Jump to content

laradj

Honorary Members
  • Posts

    28
  • Joined

  • Last visited

Everything posted by laradj

  1. Logfile of The Avenger Version 2.0, © by Swandog46 http://swandog46.geekstogo.com Platform: Windows Vista ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Good Morning, Here is the avenger text file. Beginning to process script file: Rootkit scan active. No rootkits found! Error: could not move file "C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys" File move operation "C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys|C:\Windows\System32\Drivers\atapi.sys" failed! Status: 0xc0000022 (STATUS_ACCESS_DENIED) Completed script processing. ******************* Finished! Terminate.
  2. I did this and it doesn't create a new text file to send you.
  3. SteelWerX Extended Configuration Access Control Lists Written by Bobbi Flekman 2006 © ******************************************************************************* Folder: C:\ Permissions: ******************************************************************************* Username Type Permissions Inheritance ******************************************************************************* OFFICE-HP\Administrators Allowed Full Control This Folder/File Only OFFICE-HP\Administrators Allowed Special (Unknown) Subfolders and Files only NT AUTHORITY\SYSTEM Allowed Full Control This Folder/File Only NT AUTHORITY\SYSTEM Allowed Special (Unknown) Subfolders and Files only OFFICE-HP\Users Allowed Read and Execute This Folder, Subfolders and Files NT AUTHORITY\Authenticated Users Allowed Special (A) Subfolders and Files only NT AUTHORITY\Authenticated Users Allowed Special (3) This Folder/File Only No Auditing set Owner: TrustedInstaller (NT SERVICE\TrustedInstaller) SteelWerX Extended Configuration Access Control Lists Written by Bobbi Flekman 2006 © ******************************************************************************* File: C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys Permissions: ******************************************************************************* Username Type Permissions Inheritance ******************************************************************************* NT AUTHORITY\SYSTEM Allowed Full Control This Folder/File Only (Inherited) \Everyone Allowed Read and Execute This Folder/File Only (Inherited) No Auditing set Owner: SYSTEM (NT AUTHORITY\SYSTEM)
  4. Hi, clicked on the .bat file and it disappeared and then I looked through my C drive manually with today's date and couldn't find it. I ran system look again and the output is below. Is there another way I should look? Thanks for teaching me a new word as well..."numpty" Lara also, when looking manually I see that this new file was just created: tdllck.dll in system 32 file, this is the rootkit file that keeps reappearing in my scans SystemLook v1.0 by jpshortstuff (29.08.09) Log created at 09:42 on 28/11/2009 by Cassidy (Administrator - Elevation successful) ========== filefind ========== Searching for "*atapi.sys" C:\Windows\System32\DriverStore\FileRepository\iteatapi.inf_431397fb\iteatapi.sys --a--- 35944 bytes [10:25 02/11/2006] [09:50 02/11/2006] BCED60D16156E428F8DF8CF27B0DF150 C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys --a--- 19048 bytes [10:25 02/11/2006] [09:49 02/11/2006] 4F4FCB8B6EA06784FB6D475B7EC7300F C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys --a--- 21560 bytes [02:23 21/01/2008] [02:23 21/01/2008] 2D9C903DC76A66813D350A562DE40ED9 C:\Windows\System32\drivers\atapi.sys --a--- 21560 bytes [02:23 21/01/2008] [02:23 21/01/2008] 2D9C903DC76A66813D350A562DE40ED9 C:\Windows\System32\drivers\iteatapi.sys --a--- 35944 bytes [07:36 02/11/2006] [09:50 02/11/2006] BCED60D16156E428F8DF8CF27B0DF150 C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys --a--- 21560 bytes [02:23 21/01/2008] [02:23 21/01/2008] 2D9C903DC76A66813D350A562DE40ED9 -=End Of File=-
  5. Hi, I'm sure I'm not understanding something You want me to open notepad and paste the following: @Echo off COPY /Y/B/V %WINDIR%\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys C:\atapi.sys del "%0" exit But then what? Is there an application or an execution I'm missing? Do you want me to paste the above into sytem look? Thanks. L.
