Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Constant Pop Up Adverts


  • This topic is locked This topic is locked
19 replies to this topic

#1 roger007

roger007

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 19 September 2007 - 07:22 AM

My son downloaded messenger plus live accepting the sponsor,i've since uninstalled it and reinstalled without sponsor and uninstalled CID HELP and a few others.but he is still getting plagued with pop ups.we use aol browser but we still get IE pop ups!

any help appreciated here's hijackthis log:





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:46, on 19/09/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\AOL 9.0 VR\waol.exe
C:\Program Files\AOL 9.0 VR\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nexgenwars.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1186701864\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/games/ricochet-los...bGameLoader.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - https://ukplay.toontown.com/download/sv1.0.29.11/ttinst.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11241 bytes

BC AdBot (Login to Remove)

 


#2 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:11:29 AM

Posted 29 September 2007 - 04:25 PM

Sorry for the delay. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:

Preparation Guide For Use Before Posting A Hijackthis Log

Please also post the problems you are having.

#3 roger007

roger007
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 30 September 2007 - 07:52 AM

hi,thanks for helping.
i've run aww2007,s&d,stinger and my own norton a/v . i had trouble with housecall and bitdefender so abandoned them.

the problem i have is IE pop-ups advertising loans,bettting sites,and dodgy antispiware.
i'm still getting pop-ups but now they are blank (just white)! so some progress? here's a new log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:51:18, on 30/09/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\AOL 9.0 VR\waol.exe
C:\Program Files\AOL 9.0 VR\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nexgenwars.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1186701864\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [HijackThis startup scan] C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/games/ricochet-los...bGameLoader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1191154954174
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1191155883592
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - https://ukplay.toontown.com/download/sv1.0.29.11/ttinst.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12940 bytes

#4 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:11:29 AM

Posted 30 September 2007 - 06:03 PM

Please perform this online scan: Kaspersky Webscan
Note that this scanner will only work on Internet Explorer, so please use this browser for the scan.
Read the Requirements and Privacy statement, then select "Accept"
A dialogue box will appearing asking "Do you want to install this software?" Name: kavwebscan_unicode.cab
Select "Install" to download the ActiveX controls that allows ActiveScan to run.

When the download is complete it will say ready, click "Next"
Select a target to scan: Click on "My Computer"
When the scan is complete choose to save the results as "Save as Text"
Post the Kaspersky scan results in your next reply.

Run HijackThis.
Click on Open the Misc Tools Section.
Then press Generate StartupList log, making sure that both boxes next to it are checked.
Select Yes at the prompt.
A Notepad file will open, and will automatically be saved in your HijackThis folder.
Paste this log in your next reply.

#5 roger007

roger007
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 01 October 2007 - 06:38 AM

hi,here are the results-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, October 01, 2007 12:30:53 PM
Operating System: Microsoft Windows Vista Home Edition, (Build 6000)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 1/10/2007
Kaspersky Anti-Virus database records: 425893
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 82180
Number of viruses found: 1
Number of infected objects: 4
Number of suspicious objects: 0
Duration of the scan process: 01:08:23

Infected Object Name / Virus Name / Last Action
C:\Boot\BCD Object is locked skipped
C:\Boot\BCD.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\master.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\mastlog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\model.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\modellog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\msdbdata.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\msdblog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\tempdb.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\templog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\ERRORLOG Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\log_120.trc Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\ProgramData\AOL\ACS\1.0\ph Object is locked skipped
C:\ProgramData\AOL\ACS\1.0\variable Object is locked skipped
C:\ProgramData\AOL\C_AOL 9.0 VR\idb\SNMaster.idx Object is locked skipped
C:\ProgramData\AOL\C_AOL 9.0 VR\idb\sobrasesto\MyDB.idx Object is locked skipped
C:\ProgramData\AOL\C_AOL 9.0 VR\idb\sobrasesto\toolbar.lst Object is locked skipped
C:\ProgramData\AOL\C_AOL 9.0 VR\organize\CACHE\sobrases00 Object is locked skipped
C:\ProgramData\AOL\C_AOL 9.0 VR\organize\sobrasesto Object is locked skipped
C:\ProgramData\AOL\C_AOL 9.0 VR\organize\sobrasesto.abi Object is locked skipped
C:\ProgramData\AOL\C_AOL 9.0 VR\organize\sobrasesto.aby Object is locked skipped
C:\ProgramData\AOL\TopSpeed\3.0\aolstderr.txt Object is locked skipped
C:\ProgramData\AOL\TopSpeed\3.0\aolstdout.txt Object is locked skipped
C:\ProgramData\AOL\TopSpeed\3.0\cache.db Object is locked skipped
C:\ProgramData\AOL\TopSpeed\3.0\ncoc Object is locked skipped
C:\ProgramData\AOL\TopSpeed\3.0\server.lock Object is locked skipped
C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.54.Crwl Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.54.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001B.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001E.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.ci Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wsb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010021.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010022.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010025.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001002A.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001002B.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy297.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\NtfBDF1.tmp Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\NtfBE11.tmp Object is locked skipped
C:\ProgramData\Sony Corporation\SonicStage\Packages\MtData.ldb Object is locked skipped
C:\ProgramData\Sony Corporation\SonicStage\Packages\MtData.mdb Object is locked skipped
C:\ProgramData\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\VzCdbDat.ldf Object is locked skipped
C:\ProgramData\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\VzCdbDat.mdf Object is locked skipped
C:\ProgramData\Symantec\Common Client\settings.dat Object is locked skipped
C:\ProgramData\Symantec\LiveUpdate\2007-10-01_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\ProgramData\Symantec\LiveUpdate\Log.LiveUpdate Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBConfig.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBDebug.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBDetect.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBNotify.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBRefr.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBSetCfg.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBSetDev.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBSetLoc.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBSetUsr.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBStHash.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\BBValid.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\SPPolicy.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\SPStart.log Object is locked skipped
C:\ProgramData\Symantec\SPBBC\SPStop.log Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtErEvt.log Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtETmp\368CF728.TMP Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtETmp\515596B7.TMP Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtScEvt.log Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped
C:\ProgramData\Symantec\SRTSP\SrtViEvt.log Object is locked skipped
C:\ProgramData\Symantec\SubEng\submissions.idx Object is locked skipped
C:\ProgramData\Symantec\SymNetDrv\SNDALRT.log Object is locked skipped
C:\ProgramData\Symantec\SymNetDrv\SNDCON.log Object is locked skipped
C:\ProgramData\Symantec\SymNetDrv\SNDDBG.log Object is locked skipped
C:\ProgramData\Symantec\SymNetDrv\SNDFW.log Object is locked skipped
C:\ProgramData\Symantec\SymNetDrv\SNDIDS.log Object is locked skipped
C:\ProgramData\Symantec\SymNetDrv\SNDSYS.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\Users\Cobra!\AppData\Local\AOL\UserProfiles\All Users\cls\common.cls Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Messenger\m.cobra@hotmail.co.uk\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Messenger\m.cobra@hotmail.co.uk\SharingMetadata\pending.dat Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Messenger\m.cobra@hotmail.co.uk\SharingMetadata\Working\database_5452_E11_520D_F90E\dfsr.db Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Messenger\m.cobra@hotmail.co.uk\SharingMetadata\Working\database_5452_E11_520D_F90E\fsr.log Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Messenger\m.cobra@hotmail.co.uk\SharingMetadata\Working\database_5452_E11_520D_F90E\fsrtmp.log Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Messenger\m.cobra@hotmail.co.uk\SharingMetadata\Working\database_5452_E11_520D_F90E\tmp.edb Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007092420071001\index.dat Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007100120071002\index.dat Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows\UsrClass.dat{8c4396d2-c5df-11db-a358-0013a9c69c1d}.TM.blf Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows\UsrClass.dat{8c4396d2-c5df-11db-a358-0013a9c69c1d}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows\UsrClass.dat{8c4396d2-c5df-11db-a358-0013a9c69c1d}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows Live Contacts\m.cobra@hotmail.co.uk\real\members.stg Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows Live Contacts\m.cobra@hotmail.co.uk\shadow\members.stg Object is locked skipped
C:\Users\Cobra!\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Object is locked skipped
C:\Users\Cobra!\AppData\Local\Temp\~DFAF6A.tmp Object is locked skipped
C:\Users\Cobra!\AppData\Local\Temp\~DFB0FD.tmp Object is locked skipped
C:\Users\Cobra!\AppData\Local\Temp\~DFD711.tmp Object is locked skipped
C:\Users\Cobra!\AppData\Local\Temp\~DFE538.tmp Object is locked skipped
C:\Users\Cobra!\AppData\Roaming\AOL\C_AOL 9.0 VR\IDB\Apps.Lst Object is locked skipped
C:\Users\Cobra!\AppData\Roaming\AOL\C_AOL 9.0 VR\IDB\art.idx Object is locked skipped
C:\Users\Cobra!\AppData\Roaming\AOL\C_AOL 9.0 VR\IDB\sap.dat Object is locked skipped
C:\Users\Cobra!\AppData\Roaming\AOL\C_AOL 9.0 VR\IDB\spool.lst Object is locked skipped
C:\Users\Cobra!\AppData\Roaming\AOL\C_AOL 9.0 VR\IDB\sysnews.lst Object is locked skipped
C:\Users\Cobra!\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped
C:\Users\Cobra!\Documents\vdownloader\VDownloader (2).exe Infected: not-a-virus:Downloader.Win32.VDown.a skipped
C:\Users\Cobra!\Documents\vdownloader\VDownloader.exe Infected: not-a-virus:Downloader.Win32.VDown.a skipped
C:\Users\Cobra!\Documents\vdownloader.zip/VDownloader.exe Infected: not-a-virus:Downloader.Win32.VDown.a skipped
C:\Users\Cobra!\Documents\vdownloader.zip ZIP: infected - 1 skipped
C:\Users\Cobra!\NTUSER.DAT Object is locked skipped
C:\Users\Cobra!\ntuser.dat.LOG1 Object is locked skipped
C:\Users\Cobra!\ntuser.dat.LOG2 Object is locked skipped
C:\Users\Cobra!\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped
C:\Users\Cobra!\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\Cobra!\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Users\Fran and Gio\AppData\Local\Temp\~DFD81C.tmp Object is locked skipped
C:\Users\Fran and Gio\AppData\Local\Temp\~DFD826.tmp Object is locked skipped
C:\Users\Fran and Gio\AppData\Local\Temp\~DFF5CF.tmp Object is locked skipped
C:\Users\Fran and Gio\AppData\Local\Temp\~DFF5D9.tmp Object is locked skipped
C:\Windows\Debug\PASSWD.LOG Object is locked skipped
C:\Windows\Debug\sam.log Object is locked skipped
C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WindowsUpdate.log Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2 Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2 Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\SoftwareDistribution\EventCache\{744AFFD1-12F2-4CCA-8CBE-4A16B1F84C74}.bin Object is locked skipped
C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\catroot2\edb.log Object is locked skipped
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\config\COMPONENTS Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped
C:\Windows\System32\config\DEFAULT Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped
C:\Windows\System32\config\RegBack\COMPONENTS Object is locked skipped
C:\Windows\System32\config\RegBack\DEFAULT Object is locked skipped
C:\Windows\System32\config\RegBack\SAM Object is locked skipped
C:\Windows\System32\config\RegBack\SECURITY Object is locked skipped
C:\Windows\System32\config\RegBack\SOFTWARE Object is locked skipped
C:\Windows\System32\config\RegBack\SYSTEM Object is locked skipped
C:\Windows\System32\config\SAM Object is locked skipped
C:\Windows\System32\config\SAM.LOG1 Object is locked skipped
C:\Windows\System32\config\SAM.LOG2 Object is locked skipped
C:\Windows\System32\config\SECURITY Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped
C:\Windows\System32\config\SOFTWARE Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped
C:\Windows\System32\config\SYSTEM Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped
C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTm.blf Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000001 Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000002 Object is locked skipped
C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped
C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped
C:\Windows\System32\wbem\Repository\INDEX.BTR Object is locked skipped
C:\Windows\System32\wbem\Repository\MAPPING1.MAP Object is locked skipped
C:\Windows\System32\wbem\Repository\MAPPING2.MAP Object is locked skipped
C:\Windows\System32\wbem\Repository\OBJECTS.DATA Object is locked skipped
C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.001 Object is locked skipped
C:\Windows\System32\wfp\wfpdiag.etl Object is locked skipped
C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\ODiag.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\OSession.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped
C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped
C:\Windows\Temp\JETD171.tmp Object is locked skipped
C:\Windows\WindowsUpdate.log Object is locked skipped

Scan process completed.

StartupList report, 01/10/2007, 12:35:34
StartupList version: 1.52.2
Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
Detected: Windows Vista (WinNT 6.00.1904)
Detected: Internet Explorer v7.00 (7.00.6000.16512)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\AOL 9.0 VR\waol.exe
C:\Program Files\AOL 9.0 VR\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Users\Cobra!\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\Windows\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

IgfxTray = C:\Windows\system32\igfxtray.exe
HotKeysCmds = C:\Windows\system32\hkcmd.exe
Persistence = C:\Windows\system32\igfxpers.exe
RtHDVCpl = RtHDVCpl.exe
Apoint = C:\Program Files\Apoint\Apoint.exe
ISBMgr.exe = "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
osCheck = "C:\Program Files\Norton Internet Security\osCheck.exe"
Google Desktop Search = "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
HostManager = C:\Program Files\Common Files\AOL\1186701864\ee\AOLSoftware.exe
Symantec PIF AlertEng = "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
HijackThis startup scan = C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
WMPNSCFG = C:\Program Files\Windows Media Player\WMPNSCFG.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\Windows\system32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\Windows\system32\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = C:\Windows\system32\ie4uinit.exe -UserIconConfig

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = C:\Windows\system32\ie4uinit.exe -BaseSettings

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\Windows\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL

--------------------------------------------------

Shell & screensaver key from C:\Windows\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=explorer.exe
SCRNSAVE.EXE=C:\Windows\system32\vaiomov.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\Windows\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\Windows\Explorer\Explorer.exe: not present
C:\Windows\System\Explorer.exe: not present
C:\Windows\System32\Explorer.exe: not present
C:\Windows\Command\Explorer.exe: not present
C:\Windows\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: *Registry key not found*
.shb: *Registry key not found*
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\Windows
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename NOT OK: 'REGEDIT.EXE.MUI'
- File description: 'Registry Editor'

Registry check failed!

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll - {1E8A6170-7264-4D0F-BEAE-D42A53123C75}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\Program Files\Java\jre1.6.0\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045}
(no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
(no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
(no name) - C:\Program Files\Windows Live Toolbar\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
Browser Address Error Redirector - C:\PROGRA~1\GOOGLE~1\BAE.dll - {CA6319C0-31B7-401E-A518-A07C3DB8F777}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Check Updates for Windows Live Toolbar.job
Norton Internet Security - Run Full System Scan - Cobra!.job
User_Feed_Synchronization-{1FFF5BA1-01D4-4AFD-BC70-8984A00036AD}.job

--------------------------------------------------

Enumerating Download Program Files:

[CKAVWebScan Object]
InProcServer32 = C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
CODEBASE = http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\Windows\system32\macromed\Director\SwDir.dll
CODEBASE = http://download.macromedia.com/pub/shockwa...director/sw.cab

[Trend Micro ActiveX Scan Agent 6.6]
InProcServer32 = C:\Windows\Downloaded Program Files\Housecall_ActiveX.dll
CODEBASE = http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab

[WebGameLoader Class]
InProcServer32 = C:\Windows\Downloaded Program Files\ReflexiveWebGameLoader.dll
CODEBASE = http://www.miniclip.com/games/ricochet-los...bGameLoader.cab

[BDSCANONLINE Control]
InProcServer32 = C:\Windows\DOWNLO~1\oscan8.ocx
CODEBASE = http://download.bitdefender.com/resources/scan8/oscan8.cab

[WUWebControl Class]
InProcServer32 = C:\Windows\system32\wuweb.dll
CODEBASE = http://www.update.microsoft.com/windowsupd...b?1191154954174

[MUWebControl Class]
InProcServer32 = C:\Windows\system32\muweb.dll
CODEBASE = http://www.update.microsoft.com/microsoftu...b?1191155883592

[Java Plug-in 1.6.0]
InProcServer32 = C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab

[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
CODEBASE = http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab

[Toontown Installer ActiveX Control]
InProcServer32 = C:\Windows\Downloaded Program Files\ttinst.dll
CODEBASE = https://ukplay.toontown.com/download/sv1.0.29.11/ttinst.cab

[Java Plug-in 1.6.0]
InProcServer32 = C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab

[Java Plug-in 1.6.0]
InProcServer32 = C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #2: C:\Windows\System32\mswsock.dll
NameSpace #3: C:\Windows\System32\winrnr.dll
NameSpace #4: C:\Windows\system32\napinsp.dll
NameSpace #5: C:\Windows\system32\pnrpnsp.dll
NameSpace #6: C:\Windows\system32\pnrpnsp.dll
Protocol #1: C:\Windows\system32\mswsock.dll
Protocol #2: C:\Windows\system32\mswsock.dll
Protocol #3: C:\Windows\system32\mswsock.dll
Protocol #4: C:\Windows\system32\mswsock.dll
Protocol #5: C:\Windows\system32\mswsock.dll
Protocol #6: C:\Windows\system32\mswsock.dll
Protocol #7: C:\Windows\system32\mswsock.dll
Protocol #8: C:\Windows\system32\mswsock.dll
Protocol #9: C:\Windows\system32\mswsock.dll
Protocol #10: C:\Windows\system32\mswsock.dll
Protocol #11: C:\Windows\system32\mswsock.dll
Protocol #12: C:\Windows\system32\mswsock.dll
Protocol #13: C:\Windows\system32\mswsock.dll
Protocol #14: C:\Windows\system32\mswsock.dll
Protocol #15: C:\Windows\system32\mswsock.dll
Protocol #16: C:\Windows\system32\mswsock.dll
Protocol #17: C:\Windows\system32\mswsock.dll
Protocol #18: C:\Windows\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

