GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-10-17 23:41:02 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-10 WDC_WD5000AADS-56S9B0 rev.01.00A02 Running: 8mndrr6y.exe; Driver: C:\DOCUME~1\1\USTAWI~1\Temp\kgpyrkow.sys ---- System - GMER 1.0.15 ---- INT 0x62 ? 8A3CDCB8 INT 0x63 ? 8A3CDCB8 INT 0x63 ? 8A3CDCB8 INT 0x63 ? 8A2E7F00 INT 0x63 ? 8A3CDCB8 INT 0xA4 ? 8A2E7F00 INT 0xB4 ? 8A2E7F00 ---- Kernel code sections - GMER 1.0.15 ---- ? sptd.sys Nie można odnaleźć określonego pliku. ! .text USBPORT.SYS!DllUnload BA5A68AC 5 Bytes JMP 8A2E7410 ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\winlogon.exe[220] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004540 c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll .text C:\WINDOWS\system32\services.exe[264] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004540 c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll .text C:\WINDOWS\system32\lsass.exe[276] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004540 c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll .text C:\WINDOWS\system32\svchost.exe[432] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004540 c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll .text C:\WINDOWS\system32\svchost.exe[500] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 10004540 c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll .text ... ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \WINDOWS\System32\Drivers\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [F74BE232] sptd.sys IAT \WINDOWS\System32\Drivers\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [F74BD730] sptd.sys IAT \WINDOWS\System32\Drivers\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [F74BDF12] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F74BD730] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F74BD914] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74BD856] sptd.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74BE0F0] sptd.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74BDF12] sptd.sys IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 8A2E7540 ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10008FD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[220] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtDeleteFile] [100093B0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10008FD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[264] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10008FD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[276] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10008FD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[432] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10008FD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[500] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10008FD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10008FD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[640] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10008FD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\user32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\user32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\user32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\user32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\user32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\user32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\user32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\user32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\user32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\user32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\user32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10008FD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\OTL.exe[1500] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10008FD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1632] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10008FD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\WINDOWS\notepad.exe[1640] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10008F70] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10008CB0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10008C90] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000AFF0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000AF10] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009250] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10008FD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100090E0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009400] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000B0D0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000B190] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000B210] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000B260] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000B060] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000AEA0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000AF80] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10008CD0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [100092C0] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009030] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009090] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll IAT C:\Documents and Settings\1\Pulpit\8mndrr6y.exe[1684] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009340] c:\docume~1\alluse~1\daneap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 8A3CC1E8 Device \FileSystem\Fastfat \FatCdrom 8A17E430 Device \Driver\usbuhci \Device\USBPDO-0 8A2BC1E8 Device \Driver\usbuhci \Device\USBPDO-1 8A2BC1E8 Device \Driver\usbuhci \Device\USBPDO-2 8A2BC1E8 Device \Driver\usbuhci \Device\USBPDO-3 8A2BC1E8 Device \Driver\usbehci \Device\USBPDO-4 8A28E1E8 Device \Driver\USBSTOR \Device\00000070 8A0911E8 Device \Driver\Cdrom \Device\CdRom0 8A2821E8 Device \Driver\atapi \Device\Ide\IdePort0 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort1 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort2 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-10 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\usbuhci \Device\USBFDO-0 8A2BC1E8 Device \Driver\usbuhci \Device\USBFDO-1 8A2BC1E8 Device \Driver\usbuhci \Device\USBFDO-2 8A2BC1E8 Device \Driver\USBSTOR \Device\0000006f 8A0911E8 Device \Driver\usbuhci \Device\USBFDO-3 8A2BC1E8 Device \Driver\usbehci \Device\USBFDO-4 8A28E1E8 Device \FileSystem\Fastfat \Fat 8A17E430 Device \FileSystem\Cdfs \Cdfs 8A1B21E8 ---- EOF - GMER 1.0.15 ----