  6. SystemLook v1.0 by jpshortstuff (29.08.09) Log created at 09:23 on 27/11/2009 by Cassidy (Administrator - Elevation successful) ========== filefind ========== Searching for "*atapi.sys" C:\Windows\System32\DriverStore\FileRepository\iteatapi.inf_431397fb\iteatapi.sys --a--- 35944 bytes [10:25 02/11/2006] [09:50 02/11/2006] BCED60D16156E428F8DF8CF27B0DF150 C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys --a--- 19048 bytes [10:25 02/11/2006] [09:49 02/11/2006] 4F4FCB8B6EA06784FB6D475B7EC7300F C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys --a--- 21560 bytes [02:23 21/01/2008] [02:23 21/01/2008] 2D9C903DC76A66813D350A562DE40ED9 C:\Windows\System32\drivers\atapi.sys --a--- 21560 bytes [02:23 21/01/2008] [02:23 21/01/2008] 2D9C903DC76A66813D350A562DE40ED9 C:\Windows\System32\drivers\iteatapi.sys --a--- 35944 bytes [07:36 02/11/2006] [09:50 02/11/2006] BCED60D16156E428F8DF8CF27B0DF150 C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys --a--- 21560 bytes [02:23 21/01/2008] [02:23 21/01/2008] 2D9C903DC76A66813D350A562DE40ED9 -=End Of File=-
  7. FYI - I tried to re run combo fix and it crashed at stage 5 again. I'll do the new application now. Thanks, L.
  8. Hi, Here is the text from avenger and i will now re run combofix. Thanks for all of your help. Lara Logfile of The Avenger Version 2.0, © by Swandog46 http://swandog46.geekstogo.com Platform: Windows Vista ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! Error: could not move file "C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys" File move operation "C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys|C:\Windows\System32\Drivers\atapi.sys" failed! Status: 0xc0000022 (STATUS_ACCESS_DENIED) Completed script processing. ******************* Finished! Terminate.
  9. IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B40000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70830000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 704C0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70830000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70830000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 704C0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70830000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70930000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70830000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70830000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70930000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B10000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B50000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 704C0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70830000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70930000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B10000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 704C0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70B90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 704C0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70BD0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70830000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B10000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 704C0000 IAT c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe[5648] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\iPod\bin\iPodService.exe[5652] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70830000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70830000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70830000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70830000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70930000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70830000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70830000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70930000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B10000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B50000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70830000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70930000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B10000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70B90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70BD0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70830000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B10000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe[5768] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 ---- Devices - GMER 1.0.15 ---- Device Ntfs.sys (NT File System Driver/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp pctgntdi.sys Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 [807599AA] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xfc]} Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2 [807599AA] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xfc]} Device \Driver\atapi \Device\Ide\IdePort0 [807599AA] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xfc]} Device \Driver\atapi \Device\Ide\IdePort1 [807599AA] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xfc]} Device \Driver\atapi \Device\Ide\IdePort2 [807599AA] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xfc]} Device \Driver\atapi \Device\Ide\IdePort3 [807599AA] \SystemRoot\system32\drivers\atapi.sys[unknown section] {MOV EAX, [0xffdf0308]; JMP [EAX+0xfc]} Device \Driver\PCTSDInjDriver32 \Device\PCTSDInjDriver32 PCTSDInj32.sys Device \Driver\BTHUSB \Device\00000084 bthport.sys (Bluetooth Bus Driver/Microsoft Corporation) Device \Driver\BTHUSB \Device\00000084 bthport.sys (Bluetooth Bus Driver/Microsoft Corporation) Device \Driver\BTHUSB \Device\00000086 bthport.sys (Bluetooth Bus Driver/Microsoft Corporation) Device \Driver\BTHUSB \Device\00000086 bthport.sys (Bluetooth Bus Driver/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0021866afbed Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0021866afbed (not active ControlSet) ---- Files - GMER 1.0.15 ---- File C:\Windows\system32\drivers\atapi.sys suspicious modification ---- EOF - GMER 1.0.15 ----
  10. IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B40000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B80000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70EB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70DF0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C00000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BC0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70960000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B40000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70DF0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BC0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C00000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70EB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70960000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70EB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C00000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B40000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70EB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[4328] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[4996] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70A60000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 707F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 708F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 707F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70E40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70D40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 707F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70A60000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70A60000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 707F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 707F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70DC0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70D80000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70D40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 71160000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70B90000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70E40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70D40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 708F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70D40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 707F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70A60000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 708F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70AD0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B10000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70E40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70D80000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70D40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 708F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70A60000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 707F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70A60000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 708F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70AD0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70D80000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70B50000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70D40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70E40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70D40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70B90000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 707F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70A60000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70AD0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70E40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70D40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70E40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70B50000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 707F0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70A60000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70D40000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70B90000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70B50000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D00000 IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[5160] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 707F0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[5180] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70960000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B40000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B80000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70EB0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70DF0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70960000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70EB0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70960000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B40000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70DF0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BC0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E30000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70DF0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70EB0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe[5572] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C00000
