Sponsored By

Jared

Cannot Delete Trojan Virus

Recommended Posts

Hello again,

First, Boot from your Vista installation CD.

Select your Vista Install from the list in “Windows Boot Manager”

· Microsoft Vista Setup (x86)

· Microsoft Vista Setup (x64)

Press enter.

You will then see “Windows is Loading Files”.

Next, the “Language Screen” will come up. Since you have already selected this option when you installed Vista, just click on “Next”.

Now you will see the “Vista Installation Screen”

DO NOT CHOOSE “Install Now”

Instead, towards the bottom left of the window you will see.

· “What to know before installing Windows

· “Repair your Computer

Choose and click on “Repair your Computer”

You will then come to the “System Recovery Options”. Choose “Microsoft Windows Vista” from the list. Then click “ Next”.

You will now have the option to choose which “Recovery Tools” you wish to use.

1. “Startup Repair”

Automatically fix problems that are preventing Windows from starting.

Please select #1 and let me know how it goes.

Share this post


Link to post
Share on other sites

It's not letting me boot from the Vista CD, but my computer is working in normal mode now, still it is running very slowly.

Is there any other way we can fix it without the Vista CD?

Share this post


Link to post
Share on other sites

Lets next generate a System Health Check

Go to your Start Menu and click on "Control Panel". In the Control Panel Window, (for Classic View) Double Click on "Performance Information and Tools" icon. (For Control Panel Home View), click "System and Maintenance" > "Performance Information and Tools"

In the Performance Information and Tools Window, under "Tasks". Choose "Advanced Tools" then at the bottom of the list choose "Generate A System Health Report".

This will run a check on your system and file a series of reports Do not worry if it take longer then the 60 seconds it says it will take. Could be up to a couple of minutes.

This will scan and file a report on every aspect of your PC. From the OS to Hard Drives, Memory to your Network.

When this report is finished. In the first two columns. Under "Basic System Check", check "Results" and under "Resource Overview", check "Status" and report if any of these give you anything but a green light and say failed.

This way we can narrow down the field for your problem.

Please report back your findings.

Share this post


Link to post
Share on other sites

OS Checks, Disk Checks and the Security Center Tests all passed, but the System Service Checks and Hardware Device and Driver Checks both failed.

I took a screen shot for you:

checkscreenjs8.jpg

Edited by Jared

Share this post


Link to post
Share on other sites

Hello again,

Please Right-Click on "My Computer" in the main start menu and click on "Properties" Choose "Device Manager" under "Tasks". Look and let me know if any of the devices have a yellow question mark. If one or more do, let me know which ones.

Share this post


Link to post
Share on other sites

Hello again,

Step 1

Please download ATF Cleaner by Atribune.

On Windows Vista that "Windows Temp" is disabled, to empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator"

  • Double-click ATF-Cleaner.exe to run the program.
    Under Main choose: Select All
    Click the Empty Selected button.

If you use Firefox browser

  • Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

  • Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

Step 2

Now please defragment your hardrive by using the built in Vista one, or use the following link.

http://www.besttechie.net/forums/Disk-Defr...sta-t12630.html

Step 3

Also can you use the DVD player on your PC?

Share this post


Link to post
Share on other sites

Hi, thanks for the reply again, did the ATF Cleaner, and the defragment.

I believe the DVD player on my computer is function properly in normal mode, but it just wouldn't allow me to boot from the Vista disc for some reason.

Share this post


Link to post
Share on other sites

Hi again,

Please go HERE to run Panda's TotalScan

  • Select the bubble for Full scan
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • Then the scan will begin
  • When the scan completes, click the Save button on the right of Scan details
  • Save it to a convenient location. Post the contents of the TotalScan report

Share this post


Link to post
Share on other sites

Thanks for the reply and sorry for replying so late, I've been very busy and haven't had time to use the computer, its still running very badly so I hope the results of this scan show some insight into whats wrong.

