GMER 2.0.18444 - http://www.gmer.net Rootkit scan 2013-01-22 16:09:34 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9320325AS rev.0005HPM1 298,09GB Running: gqncp7rf.exe; Driver: C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\uxwcikow.sys ---- Kernel code sections - GMER 2.0 ---- .sptd1 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd1" section [0xF75BC346] ---- User code sections - GMER 2.0 ---- .text C:\WINDOWS\system32\winlogon.exe[244] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 100047C0 c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll .text C:\WINDOWS\system32\services.exe[288] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 100047C0 c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll .text C:\WINDOWS\system32\lsass.exe[300] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 100047C0 c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll .text C:\WINDOWS\system32\svchost.exe[452] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 100047C0 c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll .text C:\WINDOWS\system32\svchost.exe[516] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 100047C0 c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll .text ... ---- User IAT/EAT - GMER 2.0 ---- IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\winlogon.exe [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10009AC0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\winlogon.exe[244] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtDeleteFile] [10009EA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10009AC0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\services.exe[288] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10009AC0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\lsass.exe[300] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10009AC0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[452] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10009AC0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[516] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10009AC0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\svchost.exe[560] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10009AC0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\Explorer.EXE[840] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10009AC0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\USERENV.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\WINDOWS\system32\wbem\wmiprvse.exe[1176] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtFlushBuffersFile] [10009A60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtReadFile] [10009770] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryKey] [10009750] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtSetValueKey] [1000C9C0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!NtQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtEnumerateValueKey] [1000C8E0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtOpenFile] [10009D40] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExA] [10009AC0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10009BD0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtSetInformationFile] [10009EF0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtOpenKey] [1000CAA0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwClose] [1000CB60] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteKey] [1000CBE0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwDeleteValueKey] [1000CC30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwCreateKey] [1000CA30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwEnumerateKey] [1000C870] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!ZwQueryValueKey] [1000C950] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtQueryInformationFile] [10009790] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!NtCreateFile] [10009DB0] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!SetWindowsHookExW] [10009B20] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [10009B80] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll IAT C:\Documents and Settings\Administrator\Pulpit\gqncp7rf.exe[1276] @ C:\WINDOWS\system32\PSAPI.DLL [ntdll.dll!NtWriteFile] [10009E30] c:\docume~1\alluse~1\daneap~1\browse~1\261070~1.41\{c16c1~1\browse~1.dll ---- Registry - GMER 2.0 ---- Reg HKLM\SOFTWARE\Classes\CLSID\{573C44E6-69B3-9713-2C47-F91417735D83}\InprocServer32@ C:\PROGRA~1\MICROS~2\Office12\GR6302~1.DLL Reg HKLM\SOFTWARE\Classes\CLSID\{573C44E6-69B3-9713-2C47-F91417735D83}\InprocServer32@ThreadingModel Both Reg HKLM\SOFTWARE\Classes\CLSID\{573C44E6-69B3-9713-2C47-F91417735D83}\ProgID@ Groove.SketchUserInfo Reg HKLM\SOFTWARE\Classes\CLSID\{573C44E6-69B3-9713-2C47-F91417735D83}\Programmable@ ---- EOF - GMER 2.0 ----