  11. IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3708] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[3756] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[3820] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70A20000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 707B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 708B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 707B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70E00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70D00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 707B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70D80000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70D40000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70DC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70D00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 707B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70A20000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 707B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70A20000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70DC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 707B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70A20000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 708B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70A90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70AD0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70E00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70D40000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70DC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70D00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70DC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70D00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70E00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70B10000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 707B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70A20000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 708B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70A20000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70DC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70DC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70DC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70D00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70B50000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70B10000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 707B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\iphlpapi.dll [ADVAPI32.dll!RegQueryValueExA] 70D00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\iphlpapi.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 71160000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70B50000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70DC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70E00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70D00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 708B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 707B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70A20000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 708B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70A90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70DC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70D40000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70B10000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70D00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70DC0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70E00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70D00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70B50000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 707B0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70A20000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70A90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70E00000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3876] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70CC0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70960000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70EB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E30000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70DF0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70EB0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BC0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70960000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D70000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70860000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AD0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\SearchIndexer.exe[3968] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70960000
  12. IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3364] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E40000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BD0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C10000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711C0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C10000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3380] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70900000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70E50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70490000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 71170000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70BA0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70E50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70900000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70900000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70AE0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70490000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70D90000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70B60000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70900000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70AE0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B20000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70E50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70D90000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70490000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70DD0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70D90000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70490000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70490000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70E50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70B60000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70900000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70490000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70490000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70E50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70BA0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70AE0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70E50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70BA0000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70B60000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70490000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[3468] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70A90000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 6FA10000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70A90000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70A90000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70920000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70E70000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70D70000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70A90000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70920000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B00000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 6FA10000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70DB0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70B80000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70D70000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70A90000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70920000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B00000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B40000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70E70000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70DB0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 6FA10000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70D70000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70DF0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70DB0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 6FA10000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70D70000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 6FA10000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70E70000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70D70000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70BC0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70A90000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B00000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 6FA10000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 71170000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70BC0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70E70000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70D70000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70920000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70D70000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70BC0000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70B80000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 6FA10000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D30000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70D70000 IAT C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe[3548] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D30000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\msiexec.exe[3680] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000
  13. IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\iphlpapi.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\iTunes\iTunesHelper.exe[3024] @ C:\Windows\system32\iphlpapi.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[3164] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E40000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B90000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BD0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C10000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711C0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C10000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[3204] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe[3240] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3320] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000
