskhost.exe[736] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\taskhost.exe[736] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\taskhost.exe[736] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\taskhost.exe[736] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Users\MIA\Desktop\0joy4kic.exe[1576] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Users\MIA\Desktop\0joy4kic.exe[1576] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Users\MIA\Desktop\0joy4kic.exe[1576] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Users\MIA\Desktop\0joy4kic.exe[1576] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Users\MIA\Desktop\0joy4kic.exe[1576] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Users\MIA\Desktop\0joy4kic.exe[1576] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Users\MIA\Desktop\0joy4kic.exe[1576] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Users\MIA\Desktop\0joy4kic.exe[1576] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Users\MIA\Desktop\0joy4kic.exe[1576] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Users\MIA\Desktop\0joy4kic.exe[1576] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\Explorer.EXE[2052] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\Explorer.EXE[2052] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\Explorer.EXE[2052] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\Explorer.EXE[2052] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\Explorer.EXE[2052] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\Explorer.EXE[2052] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Windows\Explorer.EXE[2052] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\Explorer.EXE[2052] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\Explorer.EXE[2052] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\Explorer.EXE[2052] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxtray.exe[2356] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxtray.exe[2356] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxtray.exe[2356] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxtray.exe[2356] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxtray.exe[2356] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxtray.exe[2356] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Windows\System32\igfxtray.exe[2356] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxtray.exe[2356] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxtray.exe[2356] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxtray.exe[2356] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\hkcmd.exe[2364] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\hkcmd.exe[2364] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\hkcmd.exe[2364] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\hkcmd.exe[2364] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\hkcmd.exe[2364] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\hkcmd.exe[2364] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Windows\System32\hkcmd.exe[2364] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\hkcmd.exe[2364] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\hkcmd.exe[2364] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\hkcmd.exe[2364] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxpers.exe[2376] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxpers.exe[2376] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxpers.exe[2376] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxpers.exe[2376] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxpers.exe[2376] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxpers.exe[2376] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Windows\System32\igfxpers.exe[2376] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxpers.exe[2376] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxpers.exe[2376] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\System32\igfxpers.exe[2376] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\igfxsrvc.exe[2440] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\igfxsrvc.exe[2440] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\igfxsrvc.exe[2440] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\igfxsrvc.exe[2440] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\igfxsrvc.exe[2440] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\igfxsrvc.exe[2440] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Windows\system32\igfxsrvc.exe[2440] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\igfxsrvc.exe[2440] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\igfxsrvc.exe[2440] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Windows\system32\igfxsrvc.exe[2440] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\iTunes\iTunesHelper.exe[2484] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\iTunes\iTunesHelper.exe[2484] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\iTunes\iTunesHelper.exe[2484] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\iTunes\iTunesHelper.exe[2484] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\iTunes\iTunesHelper.exe[2484] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\iTunes\iTunesHelper.exe[2484] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\iTunes\iTunesHelper.exe[2484] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\iTunes\iTunesHelper.exe[2484] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\iTunes\iTunesHelper.exe[2484] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\iTunes\iTunesHelper.exe[2484] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!CreateDialogParamW 77009BFF 5 Bytes JMP 6A4FC548 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!EnableWindow 7700A72E 5 Bytes JMP 6A4FC4C3 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!GetAsyncKeyState 7700C09A 5 Bytes JMP 6A4BD6C9 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!UnhookWindowsHookEx 7700CC7B 5 Bytes JMP 