Andro1d Posted October 5, 2007 Report Share Posted October 5, 2007 Hello again,First, Boot from your Vista installation CD.Select your Vista Install from the list in “Windows Boot Manager”· Microsoft Vista Setup (x86)· Microsoft Vista Setup (x64)Press enter.You will then see “Windows is Loading Files”. Next, the “Language Screen” will come up. Since you have already selected this option when you installed Vista, just click on “Next”.Now you will see the “Vista Installation Screen” DO NOT CHOOSE “Install Now”Instead, towards the bottom left of the window you will see.· “What to know before installing Windows”· “Repair your Computer”Choose and click on “Repair your Computer”You will then come to the “System Recovery Options”. Choose “Microsoft Windows Vista” from the list. Then click “ Next”.You will now have the option to choose which “Recovery Tools” you wish to use.1. “Startup Repair”Automatically fix problems that are preventing Windows from starting.Please select #1 and let me know how it goes. Quote Link to post Share on other sites
Jared Posted October 5, 2007 Author Report Share Posted October 5, 2007 It's not letting me boot from the Vista CD, but my computer is working in normal mode now, still it is running very slowly.Is there any other way we can fix it without the Vista CD? Quote Link to post Share on other sites
Andro1d Posted October 6, 2007 Report Share Posted October 6, 2007 Lets next generate a System Health CheckGo to your Start Menu and click on "Control Panel". In the Control Panel Window, (for Classic View) Double Click on "Performance Information and Tools" icon. (For Control Panel Home View), click "System and Maintenance" > "Performance Information and Tools" In the Performance Information and Tools Window, under "Tasks". Choose "Advanced Tools" then at the bottom of the list choose "Generate A System Health Report".This will run a check on your system and file a series of reports Do not worry if it take longer then the 60 seconds it says it will take. Could be up to a couple of minutes. This will scan and file a report on every aspect of your PC. From the OS to Hard Drives, Memory to your Network.When this report is finished. In the first two columns. Under "Basic System Check", check "Results" and under "Resource Overview", check "Status" and report if any of these give you anything but a green light and say failed.This way we can narrow down the field for your problem. Please report back your findings. Quote Link to post Share on other sites
Jared Posted October 7, 2007 Author Report Share Posted October 7, 2007 (edited) OS Checks, Disk Checks and the Security Center Tests all passed, but the System Service Checks and Hardware Device and Driver Checks both failed.I took a screen shot for you: Edited October 7, 2007 by Jared Quote Link to post Share on other sites
Andro1d Posted October 8, 2007 Report Share Posted October 8, 2007 Hello again,Please Right-Click on "My Computer" in the main start menu and click on "Properties" Choose "Device Manager" under "Tasks". Look and let me know if any of the devices have a yellow question mark. If one or more do, let me know which ones. Quote Link to post Share on other sites
Jared Posted October 8, 2007 Author Report Share Posted October 8, 2007 Nothing with a yellow question mark next to it. What can I do next? Quote Link to post Share on other sites
Andro1d Posted October 9, 2007 Report Share Posted October 9, 2007 I am researching, I will post back ASAP. Quote Link to post Share on other sites
Andro1d Posted October 10, 2007 Report Share Posted October 10, 2007 Hello again,Step 1Please download ATF Cleaner by Atribune.On Windows Vista that "Windows Temp" is disabled, to empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator"Double-click ATF-Cleaner.exe to run the program.Under Main choose: Select AllClick the Empty Selected button.If you use Firefox browserClick Firefox at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browserClick Opera at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.Step 2Now please defragment your hardrive by using the built in Vista one, or use the following link.http://www.besttechie.net/forums/Disk-Defr...sta-t12630.htmlStep 3Also can you use the DVD player on your PC? Quote Link to post Share on other sites
Jared Posted October 10, 2007 Author Report Share Posted October 10, 2007 Hi, thanks for the reply again, did the ATF Cleaner, and the defragment.I believe the DVD player on my computer is function properly in normal mode, but it just wouldn't allow me to boot from the Vista disc for some reason. Quote Link to post Share on other sites
Andro1d Posted October 11, 2007 Report Share Posted October 11, 2007 Hi again,Please go HERE to run Panda's TotalScanSelect the bubble for Full scanIt will start downloading the files it requires for the scan (Note: It may take a couple of minutes)Then the scan will beginWhen the scan completes, click the Save button on the right of Scan detailsSave it to a convenient location. Post the contents of the TotalScan report Quote Link to post Share on other sites
Jared Posted October 18, 2007 Author Report Share Posted October 18, 2007 Thanks for the reply and sorry for replying so late, I've been very busy and haven't had time to use the computer, its still running very badly so I hope the results of this scan show some insight into whats wrong.;***********************************************************************************************************************************************************************************ANALYSIS: 2007-10-18 14:23:10PROTECTIONS: 2MALWARE: 34SUSPECTS: 0;***********************************************************************************************************************************************************************************PROTECTIONSDescription Version Active Updated;===================================================================================================================================================================================avast! antivirus 4.7.1043 [VPS 000782-1] 4.7.1043 No YesWindows Live OneCare 1.0.0 No Yes;===================================================================================================================================================================================MALWAREId Description Type Active Severity Disinfectable Disinfected Location;===================================================================================================================================================================================00034347 dialer.su Dialers No 0 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\switch00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.casalemedia.com/]00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.doubleclick.net/]00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\grant@doubleclick[1].txt00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\Low\grant@doubleclick[2].txt00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.atdmt.com/]00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\Low\grant@atdmt[2].txt00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\grant@atdmt[3].txt00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\grant@atdmt[1].txt00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.tradedoubler.com/]00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.fastclick.net/]00145460 