Ad-Aware 2007 Service: "C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe" (autostart)
Microsoft ACPI Driver: system32\drivers\acpi.sys (system)
adp94xx: \SystemRoot\system32\drivers\adp94xx.sys (disabled)
adpahci: \SystemRoot\system32\drivers\adpahci.sys (disabled)
adpu160m: \SystemRoot\system32\drivers\adpu160m.sys (disabled)
adpu320: \SystemRoot\system32\drivers\adpu320.sys (disabled)
@%SystemRoot%\system32\aelupsvc.dll,-1: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Ancilliary Function Driver for Winsock: \SystemRoot\system32\drivers\afd.sys (system)
Intel AGP Bus Filter: \SystemRoot\system32\drivers\agp440.sys (manual start)
aic78xx: \SystemRoot\system32\drivers\djsvs.sys (disabled)
@%SystemRoot%\system32\Alg.exe,-112: %SystemRoot%\System32\alg.exe (manual start)
aliide: \SystemRoot\system32\drivers\aliide.sys (disabled)
AMD AGP Bus Filter Driver: \SystemRoot\system32\drivers\amdagp.sys (manual start)
amdide: \SystemRoot\system32\drivers\amdide.sys (disabled)
AMD K7 Processor Driver: \SystemRoot\system32\drivers\amdk7.sys (disabled)
AMD K8 Processor Driver: \SystemRoot\system32\drivers\amdk8.sys (disabled)
AOL Connectivity Service: "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe" (autostart)
Alps Pointing-device Filter Driver: system32\DRIVERS\Apfiltr.sys (manual start)
@%systemroot%\system32\appinfo.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
arc: \SystemRoot\system32\drivers\arc.sys (disabled)
arcsas: \SystemRoot\system32\drivers\arcsas.sys (disabled)
RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start)
IDE Channel: system32\drivers\atapi.sys (system)
Atheros Extensible Wireless LAN device driver: system32\DRIVERS\athr.sys (manual start)
@%SystemRoot%\system32\audiosrv.dll,-204: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\audiosrv.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
Automatic LiveUpdate Scheduler: "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (autostart)
@%SystemRoot%\system32\bfe.dll,-1001: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
@%SystemRoot%\system32\qmgr.dll,-1000: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
blbdrive: \SystemRoot\system32\drivers\blbdrive.sys (disabled)
Bowser: system32\DRIVERS\bowser.sys (manual start)
Brother USB Mass-Storage Lower Filter Driver: \SystemRoot\system32\drivers\brfiltlo.sys (manual start)
Brother USB Mass-Storage Upper Filter Driver: \SystemRoot\system32\drivers\brfiltup.sys (manual start)
@%systemroot%\system32\browser.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Brother MFC Serial Port Interface Driver (WDM): \SystemRoot\system32\drivers\brserid.sys (disabled)
Brother WDM Serial driver: \SystemRoot\system32\drivers\brserwdm.sys (disabled)
Brother MFC USB Fax Only Modem: \SystemRoot\system32\drivers\brusbmdm.sys (disabled)
Brother MFC USB Serial WDM Driver: \SystemRoot\system32\drivers\brusbser.sys (manual start)
Bluetooth Serial Communications Driver: \SystemRoot\system32\drivers\bthmodem.sys (disabled)
Symantec Event Manager: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (autostart)
Symantec Settings Manager: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (autostart)
CD/DVD File System Reader: system32\DRIVERS\cdfs.sys (disabled)
CD-ROM Driver: system32\DRIVERS\cdrom.sys (system)
@%SystemRoot%\System32\certprop.dll,-11: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Consumer IR Devices: \SystemRoot\system32\drivers\circlass.sys (disabled)
Common Log (CLFS): System32\CLFS.sys (system)
Microsoft .NET Framework NGEN v2.0.50727_X86: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
Symantec Lic NetConnect service: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (autostart)
Microsoft ACPI Control Method Battery Driver: system32\DRIVERS\CmBatt.sys (manual start)
cmdide: \SystemRoot\system32\drivers\cmdide.sys (disabled)
COM Host: "C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe" (manual start)
Microsoft Composite Battery Driver: system32\DRIVERS\compbatt.sys (system)
@comres.dll,-947: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Crcdisk Filter Driver: system32\drivers\crcdisk.sys (system)
Transmeta Crusoe Processor Driver: \SystemRoot\system32\drivers\crusoe.sys (disabled)
@%SystemRoot%\system32\cryptsvc.dll,-1001: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
@oleres.dll,-5012: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
Dfs Client Driver: System32\Drivers\dfsc.sys (system)
@dfsrres.dll,-101: %SystemRoot%\system32\DFSR.exe (manual start)
@%SystemRoot%\system32\dhcpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
Disk Driver: system32\drivers\disk.sys (system)
Sony DMI Call service: system32\DRIVERS\DMICall.sys (system)
@%SystemRoot%\System32\dnsapi.dll,-101: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
@%systemroot%\system32\dot3svc.dll,-1102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\system32\dps.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (autostart)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
LDDM Graphics Subsystem: \SystemRoot\System32\drivers\dxgkrnl.sys (manual start)
Intel® PRO/1000 NDIS 6 Adapter Driver: system32\DRIVERS\E1G60I32.sys (manual start)
@%systemroot%\system32\eapsvc.dll,-1: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
ReadyBoost Caching Driver: System32\drivers\ecache.sys (system)
Symantec Eraser Control driver: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (system)
@%SystemRoot%\ehome\ehrecvr.exe,-101: %systemroot%\ehome\ehRecvr.exe (manual start)
@%SystemRoot%\ehome\ehsched.exe,-101: %systemroot%\ehome\ehsched.exe (manual start)
@%SystemRoot%\ehome\ehstart.dll,-101: %windir%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
elxstor: \SystemRoot\system32\drivers\elxstor.sys (disabled)
@%SystemRoot%\system32\emdmgmt.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
EraserUtilRebootDrv: \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (manual start)
@%SystemRoot%\system32\wevtsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@comres.dll,-2450: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Floppy Disk Controller Driver: system32\DRIVERS\fdc.sys (disabled)
@%systemroot%\system32\fdPHost.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%systemroot%\system32\fdrespub.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
File Information FS MiniFilter: system32\drivers\fileinfo.sys (system)
FileTrace: system32\drivers\filetrace.sys (manual start)
Floppy Disk Driver: system32\DRIVERS\flpydisk.sys (disabled)
FltMgr: system32\drivers\fltmgr.sys (system)
@%SystemRoot%\system32\PresentationHost.exe,-3309: %systemroot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (manual start)
Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms: \SystemRoot\system32\drivers\gagp30kx.sys (manual start)
GoogleDesktopManager: "C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe" (manual start)
@gpapi.dll,-112: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Google Updater Service: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (autostart)
Microsoft 1.1 UAA Function Driver for High Definition Audio Service: system32\drivers\HdAudio.sys (manual start)
Microsoft UAA Bus Driver for High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start)
Microsoft Bluetooth HID Miniport: \SystemRoot\system32\drivers\hidbth.sys (disabled)
Microsoft Infrared HID Driver: \SystemRoot\system32\drivers\hidir.sys (disabled)
@%SystemRoot%\System32\hidserv.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
Microsoft HID Class Driver: \SystemRoot\system32\drivers\hidusb.sys (disabled)
@%SystemRoot%\system32\kmsvc.dll,-6: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
HpCISSs: \SystemRoot\system32\drivers\hpcisss.sys (disabled)
HSF_DPV: system32\DRIVERS\HSX_DPV.sys (manual start)
HSXHWAZL: system32\DRIVERS\HSXHWAZL.sys (manual start)
HTTP: system32\drivers\HTTP.sys (manual start)
i2omp: \SystemRoot\system32\drivers\i2omp.sys (disabled)
i8042 Keyboard and PS/2 Mouse Port Driver: system32\DRIVERS\i8042prt.sys (system)
Intel RAID Controller Vista: \SystemRoot\system32\drivers\iastorv.sys (disabled)
InstallDriver Table Manager: "C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe" (manual start)
@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" (manual start)
Symantec Intrusion Prevention Driver: \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20070925.001\IDSvix86.sys (system)
igfx: system32\DRIVERS\igdkmd32.sys (manual start)
iirsp: \SystemRoot\system32\drivers\iirsp.sys (disabled)
@%SystemRoot%\system32\ikeext.dll,-501: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Service for Realtek HD Audio (WDM): system32\drivers\RTKVHDA.sys (manual start)
intelide: system32\drivers\intelide.sys (system)
Intel Processor Driver: system32\DRIVERS\intelppm.sys (manual start)
@%systemroot%\system32\IPBusEnum.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start)
@%SystemRoot%\system32\iphlpsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k NetSvcs (autostart)
IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start)
IPMIDRV: \SystemRoot\system32\drivers\ipmidrv.sys (disabled)
IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start)
IR Bus Enumerator: system32\drivers\irenum.sys (manual start)
PnP ISA/EISA Bus Driver: \SystemRoot\system32\drivers\isapnp.sys (disabled)
iScsiPort Driver: system32\DRIVERS\msiscsi.sys (manual start)
Symantec IS Password Validation: "C:\Program Files\Norton Internet Security\isPwdSvc.exe" (manual start)
ITEATAPI_Service_Install: \SystemRoot\system32\drivers\iteatapi.sys (disabled)
ITERAID_Service_Install: \SystemRoot\system32\drivers\iteraid.sys (disabled)
Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (system)
Keyboard HID Driver: \SystemRoot\system32\drivers\kbdhid.sys (disabled)
@keyiso.dll,-100: %SystemRoot%\system32\lsass.exe (manual start)
KSecDD: System32\Drivers\ksecdd.sys (system)
@comres.dll,-2946: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
@%systemroot%\system32\srvsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\wkssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
LiveUpdate: "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" (manual start)
LiveUpdate Notice Service Ex: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (autostart)
LiveUpdate Notice Service: "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll" (autostart)
Link-Layer Topology Discovery Mapper I/O Driver: system32\DRIVERS\lltdio.sys (autostart)
@%SystemRoot%\system32\lltdres.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\lmhsvc.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
LSI_FC: \SystemRoot\system32\drivers\lsi_fc.sys (disabled)
LSI_SAS: \SystemRoot\system32\drivers\lsi_sas.sys (disabled)
LSI_SCSI: \SystemRoot\system32\drivers\lsi_scsi.sys (disabled)
UAC File Virtualization: \SystemRoot\system32\drivers\luafv.sys (autostart)
@%SystemRoot%\ehome\ehres.dll,-15501: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
mdmxsdk: system32\DRIVERS\mdmxsdk.sys (autostart)
megasas: \SystemRoot\system32\drivers\megasas.sys (disabled)
@%systemroot%\system32\mmcss.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Modem: system32\drivers\modem.sys (manual start)
Microsoft Monitor Class Function Driver Service: system32\DRIVERS\monitor.sys (manual start)
Mouse Class Driver: system32\DRIVERS\mouclass.sys (system)
Mouse HID Driver: \SystemRoot\system32\drivers\mouhid.sys (disabled)
Mount Point Manager: System32\drivers\mountmgr.sys (system)
Microsoft Multi-Path Bus Driver: \SystemRoot\system32\drivers\mpio.sys (disabled)
@%SystemRoot%\system32\FirewallAPI.dll,-23092: System32\drivers\mpsdrv.sys (manual start)
@%SystemRoot%\system32\FirewallAPI.dll,-23090: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
Mraid35x: \SystemRoot\system32\drivers\mraid35x.sys (disabled)
WebDav Client Redirector Driver: \SystemRoot\system32\drivers\mrxdav.sys (manual start)
SMB MiniRedirector Wrapper and Engine: system32\DRIVERS\mrxsmb.sys (manual start)
SMB 1.x MiniRedirector: system32\DRIVERS\mrxsmb10.sys (manual start)
SMB 2.0 MiniRedirector: system32\DRIVERS\mrxsmb20.sys (manual start)
msahci: \SystemRoot\system32\drivers\msahci.sys (disabled)
MSCSPTISRV: C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe (manual start)
Microsoft Multi-Path Device Specific Module: \SystemRoot\system32\drivers\msdsm.sys (disabled)
@comres.dll,-2797: %SystemRoot%\System32\msdtc.exe (manual start)
ISA/EISA Class Driver: system32\drivers\msisadrv.sys (system)
@%SystemRoot%\system32\iscsidsc.dll,-5000: %systemroot%\system32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\system32\msimsg.dll,-27: %systemroot%\system32\msiexec /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (manual start)
SQL Server (VAIO_VEDB): "C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sVAIO_VEDB (autostart)
SQL Server Active Directory Helper: "C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe" (disabled)
Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
Mup: System32\Drivers\mup.sys (system)
@%SystemRoot%\system32\qagentrt.dll,-6: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
NativeWiFi Filter: system32\DRIVERS\nwifi.sys (manual start)
NAVENG: \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070930.018\NAVENG.SYS (manual start)
NAVEX15: \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070930.018\NAVEX15.SYS (manual start)
NDIS System Driver: system32\drivers\ndis.sys (system)
Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start)
NetBIOS Interface: system32\DRIVERS\netbios.sys (system)
NETBT: System32\DRIVERS\netbt.sys (system)
@%SystemRoot%\System32\netlogon.dll,-102: %systemroot%\system32\lsass.exe (manual start)
@%SystemRoot%\system32\netman.dll,-109: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%SystemRoot%\system32\netprof.dll,-246: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201: "%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" (disabled)
nfrd960: \SystemRoot\system32\drivers\nfrd960.sys (disabled)
@%SystemRoot%\System32\nlasvc.dll,-1: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
@%SystemRoot%\system32\nsisvc.dll,-200: %systemroot%\system32\svchost.exe -k LocalService (autostart)
NSI proxy service: system32\drivers\nsiproxy.sys (system)
N-trig HID Tablet Driver: \SystemRoot\system32\drivers\ntrigdigi.sys (disabled)
nvraid: \SystemRoot\system32\drivers\nvraid.sys (disabled)
nvstor: \SystemRoot\system32\drivers\nvstor.sys (disabled)
NVIDIA nForce AGP Bus Filter: \SystemRoot\system32\drivers\nv_agp.sys (manual start)
IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start)
Microsoft Office Diagnostics Service: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" (manual start)
Texas Instruments OHCI Compliant IEEE 1394 Host Controller: system32\DRIVERS\ohci1394.sys (manual start)
Office Source Engine: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (manual start)
@%SystemRoot%\system32\p2psvc.dll,-8004: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\system32\p2psvc.dll,-8006: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
PACSPTISVR: C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe (manual start)
Parallel port driver: \SystemRoot\system32\drivers\parport.sys (manual start)
Partition Manager: System32\drivers\partmgr.sys (system)
Parvdm: \SystemRoot\system32\drivers\parvdm.sys (autostart)
@%SystemRoot%\system32\pcasvc.dll,-1: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
PCI Bus Driver: system32\drivers\pci.sys (system)
pciide: \SystemRoot\system32\drivers\pciide.sys (disabled)
pcmcia: system32\DRIVERS\pcmcia.sys (system)
PEAUTH: system32\drivers\peauth.sys (autostart)
@%systemroot%\system32\pla.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (manual start)
@%SystemRoot%\system32\umpnpmgr.dll,-100: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
@%SystemRoot%\system32\p2psvc.dll,-8002: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\system32\p2psvc.dll,-8000: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\System32\polstore.dll,-5010: %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted (autostart)
WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start)
Processor Driver: \SystemRoot\system32\drivers\processr.sys (disabled)
@%systemroot%\system32\profsvc.dll,-300: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\psbase.dll,-300: %SystemRoot%\system32\lsass.exe (manual start)
@%SystemRoot%\System32\drivers\pacer.sys,-101: system32\DRIVERS\pacer.sys (system)
PxHelp20: System32\Drivers\PxHelp20.sys (system)
QLogic Fibre Channel Miniport Driver: \SystemRoot\system32\drivers\ql2300.sys (disabled)
QLogic iSCSI Miniport Driver: \SystemRoot\system32\drivers\ql40xx.sys (disabled)
@%SystemRoot%\system32\qwave.dll,-1: %windir%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\drivers\qwavedrv.sys,-1: \SystemRoot\system32\drivers\qwavedrv.sys (manual start)
Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system)
@%Systemroot%\system32\rasauto.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
@%Systemroot%\system32\rasmans.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: system32\DRIVERS\raspppoe.sys (manual start)
Redirected Buffering Sub Sysytem: system32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Terminal Server Device Redirector Driver: \SystemRoot\system32\drivers\rdpdr.sys (disabled)
RDP Encoder Mirror Driver: system32\drivers\rdpencdd.sys (system)
@%Systemroot%\system32\mprdim.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
@regsvc.dll,-1: %SystemRoot%\system32\svchost.exe -k regsvc (manual start)
@%systemroot%\system32\Locator.exe,-2: %SystemRoot%\system32\locator.exe (manual start)
@oleres.dll,-5010: %SystemRoot%\system32\svchost.exe -k rpcss (autostart)
Link-Layer Topology Discovery Responder: system32\DRIVERS\rspndr.sys (autostart)
@%SystemRoot%\system32\samsrv.dll,-1: %SystemRoot%\system32\lsass.exe (autostart)
SBP-2 Transport/Protocol Bus Driver: \SystemRoot\system32\drivers\sbp2port.sys (disabled)
@%SystemRoot%\System32\SCardSvr.dll,-1: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\schedsvc.dll,-100: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\System32\certprop.dll,-13: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\system32\sdrsvc.dll,-107: %SystemRoot%\system32\svchost.exe -k SDRSVC (manual start)
@%SystemRoot%\system32\seclogon.dll,-7001: %windir%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\Sens.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum Filter Driver: \SystemRoot\system32\drivers\serenum.sys (manual start)
Serial Port Driver: \SystemRoot\system32\drivers\serial.sys (manual start)
Serial Mouse Driver: \SystemRoot\system32\drivers\sermouse.sys (disabled)
@%SystemRoot%\System32\SessEnv.dll,-1026: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
SFF Storage Class Driver: \SystemRoot\system32\drivers\sffdisk.sys (disabled)
SFF Storage Protocol Driver for MMC: \SystemRoot\system32\drivers\sffp_mmc.sys (manual start)
SFF Storage Protocol Driver for SDBus: \SystemRoot\system32\drivers\sffp_sd.sys (manual start)
High-Capacity Floppy Disk Drive: system32\DRIVERS\sfloppy.sys (manual start)
@%SystemRoot%\system32\ipnathlp.dll,-106: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
@%SystemRoot%\System32\shsvcs.dll,-12288: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SIS AGP Bus Filter: \SystemRoot\system32\drivers\sisagp.sys (manual start)
SiSRaid2: \SystemRoot\system32\drivers\sisraid2.sys (disabled)
SiSRaid4: \SystemRoot\system32\drivers\sisraid4.sys (disabled)
@%SystemRoot%\system32\SLsvc.exe,-101: %SystemRoot%\system32\SLsvc.exe (autostart)
@%SystemRoot%\system32\SLUINotify.dll,-103: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\tcpipcfg.dll,-50005: system32\DRIVERS\smb.sys (system)
Sony Firmware Extension Parser Device: System32\Drivers\SonyNC.sys (manual start)
@%SystemRoot%\system32\snmptrap.exe,-3: %SystemRoot%\System32\snmptrap.exe (manual start)
SonicStage Back-End Service: "C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe" (manual start)
SPBBCDrv: \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (system)
@%systemroot%\system32\spoolsv.exe,-1: %SystemRoot%\System32\spoolsv.exe (autostart)
Sony SPTI Service: C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe (manual start)
SQL Server Browser: "C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe" (autostart)
SQL Server VSS Writer: "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" (autostart)
SRTSP: System32\Drivers\SRTSP.SYS (manual start)
SRTSPL: System32\Drivers\SRTSPL.SYS (manual start)
SRTSPX: System32\Drivers\SRTSPX.SYS (system)
srv: System32\DRIVERS\srv.sys (manual start)
srv2: System32\DRIVERS\srv2.sys (manual start)
srvnet: System32\DRIVERS\srvnet.sys (manual start)
@%systemroot%\system32\ssdpsrv.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
SonicStage SCSI Service: C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe (manual start)
@%SystemRoot%\system32\wiaservc.dll,-9: %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
Software Bus Driver: system32\DRIVERS\swenum.sys (manual start)
@%SystemRoot%\System32\swprv.dll,-103: %SystemRoot%\System32\svchost.exe -k swprv (manual start)
Symantec Core LC: "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" (manual start)
Symantec AppCore Service: "C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe" (autostart)
Symc8xx: \SystemRoot\system32\drivers\symc8xx.sys (disabled)
SYMDNS: \SystemRoot\System32\Drivers\SYMDNS.SYS (manual start)
SymEvent: \??\C:\Windows\system32\Drivers\SYMEVENT.SYS (manual start)
SYMFW: \SystemRoot\System32\Drivers\SYMFW.SYS (manual start)
SYMIDS: \SystemRoot\System32\Drivers\SYMIDS.SYS (manual start)
SYMNDISV: \SystemRoot\System32\Drivers\SYMNDISV.SYS (manual start)
SYMREDRV: \SystemRoot\System32\Drivers\SYMREDRV.SYS (manual start)
SYMTDI: \SystemRoot\System32\Drivers\SYMTDI.SYS (system)
Sym_hi: \SystemRoot\system32\drivers\sym_hi.sys (disabled)
Sym_u3: \SystemRoot\system32\drivers\sym_u3.sys (disabled)
@%SystemRoot%\system32\sysmain.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\TabSvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\tapisrv.dll,-10100: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\system32\tbssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\tcpipcfg.dll,-50003: System32\drivers\tcpip.sys (system)
Microsoft IPv6 Protocol Driver: system32\DRIVERS\tcpip.sys (manual start)
TCP/IP Registry Compatibility: System32\drivers\tcpipreg.sys (autostart)
TDPIPE: system32\drivers\tdpipe.sys (manual start)
TDTCP: system32\drivers\tdtcp.sys (manual start)
@%SystemRoot%\system32\tcpipcfg.dll,-50004: system32\DRIVERS\tdx.sys (system)
Terminal Device Driver: system32\DRIVERS\termdd.sys (system)
@%SystemRoot%\System32\termsrv.dll,-268: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
@%SystemRoot%\System32\shsvcs.dll,-8192: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\mmcss.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
ti21sony: system32\drivers\ti21sony.sys (manual start)
@%SystemRoot%\system32\trkwks.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\servicing\TrustedInstaller.exe,-100: %SystemRoot%\servicing\TrustedInstaller.exe (manual start)
Terminal Services Security Filter Driver: System32\DRIVERS\tssecsrv.sys (manual start)
Microsoft Tun Miniport Adapter Driver: system32\DRIVERS\tunmp.sys (manual start)
Microsoft IPv6 Tunnel Miniport Adapter Driver: system32\DRIVERS\tunnel.sys (manual start)
Microsoft AGPv3.5 Filter: \SystemRoot\system32\drivers\uagp35.sys (manual start)
udfs: system32\DRIVERS\udfs.sys (disabled)
@%SystemRoot%\system32\ui0detect.exe,-101: %SystemRoot%\system32\UI0Detect.exe (manual start)
Uli AGP Bus Filter: \SystemRoot\system32\drivers\uliagpkx.sys (manual start)
uliahci: \SystemRoot\system32\drivers\uliahci.sys (disabled)
UlSata: \SystemRoot\system32\drivers\ulsata.sys (disabled)
ulsata2: \SystemRoot\system32\drivers\ulsata2.sys (disabled)
UMBus Enumerator Driver: system32\DRIVERS\umbus.sys (manual start)
@%systemroot%\system32\upnphost.dll,-213: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Microsoft USB Generic Parent Driver: \SystemRoot\system32\drivers\usbccgp.sys (disabled)
eHome Infrared Receiver (USBCIR): \SystemRoot\system32\drivers\usbcir.sys (disabled)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
USB2 Enabled Hub: system32\DRIVERS\usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: \SystemRoot\system32\drivers\usbohci.sys (disabled)
Microsoft USB PRINTER Class: \SystemRoot\system32\drivers\usbprint.sys (disabled)
USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start)
USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (manual start)
Messenger Sharing Folders USN Journal Reader service: "C:\Program Files\MSN Messenger\usnsvc.exe" (manual start)
@%SystemRoot%\system32\dwm.exe,-2000: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
VAIO Entertainment TV Device Arbitration Service: "C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe" (manual start)
VAIO Event Service: C:\Program Files\sony\VAIO Event Service\VESMgr.exe (autostart)
VAIO Media Integrated Server: C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe (manual start)
VAIO Media Integrated Server (HTTP): "C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP" (manual start)
VAIO Media Integrated Server (UPnP): C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (manual start)
VAIO Media Content Collection: C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe (manual start)
VAIO Media Content Collection (HTTP): "C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" (manual start)
VAIO Media Content Collection (UPnP): C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (manual start)
VAIO Entertainment UPnP Client Adapter: C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -RunBySCM (manual start)
@%SystemRoot%\system32\vds.exe,-100: %SystemRoot%\System32\vds.exe (manual start)
vga: system32\DRIVERS\vgapnp.sys (manual start)
VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
VIA AGP Bus Filter: \SystemRoot\system32\drivers\viaagp.sys (manual start)
VIA C7 Processor Driver: \SystemRoot\system32\drivers\viac7.sys (disabled)
viaide: \SystemRoot\system32\drivers\viaide.sys (disabled)
Volume Manager Driver: system32\drivers\volmgr.sys (system)
Dynamic Volume Manager: System32\drivers\volmgrx.sys (system)
Storage volumes: system32\drivers\volsnap.sys (system)
vsmraid: \SystemRoot\system32\drivers\vsmraid.sys (disabled)
@%systemroot%\system32\vssvc.exe,-102: %systemroot%\system32\vssvc.exe (manual start)
VAIO Entertainment Database Service: "C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe" (autostart)
VAIO Entertainment File Import Service: C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (autostart)
@%SystemRoot%\system32\w32time.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Wacom Serial Pen HID Driver: \SystemRoot\system32\drivers\wacompen.sys (disabled)
Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start)
Remote Access IPv6 ARP Driver: system32\DRIVERS\wanarp.sys (system)
WAN Miniport (ATW): system32\DRIVERS\wanatw4.sys (manual start)
@%SystemRoot%\system32\wcncsvc.dll,-3: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\WcsPlugInService.dll,-200: %SystemRoot%\system32\svchost.exe -k wcssvc (manual start)
Microsoft Watchdog Timer Driver: \SystemRoot\system32\drivers\wd.sys (disabled)
Kernel Mode Driver Frameworks service: system32\drivers\Wdf01000.sys (system)
@%systemroot%\system32\wdi.dll,-502: %SystemRoot%\System32\svchost.exe -k wdisvc (manual start)
@%systemroot%\system32\wdi.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\system32\webclnt.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
@%SystemRoot%\system32\wecsvc.dll,-200: %SystemRoot%\system32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\System32\wercplsupport.dll,-101: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\System32\wersvc.dll,-100: %SystemRoot%\System32\svchost.exe -k WerSvcGroup (autostart)
winachsf: system32\DRIVERS\HSX_CNXT.sys (manual start)
@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103: %SystemRoot%\System32\svchost.exe -k secsvcs (autostart)
@%SystemRoot%\system32\winhttp.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%Systemroot%\system32\wbem\wmisvc.dll,-205: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%Systemroot%\system32\wsmsvc.dll,-101: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\System32\wlansvc.dll,-257: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Microsoft Windows Management Interface for ACPI: \SystemRoot\system32\drivers\wmiacpi.sys (disabled)
@%Systemroot%\system32\wbem\wmiapsrv.exe,-110: %systemroot%\system32\wbem\WmiApSrv.exe (manual start)
@%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101: "%ProgramFiles%\Windows Media Player\wmpnetwk.exe" (manual start)
@%SystemRoot%\system32\wpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\system32\wpdbusenum.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Winsock IFS driver: \SystemRoot\system32\drivers\ws2ifsl.sys (disabled)
@%SystemRoot%\System32\wscsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@%systemroot%\system32\SearchIndexer.exe,-103: %systemroot%\system32\SearchIndexer.exe /Embedding (autostart)
@%systemroot%\system32\wuaueng.dll,-105: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
WUDFRd: system32\DRIVERS\WUDFRd.sys (manual start)
@%SystemRoot%\system32\wudfsvc.dll,-1000: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
XAudio: system32\DRIVERS\xaudio.sys (autostart)
XAudioService: %SystemRoot%\system32\DRIVERS\xaudio.exe (autostart)
NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller: system32\DRIVERS\yk60x86.sys (manual start)