6A5B82FA C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!CallNextHookEx 7700CC8F 5 Bytes JMP 6A599D00 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!CreateWindowExW 77010E51 5 Bytes JMP 6A5A80F7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!SetWindowsHookExW 7701210A 5 Bytes JMP 6A5545DB C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!GetKeyState 77014FDA 5 Bytes JMP 6A4FD73A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!IsDialogMessageW 77016F06 5 Bytes JMP 6A4C425C C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!CreateDialogParamA 77023E79 5 Bytes JMP 6A6CFE19 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!IsDialogMessage 7702407A 5 Bytes JMP 6A6CF6BA C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!CreateDialogIndirectParamA 77029110 5 Bytes JMP 6A6CFE50 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!CreateDialogIndirectParamW 770308AD 5 Bytes JMP 6A6CFE87 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!DialogBoxIndirectParamW 77034AA7 5 Bytes JMP 6A6CF218 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!EndDialog 7703555C 5 Bytes JMP 6A4C5AC1 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!DialogBoxParamW 7703564A 5 Bytes JMP 6A4C4B7F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!SetKeyboardState 77036B52 5 Bytes JMP 6A6CFA1F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!SendInput 77037055 5 Bytes JMP 6A6D05E8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!SetCursorPos 7704C1D8 5 Bytes JMP 6A6D0640 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!DialogBoxParamA 7704CF6A 5 Bytes JMP 6A6CF1B5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!DialogBoxIndirectParamA 7704D29C 5 Bytes JMP 6A6CF27B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!MessageBoxIndirectA 7705E8C9 5 Bytes JMP 6A6CF14A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!MessageBoxIndirectW 7705E9C3 5 Bytes JMP 6A6CF0DF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!MessageBoxExA 7705EA29 5 Bytes JMP 6A6CF07D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!MessageBoxExW 7705EA4D 5 Bytes JMP 6A6CF01B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] USER32.dll!keybd_event 7705EC9B 5 Bytes JMP 6A6D0973 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] SHELL32.dll!SHChangeNotification_Lock + 45BA 75D7B3E8 4 Bytes [11, 36, F5, 67]
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] SHELL32.dll!SHChangeNotification_Lock + 45C2 75D7B3F0 8 Bytes [5F, 35, F5, 67, D0, 73, F4, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] ole32.dll!OleLoadFromStream 77435B88 5 Bytes JMP 6A6CF576 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] ole32.dll!CoCreateInstance 774857FC 5 Bytes JMP 6A5A8BE5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] ws2_32.DLL!closesocket 76FC3BED 5 Bytes JMP 64CFEEE9 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] ws2_32.DLL!socket 76FC3F00 5 Bytes JMP 64CFE59E C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] ws2_32.DLL!recv 76FC47DF 5 Bytes JMP 64CFF1C3 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] ws2_32.DLL!connect 76FC48BE 5 Bytes JMP 64CFE62A C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] ws2_32.DLL!getaddrinfo 76FC6737 5 Bytes JMP 64CFE71D C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2504] ws2_32.DLL!send 76FCC4C8 5 Bytes JMP 64CFE9ED C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Windows Sidebar\sidebar.exe[2596] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Windows Sidebar\sidebar.exe[2596] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Windows Sidebar\sidebar.exe[2596] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Windows Sidebar\sidebar.exe[2596] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Windows Sidebar\sidebar.exe[2596] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Windows Sidebar\sidebar.exe[2596] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\Windows Sidebar\sidebar.exe[2596] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Windows Sidebar\sidebar.exe[2596] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Windows Sidebar\sidebar.exe[2596] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Windows Sidebar\sidebar.exe[2596] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] KERNEL32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] kernel32.dll!VirtualProtect 771150AB 5 Bytes JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!SetWindowPlacement 77008169 5 Bytes JMP 660343DC C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!MoveWindow 7700A8C4 5 Bytes JMP 660346D7 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!DeferWindowPos 7700C338 5 Bytes JMP 66033D58 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!CreateWindowExW 77010E51 5 Bytes JMP 6A5A80F7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!SetWindowPos 77013581 2 Bytes JMP 66034826 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!SetWindowPos + 3 77013584 2 Bytes [02, EF] {ADD CH, BH}
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!GetWindowRect 77017450 5 Bytes JMP 660349B2 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!EndPaint 77017B73 5 Bytes JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!BeginPaint 77017B87 5 Bytes JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!DialogBoxIndirectParamW 77034AA7 5 Bytes JMP 6A6CF218 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!DialogBoxParamW 7703564A 5 Bytes JMP 6A4C4B7F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!GetWindowPlacement 77036BD0 5 Bytes JMP 6603452D C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!DialogBoxParamA 7704CF6A 5 Bytes JMP 6A6CF1B5 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!DialogBoxIndirectParamA 7704D29C 5 Bytes JMP 6A6CF27B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!MessageBoxIndirectA 7705E8C9 5 Bytes JMP 6A6CF14A C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)