  14. IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70B10000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70B90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 6F3E0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70AD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 6F750000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 705C0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 6F9B0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70630000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70B90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 6F3E0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70B10000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70870000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70AD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 6F750000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70B50000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70B10000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 6F3E0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70B90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70AD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70B90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 6F3E0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70BD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70AD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 708E0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 6F750000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 705C0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70630000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 70ED0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 708E0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70B90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70BD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70AD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 6F9B0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70B90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 6F3E0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70B90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70AD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 708E0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70870000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 6F3E0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 6F750000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 6F9B0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 705C0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70B90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70BD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70B90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70AD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 6F3E0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70BD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70870000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!WriteFile] 6F750000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!LoadResource] 705C0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70AD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\System32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\taskeng.exe[2980] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe[2988] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70840000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AB0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70840000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70940000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70840000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70E90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 704D0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70E90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BA0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70840000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AB0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AB0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 704D0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AB0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70840000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70940000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AB0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 704D0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70840000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E10000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70DD0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 704D0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70840000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AB0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70940000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B20000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B60000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70E90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70DD0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 704D0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70840000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AB0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70940000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B20000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 704D0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70DD0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BA0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E50000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 704D0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70E90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70D90000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70BE0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70840000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AB0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe[2996] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B20000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Java\jre6\bin\jusched.exe[3008] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000
  15. IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\rundll32.exe[2252] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2516] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 707E0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70570000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70670000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70570000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70BC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70AC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70A80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 707E0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70A80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70200000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70B80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 707E0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70570000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70570000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70570000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 707E0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70670000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70850000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70B80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70200000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70A80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70B00000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 708D0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70AC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70570000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 707E0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70670000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70850000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70890000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70BC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70B00000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70B80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70200000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70A80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70AC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70570000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70B40000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70B00000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70A80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70200000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70B80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70AC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70B80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70200000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70A80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70A80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70B80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70200000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70BC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70AC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70910000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70570000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 707E0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70850000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70B80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70A80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70AC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70200000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70BC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 708D0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70570000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 707E0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70670000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 707E0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70A80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70B80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711C0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70910000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70A80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70B80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70BC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70AC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70670000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70BC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70A80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70B80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70AC0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70910000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 708D0000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70200000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70A80000 IAT C:\Windows\system32\taskeng.exe[2600] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70570000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\MSVCRT.