--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\Users\Cobra!\AppData\Local\Temp\symlcsv1.exe|||\

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\Windows\system32\webcheck.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

End of report, 55,063 bytes
Report generated in 1.061 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

#6 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:11:29 AM

Posted 01 October 2007 - 04:21 PM

Can you describe in as much detail as possible the popups you are receiving please.
Do they occur on all sites, or just certain ones...how often do they occur?

#7 roger007

roger007
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 01 October 2007 - 07:39 PM

the pop ups are coming about 10 every hour,they are now blank since i ran spybot. before they would say your system is infected etc or just adverts for all sorts of things here's a screen shot of what i get now.I've ran Spybot a couple more times,it keeps finding something called spyware-secure :thumbsup:
Posted Image

#8 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:11:29 AM

Posted 02 October 2007 - 03:01 PM

Run HijackThis.
On the first menu, click Open the Misc Tools Section
Click Open Uninstall Manager
Click Save List - Save it anywhere.
A notepad will pop-up after it's saved, please copy everything in that Notepad and paste it here.

Download GMER from Here
Right Click the Zip and Select "Extract All"
Double Click gmer.exe to launch the program.
Click on the Rootkit Tab and then click Scan.
It takes a while to run, once complete, copy the results to notepad and save them somewhere safe.
Post those results in the next reply.

#9 roger007

roger007
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 02 October 2007 - 05:31 PM

here's hijackthis,other to follow hopefully as at the last attempt with GMER the computer crashed,so i'll use 2 posts.


Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware 2007
Adobe Flash Player ActiveX
Adobe Reader 8
Adobe Shockwave Player
Alps Pointing-device for VAIO
AOL Registration
AOL Uninstaller (Choose which Products to Remove)
AppCore
AV
Browser Address Error Redirector
ccCommon
Click to DVD 2.0.05 Menu Data
Click to DVD 2.6.00
Google Desktop
Google Earth
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
GTK+ 2.10.13 runtime environment
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HijackThis 2.0.2
Intel® Graphics Media Accelerator Driver
Jasc Animation Shop 3
Java™ SE Runtime Environment 6
Kaspersky Online Scanner
LAN-Express AS IEEE 802.11 Wireless LAN
LimeWire 4.14.10
LimeWire Download Accelerator 4.12.11
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Map Button (Windows Live Toolbar)
Messenger Plus! Live
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSRedist
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Norton AntiVirus
Norton Confidential Browser Component
Norton Confidential Web Protection Component
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
OpenMG Limited Patch 4.7-07-13-24-01
OpenMG Secure Module 4.7.00
Picasa 2
Realtek High Definition Audio Driver
RTC Client API v1.2
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Excel 2007 (KB936509)
Security Update for Office 2007 (KB934062)
Security Update for Office 2007 (KB936514)
Security Update for the 2007 Microsoft Office System (KB936960)
Setting Utility Series
Skype 3.0
Skype Plugin Manager
Smart Menus (Windows Live Toolbar)
Sonic & Knuckles Killer !
SONIC ADVENTURE DX-Director's Cut Demo A Version
SONIC HEROES TRIAL
SonicStage 4.3
Sony Utilities DLL
Sony Video Shared Library
SPBBC 32bit
Spybot - Search & Destroy
Symantec Technical Support Web Controls
SymNet
The GIMP 2.2.17
Update for Office 2007 (KB932080)
Update for Office 2007 (KB934391)
Update for Office 2007 (KB934393)
Update for Office System 2007 Setup (KB929722)
Update for Word 2007 (KB934173)
VAIO Aqua Breeze Wallpaper
VAIO Control Center
VAIO Cozy Orange Wallpaper
VAIO Data Restore Tool
VAIO Entertainment Platform
VAIO Event Service
VAIO Hardware Diagnostics
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.0
VAIO Media Redistribution 6.0
VAIO Media Registration Tool 6.0
VAIO Original Screen Saver
VAIO Photo 2007
VAIO Power Management
VAIO Tender Green Wallpaper
VAIO Update 3
VAIO Video & Photo Suite
Viewpoint Media Player
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
WinDVD for VAIO
Wireless Switch Setting Utility

#10 roger007

roger007
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 02 October 2007 - 05:54 PM

here's gmer report


GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-10-02 23:50:22
Windows 6.0.6000


---- System - GMER 1.0.13 ----

SSDT 89825998 ZwAlertResumeThread
SSDT 89825A78 ZwAlertThread
SSDT 89827808 ZwAllocateVirtualMemory
SSDT 8989B748 ZwConnectPort
SSDT 898256E8 ZwCreateMutant
SSDT 8982CAA8 ZwCreateThread
SSDT 8982E770 ZwFreeVirtualMemory
SSDT 898257D8 ZwImpersonateAnonymousToken
SSDT 898258B8 ZwImpersonateThread
SSDT 8982E670 ZwMapViewOfSection
SSDT 89825608 ZwOpenEvent
SSDT 898278D8 ZwOpenProcessToken
SSDT 8982C3C8 ZwOpenThreadToken
SSDT 89830E00 ZwResumeThread
SSDT 8982C2E8 ZwSetContextThread
SSDT 8982E4A0 ZwSetInformationProcess
SSDT 8982C1F8 ZwSetInformationThread
SSDT 89825528 ZwSuspendProcess
SSDT 89825BA0 ZwSuspendThread
SSDT 8982CB88 ZwTerminateProcess
SSDT 8982C118 ZwTerminateThread
SSDT 8982E590 ZwUnmapViewOfSection
SSDT 89827718 ZwWriteVirtualMemory

---- User code sections - GMER 1.0.13 ----

.text C:\Windows\system32\csrss.exe[592] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 0130200E
.text C:\Windows\system32\csrss.exe[592] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 01301DAF
.text C:\Windows\system32\csrss.exe[592] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 01301CF2
.text C:\Windows\system32\csrss.exe[592] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 0130191B
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 1000200E
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 1000191B
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] kernel32.dll!FindResourceW 76F133FE 5 Bytes JMP 28001A50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] kernel32.dll!SizeofResource 76F1341C 7 Bytes JMP 28001C10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] kernel32.dll!SetUnhandledExceptionFilter 76F1D187 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\msnmsgr.exe
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] kernel32.dll!CreateEventA 76F37B60 5 Bytes JMP 28001830 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] kernel32.dll!LockResource 76F3D5DF 5 Bytes JMP 28001CC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] kernel32.dll!FindResourceExW 76F3D673 7 Bytes JMP 28001AD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] kernel32.dll!LoadResource 76F3D74B 1 Byte [ E9 ]
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] kernel32.dll!LoadResource + 2 76F3D74D 5 Bytes [ 44, 0C, B1, CC, CC ]
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] ADVAPI32.dll!CryptDeriveKey 7718D229 7 Bytes JMP 28001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] ADVAPI32.dll!CryptDecrypt 7718D359 7 Bytes JMP 28001050 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] USER32.dll!SetWindowPlacement 772474E1 5 Bytes JMP 28004CD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] USER32.dll!TrackPopupMenuEx 7724C76F 5 Bytes JMP 28004230 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] USER32.dll!SetWindowRgn 7724E016 7 Bytes JMP 28004DB0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] USER32.dll!CreateWindowExW 772585F8 5 Bytes JMP 28003370 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] USER32.dll!PeekMessageW 772625BC 5 Bytes JMP 28003A60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] USER32.dll!MessageBoxIndirectW 7726F1B3 5 Bytes JMP 28004FB0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] USER32.dll!CreateDialogParamW 7727A500 5 Bytes JMP 28004E50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] WS2_32.dll!closesocket 76EB3847 5 Bytes JMP 280094B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] WS2_32.dll!send 76EB3A8A 5 Bytes JMP 28009120 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] WS2_32.dll!recv 76EB4ABD 5 Bytes JMP 28008D80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] WS2_32.dll!WSASend 76EB4EE9 5 Bytes JMP 280092A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] WS2_32.dll!WSARecv 76EB72B5 5 Bytes JMP 28008F10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] SHELL32.dll!Shell_NotifyIconW 7623310C 5 Bytes JMP 28002B50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] ole32.dll!CoRegisterClassObject 773839AC 5 Bytes JMP 28001E20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] ole32.dll!CoInitializeEx 773B885D 5 Bytes JMP 28001D20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] WININET.dll!InternetCloseHandle 76FDDA89 5 Bytes JMP 28007FF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] WININET.dll!HttpOpenRequestA 76FE4331 5 Bytes JMP 28007D10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] WININET.dll!InternetReadFile 76FEABBC 5 Bytes JMP 28007E70 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1000] WININET.dll!HttpSendRequestA 76FECD48 5 Bytes JMP 28007F40 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\Apoint\ApMsgFwd.exe[1172] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Apoint\ApMsgFwd.exe[1172] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Apoint\ApMsgFwd.exe[1172] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Apoint\ApMsgFwd.exe[1172] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 1000191B
.text C:\Program Files\Windows Sidebar\sidebar.exe[2192] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Windows Sidebar\sidebar.exe[2192] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Windows Sidebar\sidebar.exe[2192] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Windows Sidebar\sidebar.exe[2192] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 1000191B
.text C:\Program Files\Google\Google Updater\GoogleUpdater.exe[2564] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 00C8200E
.text C:\Program Files\Google\Google Updater\GoogleUpdater.exe[2564] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 00C81DAF
.text C:\Program Files\Google\Google Updater\GoogleUpdater.exe[2564] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 00C81CF2
.text C:\Program Files\Google\Google Updater\GoogleUpdater.exe[2564] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 00C8191B
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2568] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2568] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2568] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2568] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 1000191B
.text C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe[2604] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 00ED200E
.text C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe[2604] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 00ED1DAF
.text C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe[2604] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 00ED1CF2
.text C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe[2604] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 00ED191B
.text C:\Program Files\Apoint\Apntex.exe[2648] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 003B200E
.text C:\Program Files\Apoint\Apntex.exe[2648] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 003B1DAF
.text C:\Program Files\Apoint\Apntex.exe[2648] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 003B1CF2
.text C:\Program Files\Apoint\Apntex.exe[2648] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 003B191B
.text C:\Windows\system32\igfxext.exe[2772] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 00D5200E
.text C:\Windows\system32\igfxext.exe[2772] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 00D51DAF
.text C:\Windows\system32\igfxext.exe[2772] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 00D51CF2
.text C:\Windows\system32\igfxext.exe[2772] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 00D5191B
.text C:\Windows\system32\igfxsrvc.exe[2800] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 003D200E
.text C:\Windows\system32\igfxsrvc.exe[2800] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 003D1DAF
.text C:\Windows\system32\igfxsrvc.exe[2800] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 003D1CF2
.text C:\Windows\system32\igfxsrvc.exe[2800] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 003D191B
.text C:\Windows\system32\Dwm.exe[3376] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 0173200E
.text C:\Windows\system32\Dwm.exe[3376] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 01731DAF
.text C:\Windows\system32\Dwm.exe[3376] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 01731CF2
.text C:\Windows\system32\Dwm.exe[3376] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 0173191B
.text C:\Windows\system32\taskeng.exe[3424] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 016B200E
.text C:\Windows\system32\taskeng.exe[3424] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 016B1DAF
.text C:\Windows\system32\taskeng.exe[3424] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 016B1CF2
.text C:\Windows\system32\taskeng.exe[3424] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 016B191B
.text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 019C200E
.text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 019C1DAF
.text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 019C1CF2
.text C:\Windows\Explorer.EXE[3436] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 019C191B
.text C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe[3656] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe[3656] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe[3656] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe[3656] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 1000191B
.text c:\users\cobra!\appdata\local\microsoft\possalavrv.exe[3772] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 1000200E
.text c:\users\cobra!\appdata\local\microsoft\possalavrv.exe[3772] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 10001DAF
.text c:\users\cobra!\appdata\local\microsoft\possalavrv.exe[3772] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 10001CF2
.text c:\users\cobra!\appdata\local\microsoft\possalavrv.exe[3772] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 1000191B
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3888] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 0156200E
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3888] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 01561DAF
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3888] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 01561CF2
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[3888] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 0156191B
.text C:\Windows\System32\hkcmd.exe[3908] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 003B200E
.text C:\Windows\System32\hkcmd.exe[3908] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 003B1DAF
.text C:\Windows\System32\hkcmd.exe[3908] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 003B1CF2
.text C:\Windows\System32\hkcmd.exe[3908] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 003B191B
.text C:\Windows\System32\igfxpers.exe[3916] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 0029200E
.text C:\Windows\System32\igfxpers.exe[3916] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 00291DAF
.text C:\Windows\System32\igfxpers.exe[3916] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 00291CF2
.text C:\Windows\System32\igfxpers.exe[3916] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 0029191B
.text C:\Program Files\Apoint\Apoint.exe[3996] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 00CC200E
.text C:\Program Files\Apoint\Apoint.exe[3996] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 00CC1DAF
.text C:\Program Files\Apoint\Apoint.exe[3996] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 00CC1CF2
.text C:\Program Files\Apoint\Apoint.exe[3996] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 00CC191B
.text C:\Program Files\sony\ISB Utility\ISBMgr.exe[4008] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 0163200E
.text C:\Program Files\sony\ISB Utility\ISBMgr.exe[4008] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 01631DAF
.text C:\Program Files\sony\ISB Utility\ISBMgr.exe[4008] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 01631CF2
.text C:\Program Files\sony\ISB Utility\ISBMgr.exe[4008] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 0163191B
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 0122200E
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 01221DAF
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 01221CF2
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 0122191B
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe[4564] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe[4564] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe[4564] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe[4564] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 1000191B
.text C:\Program Files\AOL 9.0 VR\waol.exe[5552] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 0094200E
.text C:\Program Files\AOL 9.0 VR\waol.exe[5552] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 00941DAF
.text C:\Program Files\AOL 9.0 VR\waol.exe[5552] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 00941CF2
.text C:\Program Files\AOL 9.0 VR\waol.exe[5552] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 0094191B
.text C:\Program Files\Internet Explorer\iexplore.exe[5560] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Internet Explorer\iexplore.exe[5560] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Internet Explorer\iexplore.exe[5560] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Internet Explorer\iexplore.exe[5560] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 1000191B
.text C:\Program Files\Internet Explorer\iexplore.exe[5560] USER32.dll!DialogBoxIndirectParamW 772514EA 5 Bytes JMP 6F290297 C:\Windows\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[5560] USER32.dll!MessageBoxExA 7726570D 5 Bytes JMP 6F2901DE C:\Windows\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[5560] USER32.dll!DialogBoxParamA 772665BF 5 Bytes JMP 6F29025C C:\Windows\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[5560] USER32.dll!MessageBoxIndirectW 7726F1B3 5 Bytes JMP 6F12164E C:\Windows\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[5560] USER32.dll!DialogBoxParamW 7727129F 5 Bytes JMP 6F0FF2A1 C:\Windows\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[5560] USER32.dll!DialogBoxIndirectParamA 772929C9 5 Bytes JMP 6F2902D2 C:\Windows\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[5560] USER32.dll!MessageBoxIndirectA 7729FACF 5 Bytes JMP 6F290218 C:\Windows\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[5560] USER32.dll!MessageBoxExW 7729FBC9 5 Bytes JMP 6F2901A4 C:\Windows\system32\IEFRAME.dll
.text C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 1000200E
.text C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 10001DAF
.text C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 10001CF2
.text C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 1000191B
.text C:\Program Files\AOL 9.0 VR\shellmon.exe[6124] ntdll.dll!NtEnumerateKey 7753F8A4 5 Bytes JMP 1000200E
.text C:\Program Files\AOL 9.0 VR\shellmon.exe[6124] ntdll.dll!NtEnumerateValueKey 7753F8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\AOL 9.0 VR\shellmon.exe[6124] ntdll.dll!NtQueryDirectoryFile 7753FDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\AOL 9.0 VR\shellmon.exe[6124] ntdll.dll!NtQuerySystemInformation 7753FFD4 5 Bytes JMP 1000191B

---- User IAT/EAT - GMER 1.0.13 ----

IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[1432] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[4088] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\ole32.dll [USER32.dll!DialogBoxParamW] [6B78D52B] C:\Windows\AppPatch\AcSpecfc.DLL
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamW] [6B78D52B] C:\Windows\AppPatch\AcSpecfc.DLL
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DialogBoxParamW] [6B78D52B] C:\Windows\AppPatch\AcSpecfc.DLL
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Windows\system32\SearchProtocolHost.exe[4440] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\user32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\user32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[5552] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [6B3B1923] C:\Windows\AppPatch\AcLayers.DLL
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!RegisterWaitForInputIdle] [6B3B13AA] C:\Windows\AppPatch\AcLayers.DLL
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [6B3B1923] C:\Windows\AppPatch\AcLayers.DLL
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [6B3B1923] C:\Windows\AppPatch\AcLayers.DLL
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Program Files\Internet Explorer\iexplore.exe[5560] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [6A748926] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [6A748B5F] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [6A748A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6A74A3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [6A749845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [6A749669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] [6A749BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6A748926] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6A74A3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6A748A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!OpenFile] [6A748CB4] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CopyFileW] [6A748926] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeleteFileW] [6A748A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!MoveFileW] [6A748B5F] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateFileW] [6A74A3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateFileW] [6A74A3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegCreateKeyExA] [6A74955A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] [6A749B2B] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExA] [6A749771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExW] [6A749845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [6A742E1C] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [6A748A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [6A742C06] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [6A74A3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [6A742A08] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!AccessCheck] [6A74886A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueW] [6A749A83] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteValueW] [6A749D29] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExW] [6A749845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] [6A749BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW] [6A749669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExA] [6A749771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6A748A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6A748FD6] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6A74A3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6A748F7E] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6A74A2A5] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] [6A749B2B] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [6A74955A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [6A749771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueA] [6A749C87] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [6A749669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [6A749845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] [6A749BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueW] [6A749D29] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] [6A749BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!SetFileSecurityW] [6A749E24] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExA] [6A749771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegCreateKeyExW] [6A749669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExW] [6A749845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!AccessCheck] [6A74886A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateFileW] [6A74A3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!MoveFileExW] [6A748C44] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6A748926] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6A748B5F] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [6A748A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [6A748FD6] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6A748C44] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [6A74A3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW] [6A749845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] [6A749BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW] [6A749669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteValueW] [6A749D29] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW] [6A749A83] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW] [6A7494C8] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!SetFileSecurityW] [6A749E24] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!AccessCheck] [6A74886A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA] [6A749771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!PrivCopyFileExW] [6A748F1A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!MoveFileExW] [6A748C44] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeleteFileW] [6A748A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!CreateFileW] [6A74A3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetFileAttributesW] [6A748FD6] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!SetFileSecurityW] [6A749E24] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegCreateKeyExW] [6A749669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] [6A749BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegOpenKeyExW] [6A749845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!CreateFileW] [6A74A3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegCreateKeyExW] [6A749669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] [6A749BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegOpenKeyExW] [6A749845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegCreateKeyExA] [6A74955A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegOpenKeyExA] [6A749771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] [6A749BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] [6A749B2B] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegOpenKeyExA] [6A749771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegCreateKeyExA] [6A74955A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] [6A749B2B] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegOpenKeyExW] [6A749845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\AppData\Local\Temp\Temp1_gmer.zip\gmer.exe[5944] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [6DE84618] C:\Windows\system32\ShimEng.dll

---- Devices - GMER 1.0.13 ----

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CLOSE [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_READ [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_WRITE [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_INFORMATION [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_INFORMATION [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_EA [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_EA [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_FLUSH_BUFFERS [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DEVICE_CONTROL [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SHUTDOWN [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_LOCK_CONTROL [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CLEANUP [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE_MAILSLOT [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_SECURITY [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_SECURITY [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_POWER [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SYSTEM_CONTROL [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DEVICE_CHANGE [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_QUOTA [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_QUOTA [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CLOSE [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_READ [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_WRITE [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_INFORMATION [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_INFORMATION [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_EA [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_EA [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_FLUSH_BUFFERS [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DIRECTORY_CONTROL [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DEVICE_CONTROL [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SHUTDOWN [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_LOCK_CONTROL [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CLEANUP [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE_MAILSLOT [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_SECURITY [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_SECURITY [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_POWER [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SYSTEM_CONTROL [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DEVICE_CHANGE [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_QUOTA [897951D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_QUOTA [897951D0] SYMTDI.SYS

---- Processes - GMER 1.0.13 ----

Process c:\users\cobra!\appdata\local\microsoft\possalavrv.exe (*** hidden *** ) 3772
Library c:\users\cobra!\appdata\local\microsoft\possalavrv.exe (*** hidden *** ) @ c:\users\cobra!\appdata\local\microsoft\possalavrv.exe [3772] 0x00400000

---- Registry - GMER 1.0.13 ----

Reg \Registry\USER\S-1-5-21-1941123769-3822138595-3536932832-1003\Software\Microsoft\Windows\CurrentVersion\Run@possalavrv c:\users\cobra!\appdata\local\microsoft\possalavrv.exe possalavrv

---- Files - GMER 1.0.13 ----

File C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.dat
File C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.exe
File C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv_nav.dat
File C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv_navps.dat

---- EOF - GMER 1.0.13 ----

#11 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:11:29 AM

Posted 04 October 2007 - 04:19 PM

Bingo! We are dealing with the navipromo rootkit..