Alt 31.05.2010, 21:59   #17
Avanki
 
TR/Rootkit.Gen in fuodwd.sys - Standard

TR/Rootkit.Gen in fuodwd.sys



Gmer Part2 :

.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!MessageBoxIndirectW 7705E9C3 5 Bytes JMP 6A6CF0DF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!MessageBoxExA 7705EA29 5 Bytes JMP 6A6CF07D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3952] USER32.dll!MessageBoxExW 7705EA4D 5 Bytes JMP 6A6CF01B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\system32\taskhost.exe[736] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66058C0B] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\system32\taskhost.exe[736] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66058BA0] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\system32\taskhost.exe[736] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66058BA0] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\system32\taskhost.exe[736] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66058C0B] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\system32\taskhost.exe[736] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExA] [66058B43] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\system32\taskhost.exe[736] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66058C0B] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\system32\taskhost.exe[736] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66058BA0] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\system32\taskhost.exe[736] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66058B43] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\system32\msiexec.exe[1428] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [757F5D3D] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[1428] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [757F5D3D] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[1428] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [757F5D3D] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[1428] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [757F5D3D] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[1428] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [757F5D3D] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\Dwm.exe[1584] @ C:\Windows\system32\ole32.dll [USER32.dll!GetSysColor] [6605BAED] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [66058B43] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [66058C0B] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [66058BA0] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\Explorer.EXE [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\Explorer.EXE [USER32.dll!UpdateLayeredWindow] [66059343] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\Explorer.EXE [USER32.dll!UpdateLayeredWindowIndirect] [66058C5D] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\Explorer.EXE [USER32.dll!EndPaint] [66059DD7] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\Explorer.EXE [USER32.dll!LoadImageW] [6600ABEE] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\Explorer.EXE [USER32.dll!BeginPaint] [66059AB8] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\Explorer.EXE [USER32.dll!DrawTextW] [6605C0F9] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [66058BA0] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [66058C0B] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExA] [66058B43] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [66058C0B] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [66058BA0] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [66058B43] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6600ABEE] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DrawTextW] [6605C0F9] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\SHELL32.dll [USER32.dll!BeginPaint] [66059AB8] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\SHELL32.dll [USER32.dll!EndPaint] [66059DD7] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [66058BA0] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [66058C0B] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [66058C0B] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [66058BA0] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryExA] [66058B43] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [66058C0B] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [66058BA0] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\Explorer.EXE[2052] @ C:\Windows\system32\WININET.dll [USER32.dll!LoadImageW] [6600ABEE] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe[2300] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\CyberLink\YouCam\YouCamTray.exe[2332] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2340] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\System32\igfxtray.exe[2356] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\System32\igfxtray.exe[2356] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\System32\igfxtray.exe[2356] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\System32\hkcmd.exe[2364] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\System32\hkcmd.exe[2364] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\System32\hkcmd.exe[2364] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\System32\igfxpers.exe[2376] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\System32\igfxpers.exe[2376] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Windows\System32\igfxpers.exe[2376] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\iTunes\iTunesHelper.exe[2484] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\iTunes\iTunesHelper.exe[2484] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\iTunes\iTunesHelper.exe[2484] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [67F39F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [67F43932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [67F41ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [67F3C028] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [67F43B9B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [67F4595C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [67F447A8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [67F44EB8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [67F41D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [67F3F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [67F39F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [67F41BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [67F406BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [67F3FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [67F41ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [67F41A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [67F40043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [67F40CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [67F43932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [67F41BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [67F39F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [67F406BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [67F41BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [67F40CA0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [67F42ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [67F3F1BB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [67F3F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [67F3FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [67F41A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [67F41ED3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [67F44EB8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [67F447A8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [67F3DF55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [67F406BA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [67F43932] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [67F3DCFA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [67F3DE25] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [67F40571] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [67F39F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [67F41D43] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [67F3DBCF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [67F441F1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [67F4595C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [67F44735] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [67F44B56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [67F4823A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [67F489C0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [67F48584] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [67F47E55] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [67F48CD4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [67F490D9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [67F47C72] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [67F48D26] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [67F47F8E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [67F4794A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [67F47D19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [67F48898] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [67F486C0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [67F48760] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsContentTypeW] [67F47EF3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegQueryUSValueW] [67F49B99] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegEnumUSKeyW] [67F4958E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyA] [67F499D2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [67F48026] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [67F47F42] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [67F47AE4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [67F497FC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCanonicalizeW] [67F47BD1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [67F49C52] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [67F498B5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [67F477ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [67F496FD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [67F481EE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [67F480BE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [67F48286] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [67F48D75] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [67F47DBA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [67F48F70] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [67F4892C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegOpenUSKeyW] [67F49A2A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [67F492E3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [67F49E71] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [67F48E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [67F47B33] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [67F49029] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [67F4789A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [67F483BC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [67F4861C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [67F48A5E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [67F48454] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [67F484EC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [67F49974] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [67F48EBD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [67F3D9AD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6600ABEE] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [67F41904] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [67F4141F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [67F41A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [67F409C2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [67F3FAB6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [67F3F834] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [67F3F084] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [67F427FF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [67F41BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [67F3F312] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [67F3EB7A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [67F3E563] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [67F42ADB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [67F427DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [67F3E901] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [67F40043] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [67F3EE02] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [67F41BBF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [67F41A3B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [67F39F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [67F49974] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [67F49916] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [67F48A0C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [67F48D26] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [67F48E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [67F47D19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [67F48FCE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [67F49E16] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [67F49029] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [67F49E71] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [67F47C72] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [67F39F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[2504] @ C:\Windows\System32\Secur32.dll [KERNEL32.dll!GetProcAddress] [67F39F14] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2528] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2556] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2596] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2596] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2596] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Pegatron\Hotkey\PHControl.exe[2608] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2716] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe[2800] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] @ C:\Windows\system32\shell32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] @ C:\Windows\system32\shell32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe[2892] @ C:\Windows\system32\shell32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3952] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [6600ABEE] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3952] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetWindowDC] [66033E76] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3952] @ C:\Windows\system32\SHELL32.dll [USER32.dll!FillRect] [6605BB09] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3952] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!CreateCompatibleDC] [6605BC58] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[3952] @ C:\Windows\system32\WININET.dll [USER32.dll!LoadImageW] [6600ABEE] C:\Program Files\Stardock\MyColors\WBLIND.dll (WindowBlinds/Stardock Corporation)