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2616] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\Dwm.exe[2700] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [ADVAPI32.dll!RegSetValueExW] 70B90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [ADVAPI32.dll!OpenSCManagerW] 70870000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [KERNEL32.dll!WriteFile] 6F750000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [KERNEL32.dll!LoadResource] 705C0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [740C88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [741098A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [740CB9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [740BFB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [740C7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [740BEA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [740FB17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [740CBC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [740C074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [740C06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [740B71B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7414D848] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [740E7379] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [740BE109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [740B697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [740B69A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [740C2465] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54 c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 705C0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 6F750000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 6F9B0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 6F750000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70BD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70AD0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 705C0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 6F750000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 705C0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70A90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 6F3E0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70B90000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 6F750000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 6F750000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 705C0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 6F9B0000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70630000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70830000 IAT C:\Windows\Explorer.EXE[2740] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70BD0000
  16. IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\System32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\System32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1876] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[2040] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[2068] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 706B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70920000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 707B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70990000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 709D0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70D00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70C40000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70CC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70340000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70BC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70C00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70920000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 706B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70920000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70BC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70340000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70CC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70920000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 706B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 707B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 706B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70D00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70C00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70BC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 706B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 706B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70C80000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70C40000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70BC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70340000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70CC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70C00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 706B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70920000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 707B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70990000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70CC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70340000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70BC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70C40000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70A10000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70C00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70BC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70CC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70340000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70D00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70C00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70A50000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 706B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70920000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70990000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 707B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70920000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70BC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70CC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70CC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70340000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70BC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711C0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70A50000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70BC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70CC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70D00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70C00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 707B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70CC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70BC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70C00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70340000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70D00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70A10000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 706B0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70920000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70D00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70BC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70CC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70C00000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70A50000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70A10000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70340000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70BC0000 IAT C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe[2084] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 706B0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wbem\wmiprvse.exe[2224] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000
  17. IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70900000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70E50000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70900000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70AE0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B20000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70E50000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70D90000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70900000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70AE0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70D90000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70B60000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70D90000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70E50000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70BA0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70AE0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 71170000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70BA0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70E50000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70900000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70E50000 IAT C:\Windows\system32\svchost.exe[1404] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70BA0000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70B60000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70D50000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70480000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70E50000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70B6 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70800000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70900000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70A70000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D10000 IAT C:\Windows\system32\svchost.exe[1404] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70930000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 706C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 707C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 706C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70D10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70C10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 706C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 706C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70930000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 707C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 709A0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 709E0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70D10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70C50000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70CD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70350000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70C10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70930000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 706C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70930000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70350000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70CD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 706C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70930000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 707C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 709A0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70CD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70350000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70C50000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70A20000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70C10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 