Download KillBox from the following link :
http://www.bleepingcomputer.com/files/killbox.php
Unzip the folder to your desktop.

Start Killbox.exe
Select the "Delete on Reboot" option.
Click on the "All Files" button (!important!),which will then flash green.
Copy the complete text in bold below to the clipboard by highlighting the filepaths and pressing Control + C:

C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.dat
C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.exe
C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv_nav.dat
C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv_navps.dat


Open 'file' in the killboxmenu on top and choose Paste from clipboard
You must use the file File menu--pasting by right-clicking the mouse will only enter one file.
Then press the button that looks like a red circle with a white X in it.
Killbox will tell you that all listed files will be removed on next reboot and asks if you would like to Reboot now, click "yes".
Click OK at any Pending File Rename Operations prompt, let me know if there appear.
If you don't get that message, reboot manually.
Your computer should reboot now.

Reboot and post a new GMER rootkit log..
David

#12 roger007

roger007
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 04 October 2007 - 07:02 PM

sounds nasty ! ,i think i ran killbox correctly but i'm still getting pop-ups,there was no PENDING FILE RENAME PROMPT and it rebooted itself,i then performed another reboot too.

just done a post preview and seems log is too long so i'll try and divide it between 2 posts.




GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-10-05 00:30:13
Windows 6.0.6000


---- System - GMER 1.0.13 ----

SSDT 89A04120 ZwAlertResumeThread
SSDT 89A04200 ZwAlertThread
SSDT 89A04C58 ZwAllocateVirtualMemory
SSDT 891CCE88 ZwConnectPort
SSDT 891DFE80 ZwCreateMutant
SSDT 89A04DE8 ZwCreateThread
SSDT 89A04A98 ZwFreeVirtualMemory
SSDT 891DFF70 ZwImpersonateAnonymousToken
SSDT 89A04040 ZwImpersonateThread
SSDT 89A04998 ZwMapViewOfSection
SSDT 891DFDA0 ZwOpenEvent
SSDT 89A04D28 ZwOpenProcessToken
SSDT 89A046D8 ZwOpenThreadToken
SSDT 89A3CFD0 ZwResumeThread
SSDT 89A045F8 ZwSetContextThread
SSDT 89A047C8 ZwSetInformationProcess
SSDT 89A04508 ZwSetInformationThread
SSDT 891DFCC0 ZwSuspendProcess
SSDT 89A04348 ZwSuspendThread
SSDT 891E2090 ZwTerminateProcess
SSDT 89A04428 ZwTerminateThread
SSDT 89A048B8 ZwUnmapViewOfSection
SSDT 89A04B88 ZwWriteVirtualMemory