---- Devices - GMER 1.0.15 ----

Device \Driver\ACPI_HAL \Device\00000047 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002243ee27c4
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002243faceb1
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002243faceb1@001fe4520ebd 0x65 0x5F 0x44 0x8C ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002243ee27c4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002243faceb1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002243faceb1@001fe4520ebd 0x65 0x5F 0x44 0x8C ...
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex@LazyCheckPointUpdateInterval
__________________


Alt 31.05.2010, 22:01   #18
Avanki
 
TR/Rootkit.Gen in fuodwd.sys - Standard

TR/Rootkit.Gen in fuodwd.sys



Bekommen wir das in den Griff,oder doch besser Format C:\ und dann nen XP drauf machen? (Wäre meine alternative wenn es zu doll ist
__________________

Alt 31.05.2010, 22:48   #19
undoreal
/// AVZ-Toolkit Guru
 
TR/Rootkit.Gen in fuodwd.sys - Standard

TR/Rootkit.Gen in fuodwd.sys



Zitat:
Zitat von Avanki Beitrag anzeigen
Bekommen wir das in den Griff,oder doch besser Format C:\ und dann nen XP drauf machen? (Wäre meine alternative wenn es zu doll ist
Ohne Windows CD kann ich dir die atapi.sys nicht wirklich gut gradebiegen. Das ist weniger gut daher musst du dann neuaufsetzen.

Bereinigung nach einer Kompromitierung


Hinweis: Die Analyse eines Virenscanners ist völlig unzureichend, um Aussagen über das System zu machen!