706C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70C90000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70C50000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70350000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70CD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70C10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70CD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70350000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70D10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70C10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70A60000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 706C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70930000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 709A0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\secur32.dll [ADVAPI32.dll!RegSetValueExW] 70CD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70350000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70CD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70C10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70350000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70D10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70A20000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!WriteFile] 706C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70930000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 707C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\USERENV.dll [KERNEL32.dll!LoadResource] 70930000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70CD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70CD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70C10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70A60000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70A20000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70350000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\NETAPI32.dll [KERNEL32.dll!WriteFile] 706C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 71010000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70A60000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70CD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70D10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70C10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 707C0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70C10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70D10000 IAT C:\Windows\System32\spoolsv.exe[1580] @ C:\Windows\System32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70BD0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ws2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ws2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ws2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ws2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ws2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ws2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ws2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\Crypt32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\Crypt32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\Crypt32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\Crypt32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\Crypt32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\Crypt32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\Crypt32.dll [KERNEL32.dll!WriteFile] 70880000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\Crypt32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\Crypt32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[1616] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1740] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000
  18. IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70D20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 707C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70DA0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70D60000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70DE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70D20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70DE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70E20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70D20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70B70000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 707C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70A40000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70AB0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 71120000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70B70000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70DE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70E20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70D20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 708C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70E20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 708C0000 IAT C:\Windows\system32\svchost.exe[1140] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70A40000 IAT C:\Windows\system32\svchost.exe[1140] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70DE0000 IAT C:\Windows\system32\svchost.exe[1140] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70DE0000 IAT C:\Windows\system32\svchost.exe[1140] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Windows\system32\svchost.exe[1140] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70D20000 IAT C:\Windows\system32\svchost.exe[1140] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70DE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70D20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70E20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70B30000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 707C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70A40000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70DE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70D20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70B70000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70B30000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 707C0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\AUDIODG.EXE[1208] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[1228] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[1228] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe[1264] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70920000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70E80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70D80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70920000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B10000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B50000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70E80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70DC0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70D80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70920000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B10000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70DC0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70B90000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70D80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E00000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70DC0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70D80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70E80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70D80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70BD0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B10000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 71180000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70BD0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70E80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70D80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70920000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70E80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70D80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70E80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70B90000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70920000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AA0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70D80000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70BD0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70B90000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 704B0000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Windows\system32\svchost.exe[1308] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70820000 IAT C:\Windows\system32\svchost.exe[1308] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70D80000 IAT C:\Windows\system32\svchost.exe[1308] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D40000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[1392] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 0000
  19. IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\nvvsvc.exe[952] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B90000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BD0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E40000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C10000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Windows\system32\svchost.exe[980] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[980] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!OpenSCManagerW] 70BD0000 IAT C:\Windows\system32\svchost.exe[980] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Windows\system32\svchost.exe[980] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[980] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[980] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711C0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C10000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[980] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[980] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[980] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BD0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C10000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BD0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[980] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70810000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70A80000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70810000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70910000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70810000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70E60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70D60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70810000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70A80000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70910000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70AF0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B30000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70E60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70DA0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70D60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70A80000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70810000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70A80000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70810000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70A80000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70910000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70AF0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70DA0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70B70000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70D60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70810000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70DE0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70DA0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70D60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70E60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70D60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70BB0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70810000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70A80000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70AF0000 