---- User code sections - GMER 1.0.13 ----

.text C:\Windows\system32\csrss.exe[592] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 1000200E
.text C:\Windows\system32\csrss.exe[592] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 10001DAF
.text C:\Windows\system32\csrss.exe[592] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 10001CF2
.text C:\Windows\system32\csrss.exe[592] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 1000191B
.text C:\Windows\system32\Dwm.exe[1252] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 00B3200E
.text C:\Windows\system32\Dwm.exe[1252] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 00B31DAF
.text C:\Windows\system32\Dwm.exe[1252] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 00B31CF2
.text C:\Windows\system32\Dwm.exe[1252] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 00B3191B
.text C:\Windows\Explorer.EXE[1808] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 1000200E
.text C:\Windows\Explorer.EXE[1808] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 10001DAF
.text C:\Windows\Explorer.EXE[1808] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 10001CF2
.text C:\Windows\Explorer.EXE[1808] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 1000191B
.text C:\Windows\system32\taskeng.exe[2012] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 1000200E
.text C:\Windows\system32\taskeng.exe[2012] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 10001DAF
.text C:\Windows\system32\taskeng.exe[2012] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 10001CF2
.text C:\Windows\system32\taskeng.exe[2012] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 1000191B
.text C:\Windows\System32\hkcmd.exe[2220] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 0038200E
.text C:\Windows\System32\hkcmd.exe[2220] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 00381DAF
.text C:\Windows\System32\hkcmd.exe[2220] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 00381CF2
.text C:\Windows\System32\hkcmd.exe[2220] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 0038191B
.text C:\Windows\System32\igfxpers.exe[2232] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 0036200E
.text C:\Windows\System32\igfxpers.exe[2232] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 00361DAF
.text C:\Windows\System32\igfxpers.exe[2232] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 00361CF2
.text C:\Windows\System32\igfxpers.exe[2232] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 0036191B
.text C:\Program Files\Apoint\Apoint.exe[2276] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 004A200E
.text C:\Program Files\Apoint\Apoint.exe[2276] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 004A1DAF
.text C:\Program Files\Apoint\Apoint.exe[2276] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 004A1CF2
.text C:\Program Files\Apoint\Apoint.exe[2276] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 004A191B
.text C:\Program Files\sony\ISB Utility\ISBMgr.exe[2284] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 003F200E
.text C:\Program Files\sony\ISB Utility\ISBMgr.exe[2284] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 003F1DAF
.text C:\Program Files\sony\ISB Utility\ISBMgr.exe[2284] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 003F1CF2
.text C:\Program Files\sony\ISB Utility\ISBMgr.exe[2284] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 003F191B
.text C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe[2300] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe[2300] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe[2300] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe[2300] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 1000191B
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 1000191B
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossing + FFF74F53 75CD15AD 42 Bytes CALL 75C9D9D8
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossing + FFF74F7E 75CD15D8 22 Bytes [ 8B, 47, 08, 89, 46, 0C, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossing + FFF74F95 75CD15EF 17 Bytes [ 5F, 5E, 5D, C2, 08, 00, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossing + FFF74FA7 75CD1601 56 Bytes [ 5D, 0C, 56, 57, 89, 4D, FC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossing + FFF74FE0 75CD163A 58 Bytes CALL 75CD164C C:\Windows\system32\WININET.dll
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCrackUrlW + 69 75CD3F78 37 Bytes [ 00, 33, C0, 6A, 04, 59, 8D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCrackUrlW + 8F 75CD3F9E 48 Bytes [ 75, CC, 8B, 08, 50, FF, 11, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCrackUrlW + C0 75CD3FCF 57 Bytes [ F1, 33, C0, 39, 46, 1C, 74, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCrackUrlW + FA 75CD4009 56 Bytes [ 0F, 8C, AF, 00, 00, 00, 6A, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCrackUrlW + 133 75CD4042 54 Bytes [ 7D, F8, FF, 15, C4, 41, 07, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoExW + 55 75CD61B2 37 Bytes [ 45, 00, 6C, 00, 65, 00, 6D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoExW + 7B 75CD61D8 145 Bytes [ B0, 78, 03, 00, 00, E8, 96, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoExW + 10D 75CD626A 3 Bytes [ 6E, 00, 53 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoExW + 111 75CD626E 1 Byte [ 74 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoExW + 113 75CD6270 6 Bytes [ 79, 00, 6C, 00, 65, 00 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindCloseUrlCache + 21 75CD689D 9 Bytes [ FF, 0F, 84, A3, C7, 09, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindCloseUrlCache + 2B 75CD68A7 42 Bytes [ 08, 8B, 4E, 14, 8B, 89, 98, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoA + 1A 75CD68D2 25 Bytes [ 01, 4B, 5C, 8B, 46, 14, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoA + 34 75CD68EC 27 Bytes [ 00, FF, 15, 90, 3A, 07, 76, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoA + 50 75CD6908 40 Bytes [ 0F, 85, FE, C7, 09, 00, 83, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoA + 7A 75CD6932 61 Bytes [ 00, 8D, 85, F4, FD, FF, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoA + B8 75CD6970 7 Bytes [ 00, 04, 0F, 85, 7E, C8, 09 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheHeaderData + 30 75CD7E98 148 Bytes CALL 75CD7EB1 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheHeaderData + C6 75CD7F2E 2 Bytes [ FF, 55 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheHeaderData + C9 75CD7F31 162 Bytes [ EC, 8B, 4D, 10, 8B, 45, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheHeaderData + 16C 75CD7FD4 55 Bytes CALL 75D2159A C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheHeaderData + 1A4 75CD800C 4 Bytes CALL 75D117A2 C:\Windows\system32\WININET.dll
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCanonicalizeUrlW + 1 75CD80B5 23 Bytes [ EC, 5D, 90, 90, 90, 90, 90, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCanonicalizeUrlW + 19 75CD80CD 119 Bytes CALL 75CD810B C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCanonicalizeUrlW + 91 75CD8145 107 Bytes [ 62, 1C, 76, 37, A5, 12, 76, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCanonicalizeUrlW + FD 75CD81B1 94 Bytes [ 00, 00, 00, 83, A6, 90, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCanonicalizeUrlW + 15C 75CD8210 106 Bytes [ C6, 5E, 5D, C2, 04, 00, 8B, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionA + 33 75CDD060 7 Bytes [ 37, 00, 45, 00, 34, 00, 32 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionA + 3B 75CDD068 11 Bytes [ 33, 00, 7D, 00, 00, 00, 90, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionA + 47 75CDD074 9 Bytes [ 45, 00, 37, 00, 45, 00, 46, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionA + 51 75CDD07E 11 Bytes [ 34, 00, 43, 00, 2D, 00, 46, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionA + 5D 75CDD08A 21 Bytes [ 31, 00, 2D, 00, 34, 00, 35, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionW + B 75CDD134 80 Bytes [ 36, 00, 2D, 00, 41, 00, 32, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionW + 5C 75CDD185 10 Bytes [ 00, 2D, 00, 41, 00, 44, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionW + 67 75CDD190 53 Bytes [ 2D, 00, 30, 00, 45, 00, 33, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionW + 9D 75CDD1C6 17 Bytes [ 42, 00, 35, 00, 41, 00, 2D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionW + AF 75CDD1D8 5 Bytes [ 38, 00, 46, 00, 31 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCloseHandle + 26 75CDDAAF 28 Bytes [ 00, A8, F6, FF, C7, 40, 78, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCloseHandle + 43 75CDDACC 44 Bytes [ FF, 55, 8B, EC, FF, 75, 0C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCloseHandle + 70 75CDDAF9 53 Bytes [ 56, 57, 8B, F0, 8B, FB, A5, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCloseHandle + A7 75CDDB30 211 Bytes [ 8D, 83, 24, 02, 00, 00, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCloseHandle + 17B 75CDDC04 12 Bytes [ 07, 80, 89, BD, B4, F9, FF, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpAddRequestHeadersA + 1 75CDFB86 132 Bytes [ 08, 50, FF, 51, 08, 8B, C7, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpAddRequestHeadersA + 86 75CDFC0B 18 Bytes [ 8B, FF, 55, 8B, EC, 8B, 45, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpAddRequestHeadersA + 99 75CDFC1E 90 Bytes [ 0F, 85, E5, E3, 0C, 00, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpAddRequestHeadersA + F4 75CDFC79 55 Bytes [ FF, 55, 8B, EC, 51, 51, 83, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpAddRequestHeadersA + 12C 75CDFCB1 69 Bytes [ FD, FF, 8B, 00, 3B, D8, 7D, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpQueryInfoA + B 75CE0C76 113 Bytes [ 8D, 7E, 28, 57, FF, 15, F4, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpQueryInfoA + 7D 75CE0CE8 7 Bytes [ 00, 00, 00, 00, 00, 00, 00 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpQueryInfoA + 85 75CE0CF0 19 Bytes [ A5, 39, 0D, 0F, 17, 75, AD, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpQueryInfoA + 99 75CE0D04 62 Bytes [ EC, FF, 75, 0C, 8B, 45, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpQueryInfoA + D8 75CE0D43 75 Bytes [ F0, 85, F6, 7C, 1B, 8B, 45, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetLockRequestFile + 33 75CE21FA 352 Bytes [ 2A, 76, C5, 97, 2A, 76, 59, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetLockRequestFile + 194 75CE235B 320 Bytes [ 76, F4, 0D, 1C, 76, F4, 0D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetLockRequestFile + 2D5 75CE249C 232 Bytes [ 25, D5, 2B, 76, 43, D5, 2B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetLockRequestFile + 3BE 75CE2585 180 Bytes [ B8, 33, 76, DE, B8, 33, 76, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetLockRequestFile + 473 75CE263A 97 Bytes [ C2, 04, 00, C7, 01, A8, E9, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCreateUrlA + 4 75CE3B5A 38 Bytes [ 08, 57, 8D, 55, 10, 52, 68, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCreateUrlA + 2C 75CE3B82 18 Bytes [ 8B, F8, 8B, 45, 10, 8B, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCreateUrlA + 3F 75CE3B95 15 Bytes [ 8B, FF, 55, 8B, EC, 83, EC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCreateUrlA + 4F 75CE3BA5 27 Bytes [ 00, 56, 8D, 55, EC, 52, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCreateUrlA + 6B 75CE3BC1 20 Bytes [ 04, 07, 80, 8D, 45, EC, 50, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpOpenRequestA + 5B 75CE438C 88 Bytes [ 51, 08, 8B, 45, FC, 8B, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpOpenRequestA + B4 75CE43E5 15 Bytes CALL 75CE4414 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpOpenRequestA + C4 75CE43F5 50 Bytes [ 8B, 06, 57, FF, 75, 10, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpOpenRequestA + F7 75CE4428 8 Bytes [ 83, 60, 14, 00, C3, 8B, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpOpenRequestA + 100 75CE4431 21 Bytes [ EC, 56, 57, 6A, 1C, BF, 0E, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConnectA + 31 75CE49C3 33 Bytes [ 46, 6C, 8B, 58, 14, 8B, 86, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConnectA + 54 75CE49E6 215 Bytes CALL BA5258EE
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConnectA + 12C 75CE4ABE 31 Bytes [ 51, 28, 8B, F8, 85, FF, 7C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConnectA + 14C 75CE4ADE 160 Bytes [ C7, 5F, 5E, 5D, C2, 0C, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConnectA + 1ED 75CE4B7F 13 Bytes [ 00, 00, F6, 45, 08, 01, 74, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConnectW + 32 75CE5BBA 17 Bytes [ 50, 00, 65, 00, 72, 00, 73, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConnectW + 44 75CE5BCC 23 Bytes [ 53, 00, 65, 00, 74, 00, 44, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConnectW + 5C 75CE5BE4 65 Bytes [ 6F, 00, 72, 00, 00, 00, 90, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConnectW + 9E 75CE5C26 25 Bytes [ 50, 00, 72, 00, 6F, 00, 6D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConnectW + B8 75CE5C40 15 Bytes [ 65, 00, 64, 00, 54, 00, 69, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpOpenRequestW + 63 75CE5DC5 3 Bytes CALL A8CE5E20
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpOpenRequestW + 67 75CE5DC9 111 Bytes [ 33, C0, 39, 45, 08, 0F, 9F, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpOpenRequestW + D7 75CE5E39 4 Bytes [ FF, FF, B5, DC ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpOpenRequestW + DE 75CE5E40 72 Bytes CALL 75CE05FF C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpOpenRequestW + 127 75CE5E89 112 Bytes [ DF, 60, FC, FF, 85, C0, 0F, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpQueryInfoW + 59 75CE7EAF 90 Bytes JMP 75DC140D C:\Windows\system32\USER32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpQueryInfoW + B4 75CE7F0A 50 Bytes [ 75, 9C, FF, 15, 28, 3B, 07, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpQueryInfoW + E7 75CE7F3D 36 Bytes [ 45, A4, 83, 7D, A8, 00, 7C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpQueryInfoW + 10C 75CE7F62 5 Bytes [ 90, 90, 44, 00, 72 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpQueryInfoW + 112 75CE7F68 17 Bytes [ 69, 00, 76, 00, 65, 00, 5C, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UnlockUrlCacheEntryFile + 45 75CE90F3 117 Bytes [ 8B, 7D, 10, 83, 27, 00, 85, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UnlockUrlCacheEntryStream + 6E 75CE9169 23 Bytes [ 08, 57, 8D, 45, 08, 50, 8D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UnlockUrlCacheEntryStream + 86 75CE9181 64 Bytes [ 8B, F8, 33, C0, 3B, F8, 0F, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UnlockUrlCacheEntryStream + C7 75CE91C2 29 Bytes [ 43, 50, 8B, 08, 8D, 55, 0C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UnlockUrlCacheEntryStream + E5 75CE91E0 150 Bytes [ 75, 0C, 68, 6C, 6B, 14, 76, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ReadUrlCacheEntryStream + 64 75CE9277 28 Bytes [ C9, C2, 14, 00, 8B, 46, 10, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ReadUrlCacheEntryStream + 82 75CE9295 35 Bytes [ F3, A7, 0F, 85, 7E, 0D, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ReadUrlCacheEntryStream + A6 75CE92B9 25 Bytes CALL 75CE1C54 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ReadUrlCacheEntryStream + C0 75CE92D3 87 Bytes [ 33, C0, 3B, C6, 89, 43, 14, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ReadUrlCacheEntryStream + 118 75CE932B 61 Bytes [ FF, 3B, C6, 89, 43, 14, 7C, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeFromSystemTime + 2A 75CE9AE3 61 Bytes [ 56, 8B, 75, 08, 56, E8, D3, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeFromSystemTime + 68 75CE9B21 16 Bytes CALL 75C97B80
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeFromSystemTime + 79 75CE9B32 16 Bytes [ FF, 15, 38, 31, 3A, 76, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeFromSystemTime + 8A 75CE9B43 69 Bytes [ 51, 08, 8B, 76, 08, 85, F6, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeFromSystemTime + D0 75CE9B89 9 Bytes [ 8B, D8, 85, DB, 7C, 62, 8B, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetReadFile + 3B 75CEABF7 75 Bytes [ 00, 00, 39, BB, 98, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetReadFile + 87 75CEAC43 25 Bytes [ C2, 04, 00, 8B, FF, 55, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetReadFile + A1 75CEAC5D 22 Bytes [ C0, 59, 74, 28, 8B, C8, E8, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetReadFile + B8 75CEAC74 10 Bytes [ 75, 0C, 56, FF, 10, 8B, F8, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetReadFile + C3 75CEAC7F 121 Bytes [ 50, 08, 8B, C7, 5F, 5E, 5D, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryDataAvailable + 5F 75CEAE5C 25 Bytes [ 4E, 00, 6F, 00, 46, 00, 6F, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryDataAvailable + 7A 75CEAE77 189 Bytes [ FF, 53, 56, 8B, F1, 57, 8D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryDataAvailable + 138 75CEAF35 49 Bytes [ FF, 55, 8B, EC, 8B, 45, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryDataAvailable + 16A 75CEAF67 44 Bytes [ FF, 55, 8B, EC, 56, 8B, 75, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryDataAvailable + 198 75CEAF95 68 Bytes [ F6, 45, 08, 01, 74, 07, 56, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetUnlockRequestFile + 1 75CEC3A3 2 Bytes [ 45, 0C ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetUnlockRequestFile + 4 75CEC3A6 27 Bytes [ 08, 50, FF, 51, 08, 8B, C6, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetUnlockRequestFile + 20 75CEC3C2 2 Bytes [ EE, 05 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetUnlockRequestFile + 23 75CEC3C5 110 Bytes [ 8B, 7D, 0C, F7, D6, 83, E6, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetUnlockRequestFile + 92 75CEC434 148 Bytes [ 45, FC, 8B, 08, 8D, 55, 08, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenA + 43 75CEC8AC 74 Bytes CALL 75CEC8B6 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenA + 8E 75CEC8F7 137 Bytes [ 8B, F8, 85, FF, 7C, 0B, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenA + 118 75CEC981 5 Bytes [ F0, 85, F6, 74, 13 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenA + 11E 75CEC987 60 Bytes [ 75, 10, 8B, 06, FF, 75, 0C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenA + 15C 75CEC9C5 2 Bytes [ 00, 83 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestA + 16 75CECD5E 19 Bytes [ FF, 8B, F8, 85, FF, 74, 46, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestA + 2A 75CECD72 20 Bytes [ 8B, D8, 85, DB, 7C, 46, 6A, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestA + 3F 75CECD87 13 Bytes [ 35, 10, 4E, 3A, 76, FF, 15, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestA + 4D 75CECD95 9 Bytes CALL 75CEB689 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestA + 57 75CECD9F 33 Bytes [ FF, FF, 50, 8B, CF, E8, A3, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenW + 1 75CECEA2 49 Bytes [ C7, 5F, 5E, 5D, C2, 04, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenW + 33 75CECED4 5 Bytes [ 46, 10, 3B, 5E, 10 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenW + 39 75CECEDA 93 Bytes [ 7E, 0C, 0F, 84, 6A, 5C, 03, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenW + 97 75CECF38 1 Byte [ 8B ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenW + 9A 75CECF3B 94 Bytes [ 83, 7E, 74, 00, 57, BF, 05, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheEntryA + 1F 75CEDE2C 65 Bytes CALL 75C55F95
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheEntryExA + 37 75CEDE6E 91 Bytes CALL 01CEDE6E
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheEntryExA + 93 75CEDECA 17 Bytes [ 85, C0, 74, 06, 8B, 08, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheEntryExA + A5 75CEDEDC 17 Bytes CALL 75C52A5B
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheEntryExA + B7 75CEDEEE 30 Bytes [ FF, 53, FF, D7, EB, 9F, 83, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheEntryExA + D6 75CEDF0D 22 Bytes [ C6, 43, 28, 00, FF, 15, 30, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryA + 1 75CEE36A 26 Bytes CALL 75D13C5B C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryA + 1C 75CEE385 25 Bytes CALL 75D13AD2 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryExA + 15 75CEE39F 16 Bytes [ 3B, C2, 72, 14, 8B, 0D, 24, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryExA + 26 75CEE3B0 93 Bytes [ 56, 04, 5E, 5D, C2, 04, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryExA + 86 75CEE410 49 Bytes [ 41, 00, 4C, 00, 49, 00, 47, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryExA + B8 75CEE442 39 Bytes [ 52, 00, 00, 00, 90, 90, 41, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryExA + E0 75CEE46A 11 Bytes [ 47, 00, 4E, 00, 5F, 00, 52, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenUrlA + 23 75CF0700 10 Bytes [ 50, 00, 4C, 00, 41, 00, 54, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenUrlA + 2E 75CF070B 7 Bytes [ 00, 90, 90, 90, 90, 57, 00 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenUrlA + 36 75CF0713 16 Bytes [ 00, 5F, 00, 53, 00, 4D, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenUrlA + 47 75CF0724 49 Bytes [ 41, 00, 4D, 00, 45, 00, 4C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetOpenUrlA + 79 75CF0756 1 Byte [ 46 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetStatusCallback + 7 75CF28B6 9 Bytes [ 00, 00, 53, 00, 42, 00, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetStatusCallback + 11 75CF28C0 39 Bytes [ 47, 00, 52, 00, 49, 00, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetStatusCallback + 39 75CF28E8 47 Bytes [ 50, 00, 45, 00, 52, 00, 48, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetStatusCallback + 69 75CF2918 23 Bytes [ 52, 00, 54, 00, 00, 00, 90, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetStatusCallback + 81 75CF2930 47 Bytes [ 52, 00, 54, 00, 52, 00, 41, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestExW + 52 75CF35A4 28 Bytes [ DE, B4, F3, FF, 8D, 85, F4, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestExW + 6F 75CF35C1 53 Bytes [ 8B, FF, 55, 8B, EC, 51, 51, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestExW + A5 75CF35F7 35 Bytes [ 51, 28, 85, C0, 0F, 8D, A2, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestExW + C9 75CF361B 5 Bytes [ 3B, F7, 0F, 84, A1 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestExW + D1 75CF3623 18 Bytes [ FF, 75, C0, 8B, 45, C4, 8B, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpEndRequestA + 4 75CF363F 44 Bytes [ 45, D8, 50, 89, 7D, D8, E8, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetWriteFile + 7 75CF366C 19 Bytes JMP 75C161A9 C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetWriteFile + 1B 75CF3680 9 Bytes [ 61, 00, 74, 00, 61, 00, 5C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetWriteFile + 25 75CF368A 3 Bytes [ 6F, 00, 61 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetWriteFile + 29 75CF368E 35 Bytes [ 6D, 00, 69, 00, 6E, 00, 67, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetWriteFile + 4D 75CF36B2 3 Bytes [ 64, 00, 65 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedStateExW + 41 75CF6673 5 Bytes [ EB, 4A, FF, 75, 0C ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedStateExW + 47 75CF6679 40 Bytes [ 15, 0C, 39, 07, 76, EB, 3F, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedStateExW + 70 75CF66A2 26 Bytes CALL 75B5D795 C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedStateExW + 8B 75CF66BD 14 Bytes [ 51, 08, 8B, C3, 5B, 5D, C2, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedStateExW + 9A 75CF66CC 6 Bytes [ 76, 50, E8, BB, 2E, E7 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedState + 49 75CF682F 1 Byte [ 5D ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedState + 4B 75CF6831 66 Bytes [ 56, 57, 8B, 7D, 08, 75, 18, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedState + 8E 75CF6874 6 Bytes [ 75, 0C, 57, FF, 15, 44 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedState + 95 75CF687B 31 Bytes [ 07, 76, 5F, 5E, 5B, 5D, C2, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedState + B5 75CF689B 21 Bytes CALL 75B6308C C:\Windows\system32\ole32.dll
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCreateUrlW + 5A 75CF6F34 64 Bytes [ 06, 8B, 45, 08, 89, 46, 04, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCreateUrlW + 9C 75CF6F76 9 Bytes [ 08, 80, 85, 06, 53, EC, 7B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCreateUrlW + A6 75CF6F80 45 Bytes [ A5, 5B, 5A, 1A, 81, 78, 3E, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCreateUrlW + D4 75CF6FAE 27 Bytes [ FF, 55, 8B, EC, 6A, 00, 6A, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCreateUrlW + F0 75CF6FCA 24 Bytes [ 15, 7C, 3E, 07, 76, 85, C0, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryOptionA + 1E 75CF8133 23 Bytes [ 68, 34, 8F, 0F, 76, 57, BE, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryOptionA + 36 75CF814B 33 Bytes [ C0, 0F, 85, 0E, 01, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryOptionA + 58 75CF816D 28 Bytes [ D3, 85, C0, 0F, 85, DD, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryOptionA + 76 75CF818B 18 Bytes JMP 75CF8236 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryOptionA + 89 75CF819E 14 Bytes [ 50, 57, 6A, 03, 57, 68, 34, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoExA + 12 75CF885E 69 Bytes [ B5, 78, FA, FF, FF, FF, 15, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoExA + 58 75CF88A4 9 Bytes [ FF, 74, 08, FF, B5, 94, FA, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoExA + 62 75CF88AE 51 Bytes [ D7, 39, B5, A0, FA, FF, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoExA + 98 75CF88E4 5 Bytes [ 44, 00, 65, 00, 73 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoExA + 9E 75CF88EA 37 Bytes [ 6B, 00, 74, 00, 6F, 00, 70, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DetectAutoProxyUrl + 16 75CFAAC3 19 Bytes [ 8B, 83, 94, 02, 00, 00, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DetectAutoProxyUrl + 2A 75CFAAD7 22 Bytes [ 00, 8B, 4D, B4, 89, 81, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DetectAutoProxyUrl + 41 75CFAAEE 30 Bytes CALL 75D3E74B C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DetectAutoProxyUrl + 61 75CFAB0E 18 Bytes [ 8D, BB, 60, 02, 00, 00, F3, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DetectAutoProxyUrl + 74 75CFAB21 52 Bytes [ 4D, B4, 85, C9, 74, 0C, 8B, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoW + 14 75CFEA35 26 Bytes CALL 75BE19C7 C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoW + 2F 75CFEA50 14 Bytes [ F8, 3B, FE, 7C, 3F, 8B, 45, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoW + 3F 75CFEA60 10 Bytes [ FF, 51, 1C, 85, C0, 7C, 24, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoW + 4A 75CFEA6B 20 Bytes CALL A2C052C2
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheEntryInfoW + 5F 75CFEA80 112 Bytes CALL 751FF310 C:\Windows\system32\dhcpcsvc6.DLL
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CommitUrlCacheEntryA + C2 75CFFD3C 14 Bytes [ D0, 74, 05, 89, 5D, E4, EB, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CommitUrlCacheEntryA + D1 75CFFD4B 128 Bytes [ 89, 45, E4, 8D, 45, CC, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CommitUrlCacheEntryA + 152 75CFFDCC 3 Bytes [ FF, 8B, 08 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CommitUrlCacheEntryA + 156 75CFFDD0 21 Bytes [ 55, F4, 03, D1, 89, 55, EC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CommitUrlCacheEntryA + 16C 75CFFDE6 17 Bytes [ C1, 8B, 4D, D8, 01, 45, C8, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheContainerA + 21 75D001EE 43 Bytes [ 00, 8B, 4D, 08, 57, 68, E4, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheContainerA + 4D 75D0021A 247 Bytes CALL 75D000D3 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheContainerA + C1 75D00312 103 Bytes [ 72, 00, 65, 00, 00, 00, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheContainerA + 129 75D0037A 11 Bytes [ FF, FF, 7F, 50, 8B, C8, 51, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheContainerA + 135 75D00386 1 Byte [ FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheContainerA + 137 75D00388 33 Bytes [ F0, 85, F6, 7C, 24, FF, 75, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheContainerA + 159 75D003AA 14 Bytes [ EB, 05, BE, 05, 40, 00, 80, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheEntryW + 87 75D01030 20 Bytes [ 75, FC, 8B, CF, 53, E8, A2, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestW + 10 75D01045 35 Bytes [ FF, 75, FC, 8B, CF, 53, E8, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestW + 34 75D01069 132 Bytes CALL 75C52BEB
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestW + B9 75D010EE 8 Bytes [ C7, 5F, 5E, 5B, 5D, C2, 04, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestW + C2 75D010F7 13 Bytes [ FF, 55, 8B, EC, 51, 57, 8D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestW + D1 75D01106 73 Bytes [ 8B, F8, 85, FF, 7C, 37, 56, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryOptionW + 34 75D01150 5 Bytes [ 75, 0C, E8, 9F, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryOptionW + 3B 75D01157 15 Bytes [ 5D, C2, 08, 00, 8B, FF, 55, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryOptionW + 4B 75D01167 2 Bytes [ 00, 00 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryOptionW + 4E 75D0116A 53 Bytes [ 74, 2A, 81, 7D, 08, 0A, 04, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetQueryOptionW + 84 75D011A0 1 Byte [ 36 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCrackUrlA + 2 75D0137E 12 Bytes CALL 75D01159 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCrackUrlA + F 75D0138B 16 Bytes [ 25, 44, 3A, 07, 76, 8B, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCrackUrlA + 20 75D0139C 72 Bytes [ 00, 75, 15, 56, 50, 50, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCrackUrlA + 6A 75D013E6 133 Bytes [ 00, 8D, 83, 9C, 00, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCrackUrlA + F0 75D0146C 107 Bytes [ 8B, F0, 85, F6, 7C, 22, 6A, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetReadFileExW + 23 75D032E1 37 Bytes [ 00, 00, 00, 3F, 51, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetReadFileExA + 12 75D03308 15 Bytes [ 00, 00, 00, 00, 00, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetReadFileExA + 22 75D03318 33 Bytes [ 9D, 99, 26, 76, 67, 9C, 26, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetReadFileExA + 44 75D0333A 21 Bytes [ 00, 00, 41, 51, 00, 00, EF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetReadFileExA + 5A 75D03350 30 Bytes [ 70, 54, 17, 76, 58, 2E, 10, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetReadFileExA + 79 75D0336F 28 Bytes [ 00, 74, 97, 26, 76, 93, 9C, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheEntryA + 78 75D03B7F 63 Bytes [ 4E, 3A, 76, 33, C5, 89, 45, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheEntryA + B8 75D03BBF 4 Bytes [ EC, 8B, 49, 44 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheEntryA + BD 75D03BC4 1 Byte [ 8B ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheEntryA + C0 75D03BC7 83 Bytes [ 33, C0, 85, C9, 57, 8B, 7D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheEntryA + 114 75D03C1B 27 Bytes [ 41, 07, 76, EB, 0F, FF, 75, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCookieExW + 10 75D03F97 28 Bytes [ FF, 8B, F0, 85, F6, 7C, 33, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCookieExW + 2D 75D03FB4 19 Bytes [ FF, 68, 00, 08, 00, 00, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCookieExW + 41 75D03FC8 42 Bytes [ FF, 8B, F0, FF, 15, 38, 31, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCookieExW + 6C 75D03FF3 50 Bytes [ B5, D8, E7, FF, FF, 89, B5, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCookieExW + A0 75D04027 41 Bytes CALL 75D03AEF C:\Windows\system32\WININET.dll