Leider tauchen momentan immer mehr Schädlinge auf die sich in den Master Boot Record, kurz MBR einschreiben. Dieser wird bei einer herkömmlichen Neuinstallation nicht komplett überschrieben und stellt somit ein erhebliches Sicherheitsrisiko dar. Vor der Neuinstallation sollte daher sichergegangen werden, dass der MBR in Ordnung ist.

Master Boot Record reparieren:

Vista/Win7:

Um die Wiederherstellungskonsole zu starten, einfach die Windows Vista DVD in das Laufwerk legen und davon booten.
Nach kurzer Zeit wird nach den gewünschten Länder und Spracheinstellungen gefragt.

Im anschließenden Fenster kann man über den Eintrag "Systemwiederherstellungsoptionen" die Wiederherstellungskonsole öffnen.

Durch klicken auf "Weiter" wird Windows veranlasst nach gültigen Windows Installationen auf der Festplatte zu suchen. Anschließend wird eine Liste der gefundenen Installationen zur Auswahl angezeigt.

Nach der Auswahl der gewünschten Windows-Version wird ein neues Fenster geöffnet welches die folgenden Möglichkeiten anbietet:

- Systemreparatur: Automatisches Reparieren von Windows Startproblemen (Bootsector usw.)
- Systemwiederherstellung: Herstellen von Windows über vorhandene Wiederherstellungspunkte
- Windows Komplett Wiederherstellung: Komplettes wiederherstellen eines Windows-Backups
- Windows Speicher Diagnose Tool: Arbeitsspeicher auf Fehler überprüfen (Neustart erforderlich)
- Eingabeaufforderung: Kommandozeile/Eingabeaufforderung

Öffne die Eingabeaufforderung, gib Bootrec.exe ein drücke Enter.

Wähle die /FixMBR Option. fixmbr reinschreiben und Enter drücken.


XP:

Um die Wiederherstellungskonsole zu starten, einfach die Windows XP CD in das Laufwerk legen und davon booten.. Wenn du dazu aufgefordert wirst, wähle die erforderliche Optionen für den Start von der Installations-CD aus.
Wenn der textbasierte Teil des Setups startet, wähle die Option zum Reparieren oder Wiederherstellen, indem du die Taste [R] drückt.
Gegebenfalls nun das Administratorkennwort eingeben.
Nun gelangst du zur Eingabeaufforderung der Wiederherstellungskonsole.

Dort bitte den Befehl fixmbr eingeben und mit Enter bestätigen.

Um die Wiederherstellungskonsole zu beenden und den Computer neu zu starten, gibst du 'exit' ein.


Einen Personal Computer neuaufsetzen:

Lies dir bitte bevor du dich an die Arbeit machst folgende Anleitung ganz genau durch:

Neuaufsetzen des Systems mit abschließender Absicherung.

Wenn du diese Anleitung zum Neuaufsetzen nicht ganz genau befolgst ist das Neuaufsetzen sinnlos!

Alle Festplatten müssen komplett formatiert werden!

Daten solltest du am besten keine sichern.
Wenn du sehr wichtige, unersetzliche Dateien sichern möchtest so musst du dies nach strengen Kriterien tun:

a) Die Datei darf nicht ausführbar sein. Das heisst sie darf keine der hier aufgeführte Dateiendung haben. Beachte bitte, dass einige Schädlinge ihre Dateiendung tarnen. Abhilfe schafft hier eine vernünftige Ordneransicht.

b) Jede Datei sollte, bevor sie wieder auf den frischen Rechner gelangt mit MWAV durchsucht werden.

c) Auch wenn du die Punkte a) und b) ganz genau einhältst sind die Dateien nicht vertrauenswürdig!!
Schädlinge können auch nicht-ausführbare Dateien wie .mp3 .doc usw. infizieren!! Und MWAV sowie andere AV-Scanner findet nur einen Bruchteil aller infizierten Dateien!