;*******************************************************************************

*********************************************************************************

*******************

ANALYSIS: 2007-10-18 14:23:10

PROTECTIONS: 2

MALWARE: 34

SUSPECTS: 0

;*******************************************************************************

*********************************************************************************

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

=================================================================================

===================

avast! antivirus 4.7.1043 [VPS 000782-1] 4.7.1043 No Yes

Windows Live OneCare 1.0.0 No Yes

;===============================================================================

=================================================================================

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

=================================================================================

===================

00034347 dialer.su Dialers No 0 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\switch

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.doubleclick.net/]

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.atdmt.com/]

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt

00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.tradedoubler.com/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]

00145460 Cookie/2o7 TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.2o7.net/]

00145460 Cookie/2o7 TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.tribalfusion.com/]

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.mediaplex.com/]

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.com.com/]

00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.xiti.com/]

00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies-1.txt[.azjmp.com/]

00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies-1.txt[.azjmp.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.statcounter.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[ad.yieldmanager.com/]

00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.burstnet.com/]

00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.burstnet.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.bs.serving-sys.com/]

00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.adtech.de/]

00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[server.iad.liveperson.net/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.advertising.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.overture.com/]

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.realmedia.com/]

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.realmedia.com/]

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.questionmarket.com/]

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.questionmarket.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.zedo.com/]

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.adrevolver.com/]

00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.bravenet.com/]

00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.bravenet.com/]

00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.atwola.com/]

00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.addynamix.com/]

01168731 Spyware/Virtumonde Spyware No 1 Yes No C:\Program Files\Alwil Software\Avast4\DATA\moved\epvpqyit.dll.vir

01168731 Spyware/Virtumonde Spyware No 1 Yes No C:\Program Files\Alwil Software\Avast4\DATA\moved\ijophorg.dll.vir

02133701 Trj/Downloader.QGS Virus/Trojan No 0 No No C:\Deckard\System Scanner\20070923081721\backup\Users\Grant\AppData\Local\Temp\PC Tools Spyware Doctor 5.0.rar[patch.exe]

02137870 Spyware/Virtumonde Spyware No 1 No No C:\Deckard\System Scanner\20070923081721\backup\Users\Grant\AppData\Local\Temp\PC Tools Spyware Doctor 5.0.rar[keygen.exe]

02287815 Adware/SpywareNo Adware No 0 No No C:\Deckard\System Scanner\20070923081721\backup\Users\Grant\AppData\Local\Temp\PC Tools Spyware Doctor 5.0.rar[crack.exe]

02402148 Application/Playmp3z HackTools No 0 Yes No C:\Users\Grant\Desktop\SHOW_PORN_VIDEO.exe

;===============================================================================

=================================================================================

===================

SUSPECTS

Location

;===============================================================================

=================================================================================

===================

;===============================================================================

=================================================================================

===================

Share this post


Link to post
Share on other sites

Hi,

Step 1

Download ComboFix from Here or Here to your Desktop.

  • Double click combofix.exe and follow the prompts.
  • When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Step 2

Download GMER from here:

http://www.gmer.net/files.php

Unzip it to the desktop.

Open the program and click on the Rootkit tab.

Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.

Click on Scan.

When the scan has run click Copy and paste the results (if any) into this thread.

Edited by MoNsTeReNeRgY22

Share this post


Link to post
Share on other sites

Hi, it kept saying that there was a memory error when I tried to run ComboFix.

But I ran GMER.