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCookieExA + 28 75D040AE 60 Bytes [ 88, 12, 01, 00, 00, 83, A5, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCookieExA + 65 75D040EB 44 Bytes [ 80, EB, 15, FF, B5, D4, E7, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCookieExA + 92 75D04118 35 Bytes [ 57, 50, 66, 89, BD, F4, FD, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCookieExA + B6 75D0413C 15 Bytes [ C0, 74, 70, 68, F8, 20, 22, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCookieExA + C6 75D0414C 25 Bytes [ 15, B0, 41, 07, 76, 85, C0, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetCookieExW + 86 75D04383 30 Bytes [ 00, 6D, 00, 65, 00, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetCookieExW + A5 75D043A2 388 Bytes [ 73, 00, 20, 00, 2F, 00, 74, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetCookieExW + 22A 75D04527 83 Bytes [ 00, 3B, 45, 10, 0F, 84, 3D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetCookieExW + 27E 75D0457B 25 Bytes [ 36, C7, 45, 9C, 30, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetCookieExW + 299 75D04596 87 Bytes [ 00, 39, 5D, B0, 0F, 84, CE, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheEntry + 10 75D0508E 56 Bytes [ 00, EB, 78, 8D, 85, D4, F5, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheEntry + 49 75D050C7 129 Bytes [ F4, FD, FF, FF, 89, 46, 04, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheEntry + CB 75D05149 60 Bytes [ FF, 74, 0B, FF, B5, BC, E1, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheEntry + 108 75D05186 17 Bytes [ 58, 00, 73, 00, 20, 00, 2F, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheEntry + 11A 75D05198 17 Bytes [ 22, 00, 20, 00, 70, 00, 72, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryStreamA + 38 75D05747 92 Bytes [ 83, 65, E4, 00, 83, 4D, EC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryStreamA + 95 75D057A4 1 Byte [ 50 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryStreamA + 97 75D057A6 17 Bytes CALL 75B94021 C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryStreamA + A9 75D057B8 59 Bytes [ 8D, 46, 08, 50, FF, 75, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryStreamA + E5 75D057F4 40 Bytes [ 6A, 08, 56, FF, 75, 10, FF, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCombineUrlW + 26 75D05ACA 69 Bytes CALL 85D05ACA
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCombineUrlW + 6C 75D05B10 131 Bytes [ 0F, 84, 9B, 01, 00, 00, 53, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCombineUrlW + F0 75D05B94 6 Bytes [ 46, 20, 8B, 08, 6A, 01 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCombineUrlW + F7 75D05B9B 55 Bytes [ C7, 85, E4, FB, FF, FF, 10, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCombineUrlW + 12F 75D05BD3 25 Bytes [ C0, 75, 03, 40, EB, 02, 33, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IncrementUrlCacheHeaderData + 16 75D083F9 24 Bytes [ 34, 8D, B0, 94, 26, 76, 8D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IncrementUrlCacheHeaderData + 2F 75D08412 54 Bytes [ 52, 0C, 8B, D8, EB, 76, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IncrementUrlCacheHeaderData + 67 75D0844A 13 Bytes JMP BEDBF85F
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IncrementUrlCacheHeaderData + 75 75D08458 38 Bytes [ 6A, 01, EB, 05, 8D, 45, 0C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IncrementUrlCacheHeaderData + 9C 75D0847F 9 Bytes CALL 75B2BD3C C:\Windows\system32\ole32.dll
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!PrivacyGetZonePreferenceW + 9 75D0FF1B 18 Bytes [ 00, 85, C0, 7C, 15, 8B, 76, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!PrivacyGetZonePreferenceW + 1D 75D0FF2F 69 Bytes [ 8B, 08, 50, FF, 51, 08, 33, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!PrivacyGetZonePreferenceW + 63 75D0FF75 10 Bytes [ 00, 8B, F0, 85, F6, 74, 11, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!PrivacyGetZonePreferenceW + 6E 75D0FF80 49 Bytes [ 75, 0C, 56, FF, 10, 8B, D8, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!PrivacyGetZonePreferenceW + A0 75D0FFB2 24 Bytes [ FF, 15, C4, 41, 07, 76, 8B, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryInfoA + 1F 75D10F25 62 Bytes [ 75, 0C, 68, 3C, 1F, 1F, 76, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryInfoA + 5E 75D10F64 39 Bytes [ 50, FF, 51, 10, 8B, F0, 3B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryInfoA + 86 75D10F8C 88 Bytes [ 8B, 45, FC, 8B, 08, 50, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryInfoA + DF 75D10FE5 26 Bytes [ 18, 68, D4, E0, 10, 76, 6A, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryInfoA + FB 75D11001 1 Byte [ C9 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetInitializeAutoProxyDll + F 75D114E7 42 Bytes [ 68, 00, 40, 00, 00, 8D, 85, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetInitializeAutoProxyDll + 3A 75D11512 193 Bytes [ 46, 00, 6F, 00, 6C, 00, 64, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetInitializeAutoProxyDll + FC 75D115D4 43 Bytes [ 45, 9C, 8B, 4D, 94, 83, 65, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetInitializeAutoProxyDll + 128 75D11600 49 Bytes JMP 75C270DF C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetInitializeAutoProxyDll + 15A 75D11632 30 Bytes [ FF, B8, 57, 00, 07, 80, E9, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheContainerW + 40 75D11737 2 Bytes [ FF, 50 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheContainerW + 43 75D1173A 14 Bytes [ 85, F4, FD, FF, FF, 50, 6A, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheContainerW + 52 75D11749 6 Bytes [ FF, 89, B5, CC, FB, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheContainerW + 59 75D11750 60 Bytes CALL 75E92492 C:\Windows\system32\kernel32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheContainerW + 96 75D1178D 15 Bytes CALL 75DAEE33 C:\Windows\system32\USER32.dll
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeToSystemTimeW + F 75D1192E 21 Bytes [ B8, 10, 01, 04, 80, E9, FA, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeToSystemTimeW + 25 75D11944 46 Bytes CALL 75DAF2C1 C:\Windows\system32\USER32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeToSystemTimeW + 54 75D11973 34 Bytes [ FF, 52, 8D, 95, E4, FD, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeToSystemTimeW + 77 75D11996 116 Bytes [ FF, 03, 74, 79, 83, BD, EC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeToSystemTime + 43 75D11A0B 3 Bytes CALL 75C21A97 C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeToSystemTime + 47 75D11A0F 17 Bytes [ F1, FF, 8B, F0, FF, B5, E4, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeToSystemTime + 59 75D11A21 10 Bytes [ F0, FD, FF, FF, 85, F6, 0F, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeToSystemTime + 64 75D11A2C 3 Bytes [ FF, 85, F6 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeToSystemTime + 68 75D11A30 4 Bytes [ 8D, 24, 03, E9 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryStreamW + 2 75D11B02 64 Bytes CALL 75C15EA8 C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryStreamW + 43 75D11B43 97 Bytes [ B8, 02, 40, 00, 80, E9, C4, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryStreamW + A5 75D11BA5 3 Bytes [ 8B, 55, E4 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryStreamW + A9 75D11BA9 12 Bytes [ 45, F8, 01, 7D, 0C, 89, 51, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryStreamW + B6 75D11BB6 55 Bytes [ C7, 41, 08, 04, 00, 00, 00, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheContainerA + 17 75D11C15 20 Bytes [ 51, EB, 1C, 3B, DF, 0F, 84, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheContainerA + 2C 75D11C2A 52 Bytes [ FF, 50, 8B, 46, 04, 6A, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheContainerA + 62 75D11C60 8 Bytes JMP 75C4EA98
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheContainerA + 6B 75D11C69 5 Bytes [ 1C, 05, 03, 00, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheContainerA + 71 75D11C6F 37 Bytes [ 83, F8, 01, 0F, 87, 21, CE, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryGroupW + 1 75D1257E 16 Bytes [ 46, 04, 21, 78, 04, E9, 2F, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryGroupW + 12 75D1258F 1 Byte [ 7F ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryGroupW + 14 75D12591 44 Bytes JMP 75BF3DC8 C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryGroupW + 41 75D125BE 159 Bytes [ 8B, 76, 04, 83, 66, 20, FB, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryGroupW + E1 75D1265E 26 Bytes [ 8B, 4D, D0, 8B, 47, 04, C1, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsUrlCacheEntryExpiredW + 13 75D128EC 31 Bytes [ 8B, 06, 8B, 51, 04, C1, E0, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsUrlCacheEntryExpiredW + 35 75D1290E 367 Bytes [ 25, 00, 08, 00, 00, 31, 41, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsUrlCacheEntryExpiredW + 1A5 75D12A7E 2 Bytes [ 1E, C1 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsUrlCacheEntryExpiredW + 1A8 75D12A81 115 Bytes [ 1E, 33, D0, 85, D3, 0F, 84, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsUrlCacheEntryExpiredW + 21D 75D12AF6 3 Bytes [ FC, 01, 00 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossingW + 20 75D12C98 9 Bytes [ 39, 05, 80, 5C, 3B, 76, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossingW + 2A 75D12CA2 97 Bytes CALL 75C2649A C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossingW + 8C 75D12D04 90 Bytes [ 0D, 00, 01, 00, 00, E9, 87, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossingW + E7 75D12D5F 100 Bytes JMP 75C1E843 C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossingW + 14C 75D12DC4 92 Bytes [ 61, 00, 67, 00, 65, 00, 48, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CommitUrlCacheEntryW + 21 75D1A141 17 Bytes [ 19, 89, EB, FF, C9, C2, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CommitUrlCacheEntryW + 33 75D1A153 12 Bytes [ 00, A1, 0C, 4E, 3A, 76, 33, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CommitUrlCacheEntryW + 40 75D1A160 1 Byte [ 8B ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CommitUrlCacheEntryW + 43 75D1A163 12 Bytes [ 57, 8D, 85, E4, FB, FF, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CommitUrlCacheEntryW + 50 75D1A170 23 Bytes [ 57, FF, 15, 44, 32, 07, 76, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAutodial + 5C 75D1A8D9 15 Bytes JMP 75D1AA30 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAutodial + 6C 75D1A8E9 32 Bytes [ 50, FF, 15, 80, 42, 07, 76, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAutodial + 8D 75D1A90A 73 Bytes [ FF, 75, 07, 33, C0, E9, 1F, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAutodial + D8 75D1A955 6 Bytes [ 66, 89, 9D, F8, EF, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAutodial + DF 75D1A95C 20 Bytes [ 66, 39, 9D, F0, EF, FF, FF, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UnlockUrlCacheEntryFileW + 5E 75D1AA86 17 Bytes [ 15, 38, 34, 07, 76, 0F, B7, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UnlockUrlCacheEntryFileW + 70 75D1AA98 87 Bytes [ 66, 83, F8, 20, 75, 0A, 46, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryFileW + 48 75D1AAF0 66 Bytes [ C0, 89, 45, 08, 75, 05, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryFileW + 8B 75D1AB33 17 Bytes [ 75, 08, FF, 15, 64, 41, 07, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryFileW + 9D 75D1AB45 28 Bytes [ 07, 68, 8C, 6D, 11, 76, EB, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryFileW + BA 75D1AB62 10 Bytes [ D6, FF, 75, 08, FF, D6, E9, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryFileW + C5 75D1AB6D 95 Bytes [ 89, 75, FC, EB, 02, 46, 46, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedStateEx + A 75D1ADFD 50 Bytes [ 8D, 85, 40, FD, FF, FF, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedStateEx + 3D 75D1AE30 36 Bytes [ B5, 40, FD, FF, FF, C7, 85, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedStateEx + 62 75D1AE55 15 Bytes [ 40, 07, 76, 3B, C6, 74, 03, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedStateEx + 72 75D1AE65 35 Bytes [ 50, FF, D7, 8D, 85, 54, FD, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetConnectedStateEx + 96 75D1AE89 5 Bytes [ 50, FD, FF, FF, 0E ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetDialW + 14 75D34E03 24 Bytes [ C8, 50, FF, 75, F0, 8D, 86, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetDialW + 2D 75D34E1C 34 Bytes [ EB, 33, 57, 33, C0, 89, 5D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetDialW + 50 75D34E3F 30 Bytes [ 76, 3C, FF, 76, 5C, FF, 15, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetDialW + 6F 75D34E5E 48 Bytes [ 45, B8, 50, 8D, 45, A8, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetDialW + A0 75D34E8F 23 Bytes [ 75, F0, 8D, 86, 84, 02, 00, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetDial + 22 75D35285 13 Bytes [ 06, 53, 53, 56, FF, 50, 0C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetDial + 30 75D35293 3 Bytes CALL 01D35295
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetDial + 34 75D35297 22 Bytes [ FF, 8B, 06, 68, FC, EC, 0F, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetDial + 4D 75D352B0 224 Bytes CALL 75B9DAAE C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetHangUp + BF 75D35392 1 Byte [ CF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetHangUp + C1 75D35394 9 Bytes [ 66, 32, E7, FF, 85, C0, 7C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetHangUp + CB 75D3539E 10 Bytes [ 8D, 85, F4, FD, FF, FF, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetHangUp + D6 75D353A9 43 Bytes [ FF, 85, C0, 7D, 24, 8D, 85, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetHangUp + 102 75D353D5 77 Bytes [ 03, 80, 5F, 5E, EB, 05, B8, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAutodialHangup + 48 75D35423 55 Bytes [ FF, 75, 0A, B8, 57, 00, 03, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAutodialHangup + 80 75D3545B 93 Bytes CALL 75BA85FB C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAutodialCallback + 17 75D354B9 19 Bytes [ C7, 8B, 4D, FC, 5F, 5E, 33, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAutodialCallback + 2B 75D354CD 19 Bytes [ 55, 8B, EC, 81, EC, 1C, 02, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAutodialCallback + 3F 75D354E1 104 Bytes [ 45, 0C, 53, 56, 8B, 75, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAutodialCallback + A8 75D3554A 27 Bytes CALL 75D3327B C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAutodialCallback + C4 75D35566 47 Bytes [ 56, 8D, 85, F4, FD, FF, FF, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGoOnlineW + 2 75D35749 1 Byte [ FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGoOnlineW + 4 75D3574B 86 Bytes [ F8, 85, FF, 7C, 25, 83, BD, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGoOnlineW + 5B 75D357A2 6 Bytes [ FF, 50, FF, B5, 84, F7 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGoOnlineW + 62 75D357A9 5 Bytes [ FF, E8, 19, E5, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGoOnlineW + 68 75D357AF 37 Bytes [ 8B, F8, 85, FF, 0F, 8C, AB, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGoOnline + 2 75D35833 24 Bytes [ FF, 8D, 85, EC, FB, FF, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGoOnline + 1B 75D3584C 34 Bytes [ B5, 88, F7, FF, FF, 8B, CB, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGoOnline + 3E 75D3586F 14 Bytes [ FF, 8D, 44, 08, 02, 3B, C6, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGoOnline + 4D 75D3587E 25 Bytes CALL 75BAB33A C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGoOnline + 67 75D35898 56 Bytes [ 50, FF, 15, 34, 34, 07, 76, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DllInstall + 1 75D373D9 2 Bytes [ EC, 56 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DllInstall + 4 75D373DC 38 Bytes [ F1, 8B, 06, 85, C0, 74, 04, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DllInstall + 2B 75D37403 115 Bytes [ C7, 01, 18, 61, 0F, 76, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DllInstall + 9F 75D37477 1 Byte [ 00 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DllInstall + A1 75D37479 14 Bytes [ 83, C6, 04, 81, FE, BC, 49, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCanonicalizeUrlA + 2E 75D397DC 100 Bytes [ 81, 7D, 10, 2C, 01, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCombineUrlA + 2F 75D39841 26 Bytes [ FF, 85, F6, 7C, 78, 8B, 45, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCombineUrlA + 4A 75D3985C 32 Bytes [ FF, 75, C0, 68, 80, 69, 14, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCertByURL + B 75D3987D 9 Bytes [ 7D, AC, 83, 3F, 00, 75, 1B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCertByURL + 15 75D39887 29 Bytes CALL 75B6426B C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCertByURL + 33 75D398A5 26 Bytes [ FF, 75, D0, 8B, CF, E8, DC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCertByURL + 4E 75D398C0 30 Bytes [ D0, 8B, 08, 50, FF, 51, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCertByURL + 6D 75D398DF 70 Bytes CALL 75B92A5A C:\Windows\system32\ole32.dll
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetFilePointer + 2 75D39949 148 Bytes [ 8D, 85, 7C, FF, FF, FF, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetLastResponseInfoA + 14 75D399DE 90 Bytes [ 89, 9D, DC, FD, FF, FF, 89, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetLastResponseInfoA + 6F 75D39A39 27 Bytes [ FF, 8B, 08, 8D, 95, F8, FD, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetLastResponseInfoA + 8B 75D39A55 60 Bytes [ 01, 00, 00, FF, B5, F8, FD, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetLastResponseInfoA + C8 75D39A92 42 Bytes [ FF, 73, 12, 68, 64, 17, 12, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetLastResponseInfoA + F3 75D39ABD 37 Bytes [ 51, 08, FF, 85, F0, FD, FF, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAttemptConnect + 2 75D39B28 49 Bytes [ 8B, F8, FF, 15, 64, 34, 07, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAttemptConnect + 34 75D39B5A 65 Bytes [ 8B, FF, 55, 8B, EC, 51, 83, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAttemptConnect + 76 75D39B9C 8 Bytes [ FF, 50, 08, 8B, 07, 8B, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAttemptConnect + 7F 75D39BA5 13 Bytes [ 6A, 02, 50, C7, 45, FC, 05, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAttemptConnect + 8D 75D39BB3 36 Bytes [ 45, FC, 5F, 5E, C9, C2, 08, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetSecurityInfoByURL + 23 75D39F82 10 Bytes [ 8B, FF, 55, 8B, EC, F6, 45, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetSecurityInfoByURL + 2E 75D39F8D 76 Bytes [ F1, C7, 06, A4, AF, 29, 76, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetSecurityInfoByURL + 7B 75D39FDA 15 Bytes [ 8B, FF, 55, 8B, EC, 33, C0, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetSecurityInfoByURL + 8B 75D39FEA 10 Bytes [ FF, 15, 50, 30, 3A, 76, 85, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetSecurityInfoByURL + 96 75D39FF5 28 Bytes [ 15, 4C, 30, 3A, 76, 33, C0, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetShowSecurityInfoByURL + 17 75D3A02E 27 Bytes [ FF, 55, 8B, EC, 83, EC, 14, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetShowSecurityInfoByURL + 33 75D3A04A 27 Bytes [ C7, 45, EC, 14, 00, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetShowSecurityInfoByURL + 4F 75D3A066 26 Bytes [ 74, 0B, 83, 7D, F8, 00, 74, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetShowSecurityInfoByURL + 6A 75D3A081 46 Bytes [ 55, 8B, EC, 56, 57, 6A, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetShowSecurityInfoByURL + 99 75D3A0B0 9 Bytes [ 10, 8B, 06, FF, 75, 0C, 56, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFindNextFileA + 1 75D3A127 62 Bytes [ C7, 5F, 5E, 5D, C2, 0C, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFindNextFileA + 41 75D3A167 32 Bytes [ C7, 00, 94, B1, 29, 76, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFindNextFileA + 62 75D3A188 188 Bytes [ 50, 08, 8B, C7, 5F, 5E, 5D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFindNextFileA + 11F 75D3A245 126 Bytes [ 75, 0C, 56, FF, 10, 8B, F8, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFindNextFileA + 19E 75D3A2C4 3 Bytes [ 30, E3, 0E ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCheckConnectionA + 44 75D3A3B8 5 Bytes [ C9, C2, 04, 00, 8B ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCheckConnectionA + 4A 75D3A3BE 21 Bytes [ 55, 8B, EC, 56, 8B, F1, C7, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCheckConnectionA + 60 75D3A3D4 6 Bytes [ 07, 56, E8, 9B, BA, E5 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCheckConnectionA + 67 75D3A3DB 7 Bytes [ 59, 8B, C6, 5E, 5D, C2, 04 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetCheckConnectionA + 6F 75D3A3E3 13 Bytes [ 8B, FF, 55, 8B, EC, 56, 33, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ForceNexusLookupExW + 4B 75D3A85E 6 Bytes [ 00, C7, 45, C8, FF, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ForceNexusLookup + 2 75D3A865 100 Bytes [ 7F, 89, 45, E4, FF, D7, 48, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateMD5SSOHash + 29 75D3A8CB 16 Bytes [ 10, 89, 45, D8, 8D, 45, C4, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateMD5SSOHash + 3A 75D3A8DC 21 Bytes [ 76, 30, 41, 89, 4D, C4, 89, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateMD5SSOHash + 50 75D3A8F2 33 Bytes [ 5B, C9, C2, 0C, 00, 8B, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateMD5SSOHash + 72 75D3A914 7 Bytes [ 8D, 85, FC, FD, FF, FF, 50 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateMD5SSOHash + 7A 75D3A91C 33 Bytes [ 75, 08, 8B, F1, FF, 35, 10, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFindNextFileW + 4D 75D3AC32 20 Bytes [ 75, F4, FF, 15, A0, 36, 3A, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFindNextFileW + 62 75D3AC47 76 Bytes [ 76, 08, FF, 15, 74, 3A, 07, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFindNextFileW + AF 75D3AC94 157 Bytes [ 18, 2E, E6, FF, 8D, 46, 24, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetShowSecurityInfoByURLW + B 75D3AD32 216 Bytes [ BC, 04, 00, 00, 00, FF, D6, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetLastResponseInfoW + 2 75D3AE0B 65 Bytes [ 75, 0C, 83, C1, F8, E8, B7, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetLastResponseInfoW + 44 75D3AE4D 32 Bytes [ FF, 55, 8B, EC, 83, EC, 38, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetLastResponseInfoW + 65 75D3AE6E 40 Bytes [ 19, 39, 58, 2C, 56, 89, 4D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetLastResponseInfoW + 8E 75D3AE97 130 Bytes [ 8B, F0, 3B, F3, 0F, 8C, D4, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetLastResponseInfoW + 111 75D3AF1A 53 Bytes [ 6A, 01, FF, 37, 50, FF, 51, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionExA + 1E 75D3B251 16 Bytes [ FF, 85, C0, 7C, 74, 8B, 7D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionExA + 2F 75D3B262 5 Bytes [ 1C, 68, 00, F0, 00 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionExA + 35 75D3B268 133 Bytes [ FF, 75, E4, 68, 2C, 10, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionExW + 81 75D3B2EE 42 Bytes [ 45, D8, 8B, 08, 50, FF, 51, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionExW + AC 75D3B319 66 Bytes CALL 75B97493 C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionExW + EF 75D3B35C 226 Bytes [ FD, FF, FF, 85, C0, 0F, 8C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionExW + 1D2 75D3B43F 16 Bytes [ 76, 2C, FF, 15, F8, 39, 07, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetOptionExW + 1E3 75D3B450 71 Bytes [ 15, FC, 39, 07, 76, 83, F8, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ResumeSuspendedDownload + 4 75D3D503 97 Bytes [ 45, 14, 83, E0, FA, 50, 57, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ResumeSuspendedDownload + 66 75D3D565 100 Bytes [ 15, 30, 34, 07, 76, 8D, 4D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ResumeSuspendedDownload + CB 75D3D5CA 85 Bytes CALL 75D3D2A8 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ResumeSuspendedDownload + 121 75D3D620 32 Bytes [ FF, B5, EC, FD, FF, FF, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ResumeSuspendedDownload + 142 75D3D641 51 Bytes [ 15, 74, 3A, 07, 76, 47, 8B, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DispatchAPICall + 2 75D3DE12 44 Bytes [ 00, 56, 8D, 85, F0, FD, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DispatchAPICall + 2F 75D3DE3F 3 Bytes CALL C6D3DE3F
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DispatchAPICall + 33 75D3DE43 25 Bytes [ FF, 50, 68, 04, 01, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DispatchAPICall + 4D 75D3DE5D 22 Bytes [ 4E, 3A, 76, FF, D7, 8D, 83, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DispatchAPICall + 64 75D3DE74 35 Bytes CALL 75D3CE0C C:\Windows\system32\WININET.dll
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!_GetFileExtensionFromUrl + 1 75D3F645 9 Bytes [ F8, 85, FF, 7C, 62, FF, B5, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!_GetFileExtensionFromUrl + B 75D3F64F 113 Bytes [ FF, FF, 15, 58, 33, 07, 76, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!_GetFileExtensionFromUrl + 7D 75D3F6C1 46 Bytes [ 55, 8B, EC, 81, EC, 14, 02, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!_GetFileExtensionFromUrl + AC 75D3F6F0 7 Bytes CALL 75DEDF86 C:\Windows\system32\USER32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!_GetFileExtensionFromUrl + B4 75D3F6F8 10 Bytes [ 83, FC, 06, 00, 00, 0F, 85, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFortezzaCommand + 4D 75D3FBC4 46 Bytes [ 48, 09, 00, 00, 01, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFortezzaCommand + 7C 75D3FBF3 4 Bytes [ 22, 3D, 38, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFortezzaCommand + 81 75D3FBF8 28 Bytes [ FF, 74, 07, 33, C0, E9, 1A, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFortezzaCommand + 9F 75D3FC16 6 Bytes [ 33, FF, 39, BB, F8, 06 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetFortezzaCommand + A6 75D3FC1D 117 Bytes [ 00, 8D, B3, 50, 09, 00, 00, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileA + 6A 75D42326 58 Bytes [ 8B, F8, 85, FF, 7C, 2B, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileA + A5 75D42361 28 Bytes [ 56, 8B, F1, C7, 06, 34, 4B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileA + C2 75D4237E 27 Bytes CALL 3C579992
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileA + DE 75D4239A 23 Bytes [ 55, 8B, EC, 8B, 45, 08, 83, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileA + F6 75D423B2 29 Bytes [ 8B, C1, 8B, 4D, 08, C7, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpPutFileA + 15 75D423D0 81 Bytes CALL 75D421E9 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpPutFileA + 67 75D42422 4 Bytes [ FF, 8B, F8, 85 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpPutFileA + 6C 75D42427 5 Bytes [ 7C, 0B, 8B, 06, 53 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpPutFileA + 73 75D4242E 10 Bytes [ 10, 56, FF, 10, 8B, F8, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpPutFileA + 7E 75D42439 46 Bytes [ 08, 8B, C7, 5F, 5E, 5B, 5D, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileSize + 4C 75D43A07 7 Bytes [ 74, 47, 53, 56, FF, 75, 08 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileSize + 54 75D43A0F 81 Bytes [ 35, 58, 33, 07, 76, FF, D6, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileSize + A8 75D43A63 158 Bytes [ 68, 74, 4A, 2A, 76, FF, 75, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileSize + 147 75D43B02 31 Bytes [ 50, 08, C3, 8B, FF, 55, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileSize + 167 75D43B22 82 Bytes [ 49, 18, 85, C9, 56, 8B, 75, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRenameFileA + 20 75D4445F 109 Bytes CALL 75C28C7B C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRenameFileA + 8E 75D444CD 5 Bytes [ 45, 33, F6, EB, 33 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRenameFileA + 95 75D444D4 13 Bytes [ FC, 8B, CF, FF, 75, 08, E8, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRenameFileA + A3 75D444E2 42 Bytes [ 0A, FF, 75, 0C, 57, FF, D3, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRenameFileA + CE 75D4450D 178 Bytes [ 30, B8, 05, 40, 00, 80, 5F, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRemoveDirectoryA + 2 75D447EB 42 Bytes [ 85, C0, 74, 14, FF, 45, FC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpSetCurrentDirectoryA + 12 75D44816 49 Bytes CALL 75BCACD9 C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpCommandA + C 75D44849 7 Bytes [ 0C, 8B, CE, E8, 8A, 64, E8 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpCommandA + 14 75D44851 47 Bytes [ 85, C0, 74, 14, FF, 45, FC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpCommandA + 44 75D44881 1 Byte [ 8B ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpCommandA + 46 75D44883 66 Bytes [ 55, 8B, EC, 51, 83, 65, FC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpCommandA + 89 75D448C6 15 Bytes [ 8B, FF, 56, 8B, F1, 8D, 46, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpFindFirstFileA + 2 75D448FE 1 Byte [ 59 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpFindFirstFileA + 4 75D44900 59 Bytes [ C6, 5E, 5D, C2, 04, 00, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpOpenFileA + 19 75D4493C 2 Bytes [ CC, F4 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpOpenFileA + 1D 75D44940 56 Bytes [ 5E, 5D, C2, 10, 00, 8B, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpOpenFileA + 56 75D44979 24 Bytes [ 3B, C7, 74, 02, 89, 38, 39, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpOpenFileA + 70 75D44993 169 Bytes [ 10, 74, 04, 03, C1, EB, 02, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpOpenFileA + 11A 75D44A3D 12 Bytes [ 8D, 8D, 90, E7, FF, FF, 51, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpFindFirstFileW + 2 75D44B93 19 Bytes [ FF, 85, C0, 7C, 0E, 56, 8D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpFindFirstFileW + 16 75D44BA7 15 Bytes [ 4D, FC, 33, CD, 5E, E8, AD, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpFindFirstFileW + 26 75D44BB7 11 Bytes [ 55, 8B, EC, 8B, 4D, 08, 56, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpFindFirstFileW + 32 75D44BC3 25 Bytes [ 75, 10, BE, 05, 40, 00, 80, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpFindFirstFileW + 4C 75D44BDD 16 Bytes CALL 75D43C25 C:\Windows\system32\WININET.dll