IAT C:\Windows\System32\svchost.exe[1076] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70910000 IAT C:\Windows\System32\svchost.exe[1076] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70A80000 IAT C:\Windows\System32\svchost.exe[1076] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1076] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E20000 IAT C:\Windows\System32\svchost.exe[1076] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E20000 IAT C:\Windows\System32\svchost.exe[1076] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Windows\System32\svchost.exe[1076] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70D60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70E60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70B70000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70810000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70A80000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70D60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70BB0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70B70000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 704A0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\System32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70810000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 71160000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70BB0000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E20000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70E60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70D60000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70910000 IAT C:\Windows\System32\svchost.exe[1076] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1076] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70D60000 IAT C:\Windows\System32\svchost.exe[1076] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D20000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[1104] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1104] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\System32\svchost.exe[1104] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\System32\svchost.exe[1104] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[1104] @ c:\windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[1104] @ c:\windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[1104] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[1104] @ c:\windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 707C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70A40000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 707C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 708C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 707C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70E20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70D20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 707C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70A40000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 708C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70AB0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70AF0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70E20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70D60000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70DE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70D20000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70A40000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 707C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70A40000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70DE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 707C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70A40000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 708C0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70AB0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70DE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70440000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70CE0000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70D60000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70B30000 IAT C:\Windows\system32\svchost.exe[1140] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueE
  20. [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\LSASRV.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\LSASRV.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\LSASRV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\LSASRV.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\LSASRV.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\LSASRV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\LSASRV.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\LSASRV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SAMSRV.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SAMSRV.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SAMSRV.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SAMSRV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SAMSRV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SAMSRV.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsass.exe[704] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\lsm.exe[712] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\winlogon.exe [ADVAPI32.dll!RegQueryValueExW] 71330000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\winlogon.exe [ADVAPI32.dll!RegSetValueExW] 71430000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\winlogon.exe [ADVAPI32.dll!RegDeleteKeyW] 70AB0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\winlogon.exe [ADVAPI32.dll!OpenSCManagerW] 71180000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\winlogon.exe [KERNEL32.dll!LoadResource] 71090000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 71090000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70E20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70F20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70E20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 71470000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 71370000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 71330000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 71090000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 71330000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70AB0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 71430000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 71090000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70E20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70E20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 71430000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70AB0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 71330000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70F20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 71090000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 71330000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 71430000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70E20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 71090000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70F20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 71100000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 71140000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 71470000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 713B0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 71430000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70AB0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 71330000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 71370000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70E20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 71090000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70F20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 71100000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 71430000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70AB0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 71330000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 713B0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 71180000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 71370000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70E20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 713F0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 713B0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 71330000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70AB0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 71430000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 71370000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 71330000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 71430000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70AB0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 71470000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 71370000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 711C0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70E20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 71090000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 71100000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 711C0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 71330000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 71430000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 71470000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 71370000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70F20000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 71470000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 71330000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 71430000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 71370000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 711C0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 71180000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70AB0000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 71330000 IAT C:\Windows\system32\winlogon.exe[736] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70E20000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\System32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\System32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\System32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\System32\svchost.exe[800] @ C:\Windows\System32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\DRIVERS\xaudio.exe[896] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B90000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BD0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E40000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C10000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!OpenSCManagerW] 70BD0000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[900] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711C0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C10000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BD0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C10000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BD0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70500000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[900] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW]