Cookie/2o7 TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.2o7.net/]00145460 Cookie/2o7 TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\Low\grant@2o7[2].txt00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.tribalfusion.com/]00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\grant@mediaplex[1].txt00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.mediaplex.com/]00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.com.com/]00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.xiti.com/]00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies-1.txt[.azjmp.com/]00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies-1.txt[.azjmp.com/]00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.statcounter.com/]00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.statcounter.com/]00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.statcounter.com/]00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.statcounter.com/]00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.statcounter.com/]00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.statcounter.com/]00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[ad.yieldmanager.com/]00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[ad.yieldmanager.com/]00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[ad.yieldmanager.com/]00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[ad.yieldmanager.com/]00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[ad.yieldmanager.com/]00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.burstnet.com/]00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.burstnet.com/]00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.serving-sys.com/]00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\grant@serving-sys[2].txt00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.serving-sys.com/]00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.serving-sys.com/]00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.serving-sys.com/]00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.serving-sys.com/]00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\Low\grant@serving-sys[1].txt00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.bs.serving-sys.com/]00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.adtech.de/]00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[server.iad.liveperson.net/]00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.advertising.com/]00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.advertising.com/]00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.advertising.com/]00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.pointroll.com/]00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.overture.com/]00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Microsoft\Windows\Cookies\Low\grant@overture[1].txt00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.realmedia.com/]00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.realmedia.com/]00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.questionmarket.com/]00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.questionmarket.com/]00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.zedo.com/]00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.adrevolver.com/]00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.bravenet.com/]00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.bravenet.com/]00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.atwola.com/]00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Users\Grant\AppData\Roaming\Mozilla\Firefox\Profiles\qc0zadh1.default\cookies.txt[.ads.addynamix.com/]01168731 Spyware/Virtumonde Spyware No 1 Yes No C:\Program Files\Alwil Software\Avast4\DATA\moved\epvpqyit.dll.vir01168731 Spyware/Virtumonde Spyware No 1 Yes No C:\Program Files\Alwil Software\Avast4\DATA\moved\ijophorg.dll.vir02133701 Trj/Downloader.QGS Virus/Trojan No 0 No No C:\Deckard\System Scanner\20070923081721\backup\Users\Grant\AppData\Local\Temp\PC Tools Spyware Doctor 5.0.rar[patch.exe]02137870 Spyware/Virtumonde Spyware No 1 No No C:\Deckard\System Scanner\20070923081721\backup\Users\Grant\AppData\Local\Temp\PC Tools Spyware Doctor 5.0.rar[keygen.exe]02287815 Adware/SpywareNo Adware No 0 No No C:\Deckard\System Scanner\20070923081721\backup\Users\Grant\AppData\Local\Temp\PC Tools Spyware Doctor 5.0.rar[crack.exe]02402148 Application/Playmp3z HackTools No 0 Yes No C:\Users\Grant\Desktop\SHOW_PORN_VIDEO.exe;===================================================================================================================================================================================SUSPECTSLocation;===================================================================================================================================================================================;=================================================================================================================================================================================== Quote Link to post Share on other sites
Andro1d Posted October 20, 2007 Report Share Posted October 20, 2007 (edited) Hi,Step 1Download ComboFix from Here or Here to your Desktop.Double click combofix.exe and follow the prompts.When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next replyNote: Do not mouseclick combofix's window while its running. That may cause it to stallStep 2Download GMER from here:http://www.gmer.net/files.phpUnzip it to the desktop.Open the program and click on the Rootkit tab.Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.Click on Scan.When the scan has run click Copy and paste the results (if any) into this thread. Edited October 20, 2007 by MoNsTeReNeRgY22 Quote Link to post Share on other sites