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRenameFileW + 1 75D44D74 66 Bytes [ 76, 48, 85, F6, 89, 45, F4, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRenameFileW + 44 75D44DB7 20 Bytes [ 0E, 00, 07, 80, 83, 7D, F8, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRenameFileW + 59 75D44DCC 85 Bytes [ FF, 10, EB, 06, 8B, 45, 0C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRenameFileW + AF 75D44E22 22 Bytes [ 10, 89, 85, 98, FD, FF, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRenameFileW + C6 75D44E39 42 Bytes [ 74, 01, 4E, 89, 85, 80, FD, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpOpenFileW + 67 75D44F18 68 Bytes [ 0F, 8C, 94, 00, 00, 00, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpOpenFileW + AC 75D44F5D 6 Bytes [ 50, FF, B5, 8C, FD, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpOpenFileW + B3 75D44F64 252 Bytes CALL 75BA518B C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRemoveDirectoryW + 43 75D45061 23 Bytes [ 85, A0, FD, FF, FF, 4F, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRemoveDirectoryW + 5B 75D45079 9 Bytes [ 9C, FD, FF, FF, 8D, 85, 84, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRemoveDirectoryW + 65 75D45083 40 Bytes [ 50, 57, FF, B5, 94, FD, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRemoveDirectoryW + 8E 75D450AC 28 Bytes [ FF, 6A, 02, 8D, 45, AC, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpRemoveDirectoryW + AC 75D450CA 65 Bytes [ 85, C0, 7C, 06, FF, 85, A0, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpSetCurrentDirectoryW + 3D 75D4510C 80 Bytes [ FF, 11, 85, C0, 7C, 77, 6A, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpSetCurrentDirectoryW + 8E 75D4515D 20 Bytes [ 6A, 00, 68, 34, 8F, 0F, 76, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpSetCurrentDirectoryW + A4 75D45173 14 Bytes [ B5, 90, FD, FF, FF, E8, EC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetCurrentDirectoryW + 2 75D45182 1 Byte [ FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetCurrentDirectoryW + 4 75D45184 34 Bytes [ 08, 50, FF, 51, 08, 8B, 4D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetCurrentDirectoryW + 27 75D451A7 107 Bytes [ 55, 8B, EC, 56, 8B, 75, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetCurrentDirectoryW + 93 75D45213 9 Bytes [ 70, 18, FF, 70, 14, E8, E9, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetCurrentDirectoryW + 9D 75D4521D 32 Bytes [ 89, 37, 33, DB, 5F, 5E, 8B, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpCommandW + 4 75D45253 10 Bytes [ FF, 55, 8B, EC, FF, 75, 20, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpCommandW + F 75D4525E 26 Bytes [ 75, 1C, FF, 75, 18, FF, 75, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpCommandW + 2A 75D45279 24 Bytes [ 55, 8B, EC, 53, 56, 57, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpCommandW + 43 75D45292 74 Bytes [ 3B, C6, 59, 74, 0F, C7, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpCommandW + 8E 75D452DD 23 Bytes [ FF, FF, 75, 1C, 8B, 4D, 08, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpPutFileW + 8 75D459E8 5 Bytes [ B6, D0, 00, 00, 00 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpPutFileW + E 75D459EE 51 Bytes [ 15, DC, 3A, 07, 76, 5E, C3, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileEx + 1E 75D45A22 97 Bytes [ C0, 5D, C2, 08, 00, 8B, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileEx + 80 75D45A84 5 Bytes [ 15, 68, 37, 07, 76 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileEx + 87 75D45A8B 17 Bytes CALL 75DBC5D4 C:\Windows\system32\USER32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileEx + 99 75D45A9D 7 Bytes [ 55, 8B, EC, 56, 6A, 16, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpGetFileEx + A1 75D45AA5 69 Bytes [ 0C, 8B, F1, FF, 75, 08, 6A, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpPutFileEx + 29 75D45AEB 19 Bytes [ 00, 53, 8B, D9, 8D, 55, FC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpPutFileEx + 3E 75D45B00 7 Bytes [ F8, 7C, 5E, 56, 8B, 75, 0C ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpPutFileEx + 46 75D45B08 67 Bytes CALL 1B7A00B2
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpPutFileEx + 8A 75D45B4C 84 Bytes [ FF, 75, FC, 57, FF, 15, 1C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FtpPutFileEx + DF 75D45BA1 37 Bytes [ 80, 75, 52, 39, 53, 2C, 6A, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GopherCreateLocatorA + 89 75D4973A 11 Bytes [ 50, FF, 15, 24, 34, 07, 76, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GopherCreateLocatorA + 95 75D49746 55 Bytes [ 0D, 85, F6, 74, 09, 6A, 01, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GopherCreateLocatorA + CD 75D4977E 10 Bytes [ FF, 55, 8B, EC, 8B, 55, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GopherCreateLocatorA + D8 75D49789 69 Bytes CALL 75D47A10 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GopherCreateLocatorA + 11E 75D497CF 14 Bytes [ 7D, 0C, 66, 83, 3F, 00, 75, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsHostInProxyBypassList + 67 75D4AE49 150 Bytes [ 45, 0C, 5F, 5E, 5B, 5D, C2, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsHostInProxyBypassList + FE 75D4AEE0 3 Bytes [ 32, 8D, 45 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsHostInProxyBypassList + 102 75D4AEE4 13 Bytes CALL 75C71762
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsHostInProxyBypassList + 110 75D4AEF2 152 Bytes [ 5C, 1B, 02, EB, 1C, 8B, 47, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsHostInProxyBypassList + 1A9 75D4AF8B 29 Bytes [ 55, 8B, EC, 51, 51, 56, 57, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!PrivacySetZonePreferenceW + 64 75D4C50D 8 Bytes [ CC, 00, 53, 56, 57, 33, C0, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!PrivacySetZonePreferenceW + 6D 75D4C516 159 Bytes [ CE, AB, AB, 8D, 55, CC, 52, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!PrivacySetZonePreferenceW + 10D 75D4C5B6 288 Bytes [ 51, 24, 8B, F0, 85, F6, 7C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!PrivacySetZonePreferenceW + 22E 75D4C6D7 4 Bytes [ 9F, EF, E3, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!PrivacySetZonePreferenceW + 233 75D4C6DC 3 Bytes [ C0, 74, 0E ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpAddRequestHeadersW + 2 75D4C793 39 Bytes [ 75, 08, FF, 75, F4, E8, A6, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpAddRequestHeadersW + 2A 75D4C7BB 27 Bytes [ 55, F0, 52, 68, 00, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpAddRequestHeadersW + 46 75D4C7D7 1 Byte [ 51 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpAddRequestHeadersW + 48 75D4C7D9 207 Bytes [ 8B, 45, FC, 8B, 08, 50, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpCheckDavCompliance + 9D 75D4C8A9 128 Bytes [ FB, 0F, 8C, C6, 00, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpCheckDavCompliance + 11E 75D4C92A 89 Bytes CALL 75B9DAAF C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpCheckDavCompliance + 178 75D4C984 78 Bytes [ 81, EC, 28, 02, 00, 00, A1, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpCheckDavCompliance + 1C7 75D4C9D3 101 Bytes [ 50, 6A, 10, FF, B5, E0, FD, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpCheckDavCompliance + 22D 75D4CA39 90 Bytes [ 8B, F0, 3B, F7, 0F, 8C, A2, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestExA + 11 75D4CC0B 49 Bytes CALL C6D4CC0D
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestExA + 43 75D4CC3D 6 Bytes [ B5, EC, FD, FF, FF, 50 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpSendRequestExA + 4A 75D4CC44 46 Bytes [ 51, 38, 8B, F8, 85, FF, 7C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpEndRequestW + 17 75D4CC73 25 Bytes [ 53, 6A, 40, FF, B5, EC, FD, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpEndRequestW + 31 75D4CC8D 1 Byte [ 8B ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpEndRequestW + 33 75D4CC8F 15 Bytes [ 50, FF, 51, 08, 85, FF, 7C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpEndRequestW + 43 75D4CC9F 1 Byte [ FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!HttpEndRequestW + 45 75D4CCA1 16 Bytes [ 06, 56, FF, 50, 40, 8B, F8, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetPerSiteCookieDecisionW + 44 75D4D337 43 Bytes [ 80, 1B, 01, 00, 80, 1A, 01, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetPerSiteCookieDecisionA + 9 75D4D363 47 Bytes [ 80, B7, 01, 00, 80, D0, 16, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetPerSiteCookieDecisionA + 39 75D4D393 115 Bytes [ 00, 13, 02, 00, 80, 14, 02, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetPerSiteCookieDecisionW + 6A 75D4D407 15 Bytes [ 80, BB, 00, 00, 80, A8, 17, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetEnumPerSiteCookieDecisionA + B 75D4D417 27 Bytes [ 80, D0, 01, 00, 80, C8, 17, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetEnumPerSiteCookieDecisionA + 27 75D4D433 39 Bytes [ 80, 7D, 02, 00, 80, 7C, 02, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetEnumPerSiteCookieDecisionA + 4F 75D4D45B 11 Bytes [ 00, 1C, 18, 33, 00, D2, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetEnumPerSiteCookieDecisionA + 5B 75D4D467 147 Bytes [ 80, D3, 00, 00, 80, C8, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetEnumPerSiteCookieDecisionW + 8F 75D4D4FB 8 Bytes [ 80, 46, 19, 33, 00, 52, 19, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetClearAllPerSiteCookieDecisions + 4 75D4D504 47 Bytes [ 60, 19, 33, 00, 9E, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetClearAllPerSiteCookieDecisions + 34 75D4D534 31 Bytes [ 9C, 00, 00, 80, 1A, 1A, 33, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetClearAllPerSiteCookieDecisions + 54 75D4D554 34 Bytes [ 86, 1A, 33, 00, 94, 1A, 33, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetClearAllPerSiteCookieDecisions + 77 75D4D577 31 Bytes [ 80, DE, 1A, 33, 00, E8, 1A, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetClearAllPerSiteCookieDecisions + 97 75D4D597 24 Bytes [ 80, 17, 02, 00, 80, 12, 02, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetCookieA + 4 75D4E415 5 Bytes [ 45, AC, 89, 45, B4 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetCookieA + A 75D4E41B 36 Bytes [ 45, AC, 8B, 45, AC, 83, C7, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSetCookieExA + 4 75D4E440 27 Bytes [ D8, 7D, 09, 8B, 45, 16, F7, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetGetCookieW + 10 75D4E45C 268 Bytes [ FF, 53, 8B, F8, FF, 15, 2C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeFromSystemTimeW + 2E 75D4E569 113 Bytes [ 8B, F0, 3B, F7, 74, 1E, 8D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeFromSystemTimeW + A0 75D4E5DB 2 Bytes [ 45, AC ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeFromSystemTimeW + A3 75D4E5DE 34 Bytes [ 40, 04, 66, 8B, 4D, B8, 66, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeFromSystemTimeW + C6 75D4E601 3 Bytes [ EB, 77, EE ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetTimeFromSystemTimeW + CA 75D4E605 25 Bytes [ 83, C4, 10, 8D, 45, B4, 50, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UrlZonesDetach + 12 75D5165C 3 Bytes [ FE, 13, E8 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UrlZonesDetach + 16 75D51660 27 Bytes [ C9, C2, 08, 00, 8B, FF, 55, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UrlZonesDetach + 32 75D5167C 22 Bytes [ 10, 56, BE, 98, 6E, 0F, 76, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UrlZonesDetach + 49 75D51693 32 Bytes [ FF, 55, 8B, EC, FF, 75, 18, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UrlZonesDetach + 6A 75D516B4 25 Bytes [ 08, 83, 7E, 30, 00, 74, 27, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheContainerW + 38 75D55289 37 Bytes [ 00, 6A, 00, 8B, CE, E8, FB, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheContainerW + 5E 75D552AF 63 Bytes [ FF, 85, C0, 89, 45, 0C, 7C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheContainerW + 9E 75D552EF 97 Bytes [ 85, C0, 75, 07, C7, 45, 0C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheEntryW + 10 75D55351 87 Bytes CALL 75B9D8BF C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheEntryW + 68 75D553A9 65 Bytes CALL 75D54318 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheEntryW + AA 75D553EB 31 Bytes [ 51, 18, 5E, 5D, C2, 08, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheEntryW + CA 75D5540B 21 Bytes [ 00, 00, 83, 65, FC, 00, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheEntryW + E0 75D55421 15 Bytes [ 51, 10, 8B, F8, 85, FF, 7C, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheGroup + 4 75D55492 19 Bytes [ 45, FC, 85, C0, 74, 06, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheGroup + 18 75D554A6 12 Bytes [ 8B, FF, 55, 8B, EC, 56, 57, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheGroup + 25 75D554B3 2 Bytes [ 8B, F1 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheGroup + 28 75D554B6 3 Bytes [ 39, EE, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!CreateUrlCacheGroup + 2E 75D554BC 5 Bytes [ 7C, 0D, 8B, 86, E4 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheContainerA + 2 75D55503 8 Bytes [ 75, 08, 8B, D9, E8, BF, EE, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheContainerA + B 75D5550C 37 Bytes [ 8B, F0, 33, FF, 3B, F7, 0F, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheContainerA + 32 75D55533 7 Bytes [ 21, 7D, 08, 89, 7D, FC, 85 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheContainerA + 3A 75D5553B 16 Bytes [ 0F, 85, D2, 00, 00, 00, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheContainerA + 4B 75D5554C 81 Bytes [ 00, 8B, 83, E4, 00, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheContainerW + 4D 75D5559E 7 Bytes [ FF, 8B, F0, 85, F6, 7C, 53 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheContainerW + 55 75D555A6 45 Bytes [ 3D, 28, 36, 3A, 76, 6A, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheGroup + 2 75D555D4 28 Bytes CALL 75D53F73 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheGroup + 1F 75D555F1 20 Bytes [ D7, 8D, 45, D4, 50, FF, D7, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheGroup + 34 75D55606 2 Bytes [ 51, 08 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheGroup + 37 75D55609 1 Byte [ 45 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!DeleteUrlCacheGroup + 39 75D5560B 462 Bytes [ 85, F6, 0F, 8D, 26, FF, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheContainerW + 10 75D557DA 3 Bytes [ 6A, FF, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheContainerW + 14 75D557DE 153 Bytes [ 8B, F0, EB, 02, 33, F6, 85, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheGroup + 20 75D55878 29 Bytes [ FF, 85, C0, 7C, 14, 8B, 45, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheGroup + 3F 75D55897 58 Bytes [ 8D, 75, 90, 8D, 7D, 80, A5, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryExW + 18 75D558D2 64 Bytes [ 36, 07, 76, 6A, 08, FF, 15, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryExW + 5A 75D55914 37 Bytes [ 51, 8B, 4D, 98, 2B, 4D, 90, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryExW + 80 75D5593A 8 Bytes [ 15, F0, 3A, 07, 76, 8D, 4D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryExW + 89 75D55943 8 Bytes [ 99, D8, FF, FF, 8B, 4D, FC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryExW + 92 75D5594C 78 Bytes CALL 75B92A5B C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FreeUrlCacheSpaceA + 24 75D5599C 1 Byte [ 0C ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FreeUrlCacheSpaceA + 26 75D5599E 14 Bytes [ CE, FF, B6, D0, 00, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FreeUrlCacheSpaceA + 36 75D559AE 23 Bytes JMP 75D55A3F C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FreeUrlCacheSpaceA + 4E 75D559C6 51 Bytes CALL 75D54802 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FreeUrlCacheSpaceW + 2E 75D559FA 10 Bytes [ 74, 24, 48, 48, 74, 17, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FreeUrlCacheSpaceW + 39 75D55A05 53 Bytes [ 0C, 51, FF, B6, D0, 00, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FreeUrlCacheSpaceW + 6F 75D55A3B 45 Bytes CALL 75D547DA C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheConfigInfoA + 12 75D55A69 99 Bytes [ 50, 04, FF, 75, 14, 8B, CE, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheConfigInfoW + 19 75D55ACD 15 Bytes [ CE, FF, 75, 10, 57, E8, 7F, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheConfigInfoW + 29 75D55ADD 8 Bytes [ 50, 08, EB, 16, 33, FF, EB, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheConfigInfoW + 32 75D55AE6 162 Bytes [ 75, 14, FF, 75, 10, FF, 75, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheGroupAttributeA + 43 75D55B89 63 Bytes [ 57, 68, 44, C9, 0A, 76, 6A, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheGroupAttributeW + B 75D55BCB 54 Bytes CALL 75D5303C C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheGroupAttributeW + 43 75D55C03 15 Bytes [ 83, 65, FC, 00, 8B, 08, 8D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheGroupAttributeW + 54 75D55C14 8 Bytes [ 08, 50, FF, 51, 10, 8B, F0, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheGroupAttributeW + 5D 75D55C1D 28 Bytes [ 7C, 17, 8B, 45, FC, FF, 75, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!GetUrlCacheGroupAttributeW + 7A 75D55C3A 40 Bytes [ 5B, C9, C2, 08, 00, 8B, FF, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsUrlCacheEntryExpiredA + 32 75D55C9A 87 Bytes [ 00, 6A, 38, 8D, 45, A0, 53, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsUrlCacheEntryExpiredA + 8A 75D55CF2 4 Bytes [ 8D, 45, D8, 50 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!IsUrlCacheEntryExpiredA + 8F 75D55CF7 96 Bytes [ 15, 50, 36, 3A, 76, 8B, F8, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryFileA + 12 75D55D58 74 Bytes [ 8D, 55, 9C, 52, 53, 6A, 01, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RetrieveUrlCacheEntryFileA + 5D 75D55DA3 52 Bytes [ 50, 2C, 8B, C7, 5F, 5E, 5B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RunOnceUrlCache + 12 75D55DD8 185 Bytes [ FF, 55, 8B, EC, 56, 8B, F1, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryGroup + 28 75D55E92 19 Bytes [ 0C, 56, FF, 10, 8B, F8, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryGroup + 3C 75D55EA6 47 Bytes [ 8B, C7, 5F, 5E, 5D, C2, 0C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryGroup + 6C 75D55ED6 37 Bytes [ 85, F6, 74, 15, FF, 75, 10, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryInfoW + 19 75D55EFC 30 Bytes [ 00, 8B, FF, 55, 8B, EC, 56, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryInfoW + 38 75D55F1B 41 Bytes CALL 75D55C3D C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheEntryInfoW + 62 75D55F45 40 Bytes [ 79, 8B, 43, 18, 33, 43, 14, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheGroupAttributeA + 2 75D55F6E 53 Bytes CALL 75D55BDC C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheGroupAttributeA + 38 75D55FA4 118 Bytes CALL 75D5303D C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheGroupAttributeW + 4A 75D5601B 88 Bytes [ D8, 81, FB, 04, 00, 27, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheHeaderData + 12 75D56074 3 Bytes [ 48, 12, E1 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheHeaderData + 16 75D56078 7 Bytes [ 5B, 5F, EB, 05, B8, 05, 40 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheHeaderData + 1E 75D56080 97 Bytes [ 80, 5E, 5D, C2, 08, 00, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!RegisterUrlCacheNotification + 44 75D560E2 77 Bytes [ 76, 18, FF, 76, 14, 50, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UpdateUrlCacheContentPath + 38 75D56130 16 Bytes [ 38, FF, 76, 10, 83, C7, 1C, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UpdateUrlCacheContentPath + 49 75D56141 24 Bytes [ 17, 8B, 45, F0, 8B, 08, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UpdateUrlCacheContentPath + 62 75D5615A 63 Bytes [ 7E, 60, 00, 74, 03, 83, C9, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UpdateUrlCacheContentPath + A2 75D5619A 17 Bytes [ 4D, FC, 57, FF, 75, F8, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!UpdateUrlCacheContentPath + B4 75D561AC 90 Bytes [ 27, 00, 0F, 85, 21, 01, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindFirstUrlCacheEntryW + 4 75D56207 48 Bytes [ FB, 8B, 45, EC, 8B, 08, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryW + C 75D56239 10 Bytes CALL 75C48972
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!FindNextUrlCacheEntryW + 17 75D56244 11 Bytes [ 06, 00, 27, 00, 74, 49, 57, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheConfigInfoA + 2 75D56250 28 Bytes [ 85, C0, 74, 3F, FF, 76, FC, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheConfigInfoA + 1F 75D5626D 82 Bytes [ 76, 14, 8B, 07, 57, FF, 50, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheConfigInfoA + 72 75D562C0 6 Bytes [ 75, F8, 57, E8, 15, E7 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheConfigInfoA + 7A 75D562C8 24 Bytes [ 8B, F8, 85, FF, 7D, 04, 3B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!SetUrlCacheConfigInfoA + 93 75D562E1 85 Bytes [ 8C, 00, 00, 00, 8D, 5E, 38, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ShowSecurityInfo + 21 75D5B045 59 Bytes [ 75, 0C, FF, 75, 08, FF, 37, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ShowSecurityInfo + 5D 75D5B081 30 Bytes [ 04, 8D, 45, E0, 50, 53, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ShowSecurityInfo + 7C 75D5B0A0 13 Bytes [ 8B, F0, F7, DE, 1B, F6, 83, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ShowSecurityInfo + 8A 75D5B0AE 36 Bytes [ F8, 7F, 81, C6, 0E, 00, 07, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ShowSecurityInfo + AF 75D5B0D3 12 Bytes CALL 5A233E28
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ShowClientAuthCerts + 3 75D5B1F5 41 Bytes CALL 75BE1010 C:\Windows\system32\ole32.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ShowX509EncodedCertificate + 7 75D5B21F 4 Bytes [ 51, 83, 65, FC ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ShowX509EncodedCertificate + C 75D5B224 39 Bytes [ 56, 57, 8B, F9, 8B, 4D, 08, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ShowX509EncodedCertificate + 34 75D5B24C 25 Bytes [ F8, EB, 05, BF, 05, 40, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ShowX509EncodedCertificate + 4E 75D5B266 41 Bytes [ 8B, FF, 55, 8B, EC, 56, 57, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!ShowX509EncodedCertificate + 78 75D5B290 9 Bytes JMP 75C1730E C:\Windows\system32\ole32.dll
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAlgIdToStringA + 2C 75D5B60D 3 Bytes [ 62, F5, FF ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAlgIdToStringA + 30 75D5B611 11 Bytes [ 8B, F8, 85, FF, 7C, 0D, FF, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAlgIdToStringA + 3C 75D5B61D 42 Bytes [ 75, 0C, 56, FF, 10, 8B, F8, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAlgIdToStringA + 68 75D5B649 20 Bytes [ 74, 06, 8B, 08, 50, FF, 51, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAlgIdToStringA + 7D 75D5B65E 21 Bytes [ 6F, 00, 6C, 00, 75, 00, 6D, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAlgIdToStringW + 11 75D5B75D 6 Bytes [ FF, 39, 7D, C8, 74, 59 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAlgIdToStringW + 18 75D5B764 17 Bytes [ 4D, D4, 8D, 45, D8, 50, 8D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAlgIdToStringW + 2B 75D5B777 3 Bytes [ 8B, F0, 3B ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAlgIdToStringW + 2F 75D5B77B 121 Bytes [ 7C, 1E, 33, C0, 39, 7D, D8, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetAlgIdToStringW + A9 75D5B7F5 36 Bytes [ C9, C2, 08, 00, 90, 90, 90, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSecurityProtocolToStringA + 27 75D5B8EE 6 Bytes [ 51, 08, 8B, 4D, FC, 5F ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSecurityProtocolToStringA + 2E 75D5B8F5 129 Bytes [ C6, 5E, 33, CD, 5B, E8, 5F, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSecurityProtocolToStringA + B0 75D5B977 281 Bytes [ 7D, E4, 0F, 86, 25, 01, 00, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSecurityProtocolToStringW + E3 75D5BA91 3 Bytes [ 29, EC, F3 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSecurityProtocolToStringW + E7 75D5BA95 44 Bytes [ FF, 45, E4, 8B, 45, E4, 3B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSecurityProtocolToStringW + 114 75D5BAC2 41 Bytes [ 6F, 00, 6C, 00, 75, 00, 6D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSecurityProtocolToStringW + 13E 75D5BAEC 7 Bytes [ 00, 00, 90, 90, 66, 00, 72 ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetSecurityProtocolToStringW + 146 75D5BAF4 1 Byte [ 65 ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetErrorDlg + 1B 75D5C156 74 Bytes CALL 1B7B6700
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetErrorDlg + 67 75D5C1A2 44 Bytes [ EB, 13, FF, 75, 14, 8B, CB, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetErrorDlg + 94 75D5C1CF 61 Bytes [ 15, 78, 36, 07, 76, 5E, 5B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetErrorDlg + D2 75D5C20D 8 Bytes [ 08, 8D, 55, 0C, 52, FF, B6, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetErrorDlg + DB 75D5C216 57 Bytes [ 00, 00, 50, FF, 51, 20, 8B, ... ]
.text ...
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossing + 42 75D5C69C 71 Bytes [ 75, 0C, 83, C6, 1C, 56, 8D, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossing + 8A 75D5C6E4 25 Bytes [ 75, 0C, 8D, 45, F0, 50, 68, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossing + A5 75D5C6FF 30 Bytes [ D8, 31, 3A, 76, EB, 2B, 8B, ... ]
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossing + C4 75D5C71E 65 Bytes CALL 75D5BAF8 C:\Windows\system32\WININET.dll
.text C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] WININET.dll!InternetConfirmZoneCrossing + 106 75D5C760 31 Bytes [ 8B, 75, 08, 8B, 06, 8D, 4D, ... ]
.text ...
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[2428] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 003C200E
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[2428] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 003C1DAF
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[2428] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 003C1CF2
.text C:\Program Files\Sony\VAIO Power Management\SPMgr.exe[2428] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 003C191B
.text C:\Program Files\Windows Sidebar\sidebar.exe[2440] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Windows Sidebar\sidebar.exe[2440] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Windows Sidebar\sidebar.exe[2440] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Windows Sidebar\sidebar.exe[2440] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 1000191B
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2480] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2480] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2480] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2480] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 1000191B
.text C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe[2488] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe[2488] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe[2488] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe[2488] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 1000191B
.text C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.exe[2528] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 1000200E
.text C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.exe[2528] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 10001DAF
.text C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.exe[2528] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 10001CF2
.text C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.exe[2528] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 1000191B
.text C:\Program Files\Google\Google Updater\GoogleUpdater.exe[2540] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Google\Google Updater\GoogleUpdater.exe[2540] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Google\Google Updater\GoogleUpdater.exe[2540] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Google\Google Updater\GoogleUpdater.exe[2540] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 1000191B
.text C:\Program Files\Apoint\ApMsgFwd.exe[2608] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 1000200E
.text C:\Program Files\Apoint\ApMsgFwd.exe[2608] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 10001DAF
.text C:\Program Files\Apoint\ApMsgFwd.exe[2608] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 10001CF2
.text C:\Program Files\Apoint\ApMsgFwd.exe[2608] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 1000191B
.text C:\Program Files\Apoint\Apntex.exe[3124] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 008A200E
.text C:\Program Files\Apoint\Apntex.exe[3124] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 008A1DAF
.text C:\Program Files\Apoint\Apntex.exe[3124] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 008A1CF2
.text C:\Program Files\Apoint\Apntex.exe[3124] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 008A191B
.text C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe[3452] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 02AA200E
.text C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe[3452] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 02AA1DAF
.text C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe[3452] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 02AA1CF2
.text C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe[3452] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 02AA191B
.text C:\Windows\system32\igfxext.exe[3604] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 001B200E
.text C:\Windows\system32\igfxext.exe[3604] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 001B1DAF
.text C:\Windows\system32\igfxext.exe[3604] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 001B1CF2
.text C:\Windows\system32\igfxext.exe[3604] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 001B191B
.text C:\Windows\system32\igfxsrvc.exe[3636] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 003C200E
.text C:\Windows\system32\igfxsrvc.exe[3636] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 003C1DAF
.text C:\Windows\system32\igfxsrvc.exe[3636] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 003C1CF2
.text C:\Windows\system32\igfxsrvc.exe[3636] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 003C191B
.text C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] ntdll.dll!NtEnumerateKey 770DF8A4 5 Bytes JMP 1000200E
.text C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] ntdll.dll!NtEnumerateValueKey 770DF8D4 5 Bytes JMP 10001DAF
.text C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] ntdll.dll!NtQueryDirectoryFile 770DFDF4 5 Bytes JMP 10001CF2
.text C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] ntdll.dll!NtQuerySystemInformation 770DFFD4 5 Bytes JMP 1000191B