Außerdem sollte die Sicherung über eine LiveCD geschehen da sich Viren gerne an Dateien anhängen oder externe Datenträger infizieren.
Das wird durch die Nutzung einer LiveCD verhindert.
Auf Grund der bekannten Oberfläche empfehle ich Windows7PE.
Die PC-Welt stellt folgendes Paket zur Erstellung bereit: Rettungssystem für XP, Vista und Windows 7 - PC-WELT


Nachdem du neuaufgesetzt hast musst du unbedingt alle Passwörter und Zugangsaccounts ändern!!!
__________________
- Sämtliche Hilfestellungen im Forum werden ohne Gewährleistung oder Haftung gegeben -

Antwort

Themen zu TR/Rootkit.Gen in fuodwd.sys
adobe, antivir, antivir guard, avg, avira, bho, bonjour, browser, desktop, ebay, explorer, fuodwd.sys, gelöscht, hijackthis, hotkey, internet, internet explorer, menu.exe, micro, microsoft, plug-in, realtek, rundll, rundll32, software, system, tr/rootkit.gen, windows




Ähnliche Themen: TR/Rootkit.Gen in fuodwd.sys


  1. - Rootkit entdeckt ! Win7 - Anti-Rootkit o. Neuinstallation ?
    Plagegeister aller Art und deren Bekämpfung - 15.02.2014 (13)
  2. GMER - Rootkit Scanner - VMAUTHSERVICE Rootkit
    Log-Analyse und Auswertung - 27.10.2013 (5)
  3. Rootkit, Bootkit, Rootkit.win32.tdss.ld4 - ich weiss nicht weiter..
    Log-Analyse und Auswertung - 18.03.2013 (1)
  4. Rootkit Infektion, danach Windows-Neuinstallation, GMER zeigt erneut Rootkit Aktivitäten an (Avast! false positive?)
    Log-Analyse und Auswertung - 05.03.2013 (2)
  5. Rootkit.0Access / Rootkit.Agent
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (1)
  6. Rootkit.gen gefunden/Rootkit-Befall - Bin ich im dran? Brauche dringend Beratung !!!
    Plagegeister aller Art und deren Bekämpfung - 25.05.2012 (3)
  7. Starforce? Rootkit Rootkit.TDSS! Bluescreens und Mbr laufend beschädigt!
    Plagegeister aller Art und deren Bekämpfung - 02.03.2011 (9)
  8. Absturz durch Rootkit beim GMER Rootkit Scan
    Plagegeister aller Art und deren Bekämpfung - 16.12.2010 (4)
  9. Pc Absturz durch Rootkit bei GMER Rootkit Scan
    Plagegeister aller Art und deren Bekämpfung - 12.08.2010 (20)
  10. Tr/rootkit.gen windows/system32/Drivers.lnuuf.sys (rootkit Agent)
    Plagegeister aller Art und deren Bekämpfung - 29.05.2010 (1)
  11. TR/Rootkit.Gen
    Plagegeister aller Art und deren Bekämpfung - 05.04.2010 (12)
  12. Ist 'TR/Rootkit.Gen' ein Rootkit, oder nicht?
    Log-Analyse und Auswertung - 06.03.2010 (41)
  13. MBR Rootkit? Was nun tun?
    Plagegeister aller Art und deren Bekämpfung - 07.06.2009 (1)
  14. TR/Crypt.XDR.gen, Rootkit.Kobcka.B, Trojan/Win32.Agent, Rootkit-Agent.CW atd.
    Plagegeister aller Art und deren Bekämpfung - 11.04.2009 (1)
  15. TR/Rootkit.Gen
    Antiviren-, Firewall- und andere Schutzprogramme - 31.03.2009 (1)
  16. TR/Rootkit.Gen
    Plagegeister aller Art und deren Bekämpfung - 14.09.2006 (1)
  17. Rootkit?!
    Log-Analyse und Auswertung - 12.08.2006 (2)

Zum Thema TR/Rootkit.Gen in fuodwd.sys - Gmer Part1 : GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover Rootkit scan 2010-05-31 22:39:39 Windows 6.1.7600 Running: 0joy4kic.exe; Driver: C:\Users\MIA\AppData\Local\Temp\ufldypow.sys ---- System - GMER 1.0.15 ---- INT 0x1F - TR/Rootkit.Gen in fuodwd.sys...
Archiv
Du betrachtest: TR/Rootkit.Gen in fuodwd.sys auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.