Jared Posted October 21, 2007 Author Report Share Posted October 21, 2007 Hi, it kept saying that there was a memory error when I tried to run ComboFix. But I ran GMER. Hijack This Log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:37, on 2007-10-21 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\GameSpy\Comrade\Comrade.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\PC Connectivity Solution\NclBTHandler.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe" /waitservice O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user') O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing) O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE -- End of file - 6087 bytes GMER log: GMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-10-21 15:35:41 Windows 6.0.6000 ---- User code sections - GMER 1.0.13 ---- .text C:\Program Files\GameSpy\Comrade\Comrade.exe[2388] WS2_32.dll!sendto 766F3DD4 5 Bytes JMP 03F71BB0 c:\program files\gamespy\comrade\154\DetectLib.dll .text C:\Program Files\GameSpy\Comrade\Comrade.exe[2388] WS2_32.dll!WSASendTo 7670A40C 5 Bytes JMP 03F71BF0 c:\program files\gamespy\comrade\154\DetectLib.dll ---- User IAT/EAT - GMER 1.0.13 ---- IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [6E9D8B5F] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!OpenFile] [6E9D8CB4] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!MoveFileW] [6E9D8B5F] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [6E9D2E1C] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [6E9D2C06] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [6E9D2A08] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!AccessCheck] [6E9D886A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueW] [6E9D9A83] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6E9D8F7E] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6E9DA2A5] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueA] [6E9D9C87] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!SetFileSecurityW] [6E9D9E24] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!AccessCheck] [6E9D886A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!MoveFileExW] [6E9D8C44] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6E9D8B5F] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6E9D8C44] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW] [6E9D9A83] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW] [6E9D94C8] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!SetFileSecurityW] [6E9D9E24] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!AccessCheck] [6E9D886A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!PrivCopyFileExW] [6E9D8F1A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!MoveFileExW] [6E9D8C44] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!SetFileSecurityW] [6E9D9E24] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Users\Grant\AppData\Local\Temp\Rar$EX00.805\gmer.exe[3784] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\ADVAPI32.DLL [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\ADVAPI32.DLL [KERNEL32.dll!OpenFile] [6E9D8CB4] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\ADVAPI32.DLL [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\ADVAPI32.DLL [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\ADVAPI32.DLL [KERNEL32.dll!MoveFileW] [6E9D8B5F] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\ADVAPI32.DLL [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [6E9D8B5F] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6E9D8F7E] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6E9DA2A5] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueA] [6E9D9C87] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6E9D8926] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6E9D8B5F] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6E9D8C44] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW] [6E9D9A83] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW] [6E9D94C8] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!SetFileSecurityW] [6E9D9E24] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!AccessCheck] [6E9D886A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [KERNEL32.dll!CreateProcessW] [6E9D2E1C] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [KERNEL32.dll!GetFileAttributesExW] [6E9D2C06] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [KERNEL32.dll!GetFileAttributesW] [6E9D2A08] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!AccessCheck] [6E9D886A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!RegSetValueW] [6E9D9A83] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\OLE32.DLL [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!SetFileSecurityW] [6E9D9E24] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!AccessCheck] [6E9D886A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!MoveFileExW] [6E9D8C44] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!PrivCopyFileExW] [6E9D8F1A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!MoveFileExW] [6E9D8C44] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!SetFileSecurityW] [6E9D9E24] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteValueA] [6E9D9C87] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CopyFileA] [6E9D88CE] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetFileAttributesA] [6E9D8F7E] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!MoveFileExA] [6E9D8BD4] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!MoveFileA] [6E9D8AEA] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!DeleteFileA] [6E9D8A40] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateFileA] [6E9DA2A5] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegCreateKeyExW] [6E9D9669] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] [6E9D9BD7] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteValueW] [6E9D9D29] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!CreateFileW] [6E9DA3C1] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!DeleteFileW] [6E9D8A95] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetFileAttributesW] [6E9D8FD6] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!CreateFileA] [6E9DA2A5] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegOpenKeyExA] [6E9D9771] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegCreateKeyExA] [6E9D955A] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] [6E9D9B2B] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegOpenKeyExW] [6E9D9845] C:\Windows\AppPatch\AcGenral.DLL IAT C:\Program Files\WinRAR\WinRAR.exe[3948] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [74974618] C:\Windows\system32\ShimEng.dll AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CLOSE [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_READ [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_WRITE [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_INFORMATION [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_INFORMATION [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_EA [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_EA [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_FLUSH_BUFFERS [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DEVICE_CONTROL [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [8A5C12C0] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SHUTDOWN [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_LOCK_CONTROL [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CLEANUP [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE_MAILSLOT [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_SECURITY [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_SECURITY [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_POWER [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SYSTEM_CONTROL [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DEVICE_CHANGE [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_QUOTA [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_QUOTA [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_CREATE [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_CREATE_NAMED_PIPE [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_CLOSE [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_READ [82BC0038] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_WRITE [82BC0160] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_QUERY_INFORMATION [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SET_INFORMATION [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_QUERY_EA [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SET_EA [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_QUERY_VOLUME_INFORMATION [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SET_VOLUME_INFORMATION [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_DIRECTORY_CONTROL [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_FILE_SYSTEM_CONTROL [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL [82BBFB74] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_LOCK_CONTROL [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_CLEANUP [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_CREATE_MAILSLOT [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_QUERY_SECURITY [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SET_SECURITY [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_POWER [82BBFEAC] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_DEVICE_CHANGE [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_QUERY_QUOTA [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 IRP_MJ_SET_QUOTA [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_CREATE [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_CREATE_NAMED_PIPE [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_CLOSE [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_READ [82BC0038] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_WRITE [82BC0160] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_QUERY_INFORMATION [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SET_INFORMATION [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_QUERY_EA [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SET_EA [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_QUERY_VOLUME_INFORMATION [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SET_VOLUME_INFORMATION [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_DIRECTORY_CONTROL [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_FILE_SYSTEM_CONTROL [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL [82BBFB74] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_LOCK_CONTROL [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_CLEANUP [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_CREATE_MAILSLOT [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_QUERY_SECURITY [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SET_SECURITY [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_POWER [82BBFEAC] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_DEVICE_CHANGE [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_QUERY_QUOTA [82BBFB48] fvevol.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 IRP_MJ_SET_QUOTA [82BBFB48] fvevol.sys AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CLOSE [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_READ [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_WRITE [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_INFORMATION [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_INFORMATION [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_EA [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_EA [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_FLUSH_BUFFERS [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DIRECTORY_CONTROL [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DEVICE_CONTROL [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [8A5C12C0] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SHUTDOWN [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_LOCK_CONTROL [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CLEANUP [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE_MAILSLOT [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_SECURITY [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_SECURITY [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_POWER [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SYSTEM_CONTROL [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DEVICE_CHANGE [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_QUOTA [8A5C18E6] aswTdi.SYS AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_QUOTA [8A5C18E6] aswTdi.SYS ---- Registry - GMER 1.0.13 ---- Reg \Registry\MACHINE\SOFTWARE\LicCtrl\LicCtrl\LicCtrl\LicCtrl ---- Files - GMER 1.0.13 ---- ADS C:\Users\Grant\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\[email protected]\DFSR\Staging\CS{4645475C-14B5-0D59-3310-5DFE0FCE177D}1\10-{4645475C-14B5-0D59-3310-5DFE0FCE177D}-v1-{EECEE1BE-2F29-4B47-AA39-B78587B3D37B}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ADS C:\Users\Grant\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\[email protected]\DFSR\Staging\CS{1B255EC6-EEF1-A169-FD61-CB3696D97D12}1\11-{1B255EC6-EEF1-A169-FD61-CB3696D97D12}-v1-{EECEE1BE-2F29-4B47-AA39-B78587B3D37B}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ---- EOF - GMER 1.0.13 ---- Quote Link to post Share on other sites
JSKY Posted October 23, 2007 Report Share Posted October 23, 2007 Hi Jared.MoNsTeReNeRgY22 asked me to add my services to your problem.From what I have seen so far and some of your replies. I would think you might have a faulty hardware driver. One that either became corrupt because of the spyware (trojan) problem, or a good old M$ update. Since your Device Manager showed no problems. I believe it's still working, but not like it's supposed to. And the error you received from Vista's System Service Checks and Hardware Device and Driver Checks both failed on what appears to be a "plug and play device".Now where to tell you to start.......I would suggest starting from the beginning. Go to this site and download this program if you don't already have it. It's called System Sandra. And will give you detailed information on all the hardware and software in your PC.sisoftwareGo to each manufactures website go find your drivers. Most are far better then what you can get from the M$ Update site.I would start with your Motherboard and find the latest and greatest Drivers and try installing them. (do not worry about your systems BIOS. That would be recommended as a last resort only, and only if you had knowledge of flashing the BIOS).Then work through your system one by one.... ie. Graphic Drivers, Sound Drivers, mouse (if you have a specialty type mouse). Then to your secondary items.... ie. Printer, scanner, camera and so forth.Keep us posted to your results.JSKY Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.