Hijack This Log:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:37, on 2007-10-21

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16546)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\GameSpy\Comrade\Comrade.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\PC Connectivity Solution\NclBTHandler.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe" /waitservice

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O13 - Gopher Prefix:

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab

O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--

End of file - 6087 bytes

GMER log:

GMER 1.0.13.12551 - http://www.gmer.net

Rootkit scan 2007-10-21 15:35:41

Windows 6.0.6000

---- User code sections - GMER 1.0.13 ----

.text C:\Program Files\GameSpy\Comrade\Comrade.exe[2388] WS2_32.dll!sendto 766F3DD4 5 Bytes JMP 03F71BB0 c:\program files\gamespy\comrade\154\DetectLib.dll

.text C:\Program Files\GameSpy\Comrade\Comrade.exe[2388] WS2_32.dll!WSASendTo 7670A40C 5 Bytes JMP 03F71BF0 c:\program files\gamespy\comrade\154\DetectLib.dll

---- User IAT/EAT - GMER 1.0.13 ----

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [6E9D8B5F] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!OpenFile] [6E9D8CB4] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!MoveFileW] [6E9D8B5F] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [6E9D2E1C] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [6E9D2C06] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [6E9D2A08] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!AccessCheck] [6E9D886A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueW] [6E9D9A83] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6E9D8F7E] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6E9DA2A5] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueA] [6E9D9C87] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!SetFileSecurityW] [6E9D9E24] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!AccessCheck] [6E9D886A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!MoveFileExW] [6E9D8C44] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6E9D8B5F] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6E9D8C44] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW] [6E9D9A83] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW] [6E9D94C8] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!SetFileSecurityW] [6E9D9E24] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!AccessCheck] [6E9D886A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!PrivCopyFileExW] [6E9D8F1A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!MoveFileExW] [6E9D8C44] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!SetFileSecurityW] [6E9D9E24] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\ADVAPI32.DLL [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\ADVAPI32.DLL [KERNEL32.dll!OpenFile] [6E9D8CB4] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\ADVAPI32.DLL [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\ADVAPI32.DLL [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\ADVAPI32.DLL [KERNEL32.dll!MoveFileW] [6E9D8B5F] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\ADVAPI32.DLL [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [6E9D8B5F] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6E9D8F7E] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6E9DA2A5] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueA] [6E9D9C87] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6E9D8B5F] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6E9D8C44] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW] [6E9D9A83] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW] [6E9D94C8] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!SetFileSecurityW] [6E9D9E24] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!AccessCheck] [6E9D886A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [KERNEL32.dll!CreateProcessW] [6E9D2E1C] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [KERNEL32.dll!GetFileAttributesExW] [6E9D2C06] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [KERNEL32.dll!GetFileAttributesW] [6E9D2A08] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!AccessCheck] [6E9D886A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!RegSetValueW] [6E9D9A83] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!SetFileSecurityW] [6E9D9E24] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!AccessCheck] [6E9D886A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!MoveFileExW] [6E9D8C44] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!PrivCopyFileExW] [6E9D8F1A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!MoveFileExW] [6E9D8C44] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!SetFileSecurityW] [6E9D9E24] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteValueA] [6E9D9C87] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CopyFileA] [6E9D88CE] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetFileAttributesA] [6E9D8F7E] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!MoveFileExA] [6E9D8BD4] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!MoveFileA] [6E9D8AEA] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!DeleteFileA] [6E9D8A40] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateFileA] [6E9DA2A5] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!CreateFileA] [6E9DA2A5] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL

IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CLOSE [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_READ [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_WRITE [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_INFORMATION [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_INFORMATION [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_EA [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_EA [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_FLUSH_BUFFERS [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DEVICE_CONTROL [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [8A5C12C0] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SHUTDOWN [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_LOCK_CONTROL [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CLEANUP [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE_MAILSLOT [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_SECURITY [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_SECURITY [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_POWER [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SYSTEM_CONTROL [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DEVICE_CHANGE [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_QUOTA [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_QUOTA [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_CREATE [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_CREATE_NAMED_PIPE [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_CLOSE [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_READ [82BC0038] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_WRITE [82BC0160] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_QUERY_INFORMATION [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SET_INFORMATION [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_QUERY_EA [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SET_EA [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_QUERY_VOLUME_INFORMATION [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SET_VOLUME_INFORMATION [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_DIRECTORY_CONTROL [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_FILE_SYSTEM_CONTROL [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL [82BBFB74] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_LOCK_CONTROL [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_CLEANUP [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_CREATE_MAILSLOT [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_QUERY_SECURITY [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SET_SECURITY [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_POWER [82BBFEAC] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_DEVICE_CHANGE [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_QUERY_QUOTA [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SET_QUOTA [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_CREATE [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_CREATE_NAMED_PIPE [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_CLOSE [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_READ [82BC0038] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_WRITE [82BC0160] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_QUERY_INFORMATION [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SET_INFORMATION [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_QUERY_EA [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SET_EA [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_QUERY_VOLUME_INFORMATION [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SET_VOLUME_INFORMATION [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_DIRECTORY_CONTROL [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_FILE_SYSTEM_CONTROL [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL [82BBFB74] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_LOCK_CONTROL [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_CLEANUP [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_CREATE_MAILSLOT [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_QUERY_SECURITY [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SET_SECURITY [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_POWER [82BBFEAC] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_DEVICE_CHANGE [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_QUERY_QUOTA [82BBFB48] fvevol.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SET_QUOTA [82BBFB48] fvevol.sys

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CLOSE [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_READ [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_WRITE [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_INFORMATION [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_INFORMATION [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_EA [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_EA [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_FLUSH_BUFFERS [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DIRECTORY_CONTROL [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DEVICE_CONTROL [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [8A5C12C0] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SHUTDOWN [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_LOCK_CONTROL [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CLEANUP [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE_MAILSLOT [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_SECURITY [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_SECURITY [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_POWER [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SYSTEM_CONTROL [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DEVICE_CHANGE [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_QUOTA [8A5C18E6] aswTdi.SYS

AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_QUOTA [8A5C18E6] aswTdi.SYS

---- Registry - GMER 1.0.13 ----

Reg \Registry\MACHINE\SOFTWARE\LicCtrl\LicCtrl\LicCtrl\LicCtrl

---- Files - GMER 1.0.13 ----

ADS C:\Users\Grant\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\[email protected]\DFSR\Staging\CS{4645475C-14B5-0D59-3310-5DFE0FCE177D}1\10-{4645475C-14B5-0D59-3310-5DFE0FCE177D}-v1-{EECEE1BE-2F29-4B47-AA39-B78587B3D37B}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

ADS C:\Users\Grant\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\[email protected].com\DFSR\Staging\CS{1B255EC6-EEF1-A169-FD61-CB3696D97D12}1\11-{1B255EC6-EEF1-A169-FD61-CB3696D97D12}-v1-{EECEE1BE-2F29-4B47-AA39-B78587B3D37B}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

---- EOF - GMER 1.0.13 ----

Share this post


Link to post
Share on other sites

Hi Jared.

MoNsTeReNeRgY22 asked me to add my services to your problem.

From what I have seen so far and some of your replies. I would think you might have a faulty hardware driver. One that either became corrupt because of the spyware (trojan) problem, or a good old M$ update. Since your Device Manager showed no problems. I believe it's still working, but not like it's supposed to. And the error you received from Vista's System Service Checks and Hardware Device and Driver Checks both failed on what appears to be a "plug and play device".

Now where to tell you to start.......

I would suggest starting from the beginning. Go to this site and download this program if you don't already have it. It's called System Sandra. And will give you detailed information on all the hardware and software in your PC.

sisoftware

Go to each manufactures website go find your drivers. Most are far better then what you can get from the M$ Update site.

I would start with your Motherboard and find the latest and greatest Drivers and try installing them. (do not worry about your systems BIOS. That would be recommended as a last resort only, and only if you had knowledge of flashing the BIOS).

Then work through your system one by one.... ie. Graphic Drivers, Sound Drivers, mouse (if you have a specialty type mouse). Then to your secondary items.... ie. Printer, scanner, camera and so forth.

Keep us posted to your results.

JSKY

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now