---- User IAT/EAT - GMER 1.0.13 ----

IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2336] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2364] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [69CA8926] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [69CA8B5F] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [69CA8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [69CAA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6EB74618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [69CA9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [69CA9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] [69CA9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [69CA8926] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6EB74618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [69CAA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [69CA8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6EB74618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!OpenFile] [69CA8CB4] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CopyFileW] [69CA8926] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeleteFileW] [69CA8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!MoveFileW] [69CA8B5F] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateFileW] [69CAA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateFileW] [69CAA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [6EB74618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegCreateKeyExA] [69CA955A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] [69CA9B2B] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExA] [69CA9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExW] [69CA9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [69CA2E1C] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [69CA8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [69CA2C06] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [69CAA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [69CA2A08] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [6EB74618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!AccessCheck] [69CA886A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueW] [69CA9A83] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteValueW] [69CA9D29] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExW] [69CA9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] [69CA9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW] [69CA9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExA] [69CA9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [69CA8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [69CA8FD6] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [69CAA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [69CA8F7E] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [69CAA2A5] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6EB74618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] [69CA9B2B] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [69CA955A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [69CA9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueA] [69CA9C87] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [69CA9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [69CA9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] [69CA9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueW] [69CA9D29] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] [69CA9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!SetFileSecurityW] [69CA9E24] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExA] [69CA9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegCreateKeyExW] [69CA9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExW] [69CA9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!AccessCheck] [69CA886A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateFileW] [69CAA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!MoveFileExW] [69CA8C44] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [6EB74618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [69CA8926] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [69CA8B5F] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [69CA8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [69CA8FD6] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [69CA8C44] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [6EB74618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [69CAA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW] [69CA9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] [69CA9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW] [69CA9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteValueW] [69CA9D29] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW] [69CA9A83] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW] [69CA94C8] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!SetFileSecurityW] [69CA9E24] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!AccessCheck] [69CA886A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA] [69CA9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!PrivCopyFileExW] [69CA8F1A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!MoveFileExW] [69CA8C44] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeleteFileW] [69CA8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [6EB74618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!CreateFileW] [69CAA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetFileAttributesW] [69CA8FD6] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!SetFileSecurityW] [69CA9E24] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegCreateKeyExW] [69CA9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] [69CA9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegOpenKeyExW] [69CA9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!CreateFileW] [69CAA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6EB74618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegCreateKeyExW] [69CA9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] [69CA9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegOpenKeyExW] [69CA9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegCreateKeyExA] [69CA955A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegOpenKeyExA] [69CA9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] [69CA9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] [69CA9B2B] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [6EB74618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegOpenKeyExA] [69CA9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegCreateKeyExA] [69CA955A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] [69CA9B2B] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegOpenKeyExW] [69CA9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[4492] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [6EB74618] C:\Windows\system32\ShimEng.dll

---- Devices - GMER 1.0.13 ----

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CLOSE [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_READ [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_WRITE [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_INFORMATION [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_INFORMATION [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_EA [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_EA [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_FLUSH_BUFFERS [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DEVICE_CONTROL [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SHUTDOWN [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_LOCK_CONTROL [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CLEANUP [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE_MAILSLOT [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_SECURITY [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_SECURITY [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_POWER [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SYSTEM_CONTROL [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DEVICE_CHANGE [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_QUOTA [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_QUOTA [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CLOSE [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_READ [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_WRITE [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_INFORMATION [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_INFORMATION [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_EA [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_EA [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_FLUSH_BUFFERS [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DIRECTORY_CONTROL [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DEVICE_CONTROL [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SHUTDOWN [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_LOCK_CONTROL [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CLEANUP [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE_MAILSLOT [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_SECURITY [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_SECURITY [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_POWER [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SYSTEM_CONTROL [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DEVICE_CHANGE [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_QUOTA [89D461D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_QUOTA [89D461D0] SYMTDI.SYS

---- Processes - GMER 1.0.13 ----

Process C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.exe (*** hidden *** ) 2528
Library C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.exe (*** hidden *** ) @ C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.exe [2528] 0x00400000

---- Registry - GMER 1.0.13 ----

Reg \Registry\USER\S-1-5-21-1941123769-3822138595-3536932832-1003\Software\Microsoft\Windows\CurrentVersion\Run@possalavrv c:\users\cobra!\appdata\local\microsoft\possalavrv.exe possalavrv

---- Files - GMER 1.0.13 ----

File C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.dat
File C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv.exe
File C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv_nav.dat
File C:\Users\Cobra!\AppData\Local\Microsoft\possalavrv_navps.dat

---- EOF - GMER 1.0.13 ----

#13 roger007

roger007
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 05 October 2007 - 08:22 PM

hi, i decided to try those steps in safe mode,and i think it worked this time :thumbsup:

please check GMER LOG , thanks


GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-10-06 02:16:33
Windows 6.0.6000


---- System - GMER 1.0.13 ----

SSDT 891A1E88 ZwAlertResumeThread
SSDT 891A1F48 ZwAlertThread
SSDT 891BD370 ZwAllocateVirtualMemory
SSDT 89197C40 ZwConnectPort
SSDT 891BBE68 ZwCreateMutant
SSDT 891A10C8 ZwCreateThread
SSDT 891B9568 ZwFreeVirtualMemory
SSDT 891A1CC8 ZwImpersonateAnonymousToken
SSDT 891A1DA8 ZwImpersonateThread
SSDT 891B9468 ZwMapViewOfSection
SSDT 891BBDA8 ZwOpenEvent
SSDT 891BD440 ZwOpenProcessToken
SSDT 891BC5B0 ZwOpenThreadToken
SSDT 891A93C8 ZwResumeThread
SSDT 8919BDF8 ZwSetContextThread
SSDT 891BC6A0 ZwSetInformationProcess
SSDT 8919BD08 ZwSetInformationThread
SSDT 891BBCC8 ZwSuspendProcess
SSDT 8919BB48 ZwSuspendThread
SSDT 891A11A8 ZwTerminateProcess
SSDT 8919BC28 ZwTerminateThread
SSDT 891BC770 ZwUnmapViewOfSection
SSDT 891BD2A0 ZwWriteVirtualMemory

---- User code sections - GMER 1.0.13 ----

.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] kernel32.dll!FindResourceW 764733FE 5 Bytes JMP 28001A50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] kernel32.dll!SizeofResource 7647341C 7 Bytes JMP 28001C10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] kernel32.dll!SetUnhandledExceptionFilter 7647D187 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\msnmsgr.exe
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] kernel32.dll!CreateEventA 76497B60 5 Bytes JMP 28001830 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] kernel32.dll!LockResource 7649D5DF 5 Bytes JMP 28001CC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] kernel32.dll!FindResourceExW 7649D673 7 Bytes JMP 28001AD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] kernel32.dll!LoadResource 7649D74B 1 Byte [ E9 ]
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] kernel32.dll!LoadResource + 2 7649D74D 5 Bytes [ 44, B6, B1, CC, CC ]
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] ADVAPI32.dll!CryptDeriveKey 767BD229 7 Bytes JMP 28001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] ADVAPI32.dll!CryptDecrypt 767BD359 7 Bytes JMP 28001050 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] USER32.dll!SetWindowPlacement 762274E1 5 Bytes JMP 28004CD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] USER32.dll!TrackPopupMenuEx 7622C76F 5 Bytes JMP 28004230 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] USER32.dll!SetWindowRgn 7622E016 7 Bytes JMP 28004DB0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] USER32.dll!CreateWindowExW 762385F8 5 Bytes JMP 28003370 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] USER32.dll!PeekMessageW 762425BC 5 Bytes JMP 28003A60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] USER32.dll!MessageBoxIndirectW 7624F1B3 5 Bytes JMP 28004FB0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] USER32.dll!CreateDialogParamW 7625A500 5 Bytes JMP 28004E50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] WS2_32.dll!closesocket 77A83847 5 Bytes JMP 280094B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] WS2_32.dll!send 77A83A8A 5 Bytes JMP 28009120 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] WS2_32.dll!recv 77A84ABD 5 Bytes JMP 28008D80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] WS2_32.dll!WSASend 77A84EE9 5 Bytes JMP 280092A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] WS2_32.dll!WSARecv 77A872B5 5 Bytes JMP 28008F10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] SHELL32.dll!Shell_NotifyIconW 768B310C 5 Bytes JMP 28002B50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] ole32.dll!CoRegisterClassObject 766839AC 5 Bytes JMP 28001E20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] ole32.dll!CoInitializeEx 766B885D 5 Bytes JMP 28001D20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] WININET.dll!InternetCloseHandle 7789DA89 5 Bytes JMP 28007FF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] WININET.dll!HttpOpenRequestA 778A4331 5 Bytes JMP 28007D10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] WININET.dll!InternetReadFile 778AABBC 5 Bytes JMP 28007E70 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[2392] WININET.dll!HttpSendRequestA 778ACD48 5 Bytes JMP 28007F40 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

---- User IAT/EAT - GMER 1.0.13 ----

IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[2088] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\Common Files\AOL\1186701864\ee\aolsoftware.exe[2348] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\user32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\user32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\Iphlpapi.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\Iphlpapi.DLL [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Program Files\AOL 9.0 VR\waol.exe[3144] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [6B3E8926] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [6B3E8B5F] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [6B3E8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [6B3EA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [6F114618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [6B3E9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [6B3E9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] [6B3E9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [6B3E8926] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [6F114618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [6B3EA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [6B3E8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [6F114618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!OpenFile] [6B3E8CB4] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CopyFileW] [6B3E8926] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeleteFileW] [6B3E8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!MoveFileW] [6B3E8B5F] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateFileW] [6B3EA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateFileW] [6B3EA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [6F114618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegCreateKeyExA] [6B3E955A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] [6B3E9B2B] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExA] [6B3E9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExW] [6B3E9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [6B3E2E1C] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [6B3E8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [6B3E2C06] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [6B3EA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [6B3E2A08] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [6F114618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!AccessCheck] [6B3E886A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueW] [6B3E9A83] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteValueW] [6B3E9D29] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExW] [6B3E9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] [6B3E9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW] [6B3E9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExA] [6B3E9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [6B3E8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [6B3E8FD6] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [6B3EA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [6B3E8F7E] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [6B3EA2A5] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [6F114618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] [6B3E9B2B] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [6B3E955A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [6B3E9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueA] [6B3E9C87] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [6B3E9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [6B3E9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] [6B3E9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueW] [6B3E9D29] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] [6B3E9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!SetFileSecurityW] [6B3E9E24] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExA] [6B3E9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegCreateKeyExW] [6B3E9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExW] [6B3E9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!AccessCheck] [6B3E886A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateFileW] [6B3EA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!MoveFileExW] [6B3E8C44] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [6F114618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [6B3E8926] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [6B3E8B5F] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [6B3E8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [6B3E8FD6] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [6B3E8C44] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [6F114618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [6B3EA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW] [6B3E9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] [6B3E9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW] [6B3E9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteValueW] [6B3E9D29] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW] [6B3E9A83] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW] [6B3E94C8] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!SetFileSecurityW] [6B3E9E24] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!AccessCheck] [6B3E886A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA] [6B3E9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!PrivCopyFileExW] [6B3E8F1A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!MoveFileExW] [6B3E8C44] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeleteFileW] [6B3E8A95] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [6F114618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!CreateFileW] [6B3EA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetFileAttributesW] [6B3E8FD6] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!SetFileSecurityW] [6B3E9E24] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegCreateKeyExW] [6B3E9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] [6B3E9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegOpenKeyExW] [6B3E9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!CreateFileW] [6B3EA3C1] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [6F114618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegCreateKeyExW] [6B3E9669] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] [6B3E9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegOpenKeyExW] [6B3E9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegCreateKeyExA] [6B3E955A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegOpenKeyExA] [6B3E9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] [6B3E9BD7] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] [6B3E9B2B] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [6F114618] C:\Windows\system32\ShimEng.dll
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegOpenKeyExA] [6B3E9771] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegCreateKeyExA] [6B3E955A] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] [6B3E9B2B] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegOpenKeyExW] [6B3E9845] C:\Windows\AppPatch\AcGenral.DLL
IAT C:\Users\Cobra!\Desktop\gmer\gmer.exe[3656] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [6F114618] C:\Windows\system32\ShimEng.dll

AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CLOSE [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_READ [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_WRITE [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_INFORMATION [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_INFORMATION [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_EA [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_EA [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_FLUSH_BUFFERS [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DEVICE_CONTROL [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SHUTDOWN [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_LOCK_CONTROL [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CLEANUP [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_CREATE_MAILSLOT [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_SECURITY [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_SECURITY [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_POWER [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SYSTEM_CONTROL [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_DEVICE_CHANGE [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_QUERY_QUOTA [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Tcp IRP_MJ_SET_QUOTA [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CLOSE [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_READ [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_WRITE [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_INFORMATION [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_INFORMATION [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_EA [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_EA [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_FLUSH_BUFFERS [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DIRECTORY_CONTROL [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DEVICE_CONTROL [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SHUTDOWN [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_LOCK_CONTROL [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CLEANUP [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_CREATE_MAILSLOT [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_SECURITY [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_SECURITY [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_POWER [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SYSTEM_CONTROL [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_DEVICE_CHANGE [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_QUERY_QUOTA [896E01D0] SYMTDI.SYS
AttachedDevice \Driver\tdx \Device\Udp IRP_MJ_SET_QUOTA [896E01D0] SYMTDI.SYS

---- EOF - GMER 1.0.13 ----

#14 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:11:29 AM

Posted 06 October 2007 - 04:35 AM

Super! Good initiative...I think you didn't quite run Killbox correctly the first time, but this time, it did. :thumbsup:
The rootkit has now been deleted, and the scans aren't picking up anything else, how is the PC running?

#15 roger007

roger007
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:29 AM

Posted 06 October 2007 - 06:09 AM

it's my son's laptop and he says the pop-ups have stopped :thumbsup: .he was moaning about it freezing this morning but that is probably unrelated and could be AOL which is not exactly stable/reliable !
he's asking me to "get rid" of all the little programs i downloaded (that's appreciation for you lol)
is it ok to do that yet? could you tell me how to remove/delete each one please.
also how did he pick up that garbage? i know he's into gaming and uses limewire and MSN,i think it was after he downloaded Messenger plus live though.
i'm on my PC as it will be hard to wrestle the laptop off him as it's Saturday!
thanks again for all your help :blink:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users