  21. Here is the GMER log, it's too long for one post. GMER 1.0.15.15252 - http://www.gmer.net Rootkit scan 2009-11-26 22:34:24 Windows 6.0.6001 Service Pack 1 Running: zqyjftf2.exe; Driver: C:\Users\Cassidy\AppData\Local\Temp\pwroypod.sys ---- System - GMER 1.0.15 ---- SSDT 8775D160 ZwAlpcConnectPort SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcess [0x80796CDC] SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcessEx [0x80796ECE] SSDT \SystemRoot\system32\drivers\TfSysMon.sys (ThreatFire System Monitor/PC Tools) ZwTerminateProcess [0x807DCB30] SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateUserProcess [0x807970D6] ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetTimerEx + 370 81CCE934 4 Bytes [60, D1, 75, 87] {PUSHA ; SAL DWORD [EBP-0x79], 0x1} .text ntkrnlpa.exe!KeSetTimerEx + 43C 81CCEA00 8 Bytes [DC, 6C, 79, 80, CE, 6E, 79, ...] {FSUBR QWORD [ECX+EDI*2-0x80]; INTO ; OUTSB ; JNS 0xffffffffffffff88} .text ntkrnlpa.exe!KeSetTimerEx + 854 81CCEE18 4 Bytes [30, CB, 7D, 80] {XOR BL, CL; JGE 0xffffffffffffff84} .text ntkrnlpa.exe!KeSetTimerEx + 918 81CCEEDC 4 Bytes [D6, 70, 79, 80] .rsrc C:\Windows\system32\drivers\atapi.sys entry point in ".rsrc" section [0x8075D000] .text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8DC09340, 0x3FA057, 0xE8000020] ? \ArcName\multi(0)disk(0)rdisk(0)partition(1)\Windows\system32\drivers\PctWfpFilter.sys The system cannot find the path specified. ! ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Bonjour\mDNSResponder.exe[316] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ws2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ws2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ws2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ws2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ws2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\inetmib1.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\inetmib1.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe[392] @ C:\Windows\system32\IPHLPAPI.DLL [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\svchost.exe[412] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70B90000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BD0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E40000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E00000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C10000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B50000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DC0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70EC0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BD0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70870000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70970000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AE0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E80000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 704F0000 IAT C:\Windows\system32\svchost.exe[600] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D80000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WININET.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!CreateServiceA] 711D0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\wininit.exe[644] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\services.exe [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\services.exe [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\services.exe [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerA] 70C20000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetWindowTextA] 70BA0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadResource] 70AF0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeviceIoControl] 70980000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetWindowTextW] 70B60000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!OpenSCManagerW] 70BE0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 716A0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 70880000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 70E50000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] 70E10000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] 70DD0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegQueryValueExW] 70D90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExW] 70E90000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegDeleteKeyW] 70510000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WININET.dll [ADVAPI32.dll!RegSetValueExA] 70ED0000 IAT C:\Windows\system32\services.exe[688] @ C:\Windows\system32\WININET.dll
  22. Hi, I followed your instructions and combo fix starts, says it detects rootkit activitity and has to restart, and then begins to scan but after completing some of the stages it crashes my computer and makes the screen go black. I made the mistake of trying it twice before I reread your instruction that said not to rerun it if I have problems. Sorry for the double otl posts earlier, OTL created 10 text files so I wasn't sure which ones to post. Happy Thanksgiving and I'll wait for further instructions. Thanks. Lara
  23. < End of report > ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1 .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-18] "EnableNotifications" = 0 "EnableNotifications\Ref" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{4A6FFEE5-C5ED-4738-8A0B-731D4652E7B1}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{5168F780-3563-4E94-8F87-21B44D82E172}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{E103EDE4-C7F8-448B-B475-60F7CA6AC2FF}" = lport=2869 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{062621A9-D223-4EB9-83FB-C3163BC5ED8F}" = protocol=17 | dir=in | app=c:\windows\system32\rundll32.exe | "{0F4C0D84-8945-4279-A863-7832BA8BE650}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{11C8DC70-3736-4C5E-AA43-D49EAA46E75F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{11CF649A-B94A-4777-BBC2-B29FB89F961F}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{1DD6C315-6D6F-4C88-9A8C-1F4F7A2B9646}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{1EEC080B-4BBC-4436-A369-2A2AE2E1CA50}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{2BA1CFEB-898A-4D94-A9E6-28CAD61219AA}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "{35B1B8FE-48CA-4EA0-8EE8-5BA02E7A4F4D}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{4FD9A9A4-1148-4041-B581-3F53F3B34A0A}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{555B92D9-EF90-49AB-B587-EE7DAED750B9}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{6435A5D5-321F-405F-AB32-F4CDD8884A4F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{65C96EE3-EE1F-4F75-A615-5D5C61E20ABE}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{71E69720-498E-4AC0-B143-D5C5E53EA1E4}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{741F79F7-87BD-40DD-BF90-2A458D812D28}" = dir=in | app=e:\setup\hpznui01.exe | "{74AD4907-3DA3-4921-BBB3-D20857903F06}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{7A64F80F-8533-4EFB-B519-042409152F3B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe | "{7DAAA77D-D339-4C00-A7D1-42881E692799}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{7EB085B8-344E-41CB-9D92-AB651F064199}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{83A9B118-0636-4C01-B622-3CD39E11C4B0}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "{A097F30A-63C3-4179-8242-351D4AF62150}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{A19BA251-0372-4956-B678-8C01F08A66D7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{A5596B96-3587-4484-A583-540B1A484054}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{AF92B6E9-02ED-485F-8196-528D4296F852}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{B078174B-CAB9-422D-8BD4-6B0FD1F6B70C}" = protocol=17 | dir=in | app=c:\jpvedf.exe | "{B45744D4-86A4-4417-A215-719ED5DE9E9A}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{B886CDAE-7D75-4194-8002-0783DF489F48}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe | "{BF1A007B-6F94-4FA6-8ED1-16F1109689A1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{BFC63AFD-4FFB-404E-BA61-F98AF7A59333}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe | "{C434E94E-D58F-4FDB-A8E8-948F2C85C7B7}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{C48B682E-B5E0-4EFA-87C2-7A54E0146B5C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{CEB005FC-A593-403D-9E0F-B5D6D6CB7B01}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{D0E1E2AF-6703-458D-90FE-855975EEDF5D}" = protocol=6 | dir=in | app=c:\windows\system32\rundll32.exe | "{D1D6E669-9DD7-4B12-8B84-4A3DF994AD90}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{D5304801-E40F-405D-9C35-696BC5396BB4}" = protocol=6 | dir=in | app=c:\jpvedf.exe | "{EE6E359C-343C-4F65-84B3-0D1D5344E65F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{F5FD2F6C-4959-4877-8963-91D77D16EACE}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.5500 "{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1 "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support "{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin "{102CBC47-7FDE-4E6C-8A3A-67B79833FAC8}" = BPDSoftware_Ini "{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant "{11B2F891-91C8-47ce-945A-A91003EA27FB}" = BPDSoftware "{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1 "{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1 "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18AB082B-6584-4F74-8ABC-D5935CF46E4C}" = 8500A909_eDocs "{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget "{2284D904-C138-4B58-93EC-5C362AB5130A}" = The Sims
  24. OTL Extras logfile created on: 11/24/2009 10:30:20 PM - Run 1 OTL by OldTimer - Version 3.1.9.0 Folder = C:\Users\Cassidy\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18828) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 89.91% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 174.47 Gb Total Space | 25.60 Gb Free Space | 14.68% Space Free | Partition Type: NTFS Drive D: | 11.84 Gb Total Space | 2.00 Gb Free Space | 16.89% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: OFFICE-HP Current User Name: Cassidy Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1 .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-18] "EnableNotifications" = 0 "EnableNotifications\Ref" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{4A6FFEE5-C5ED-4738-8A0B-731D4652E7B1}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{5168F780-3563-4E94-8F87-21B44D82E172}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{E103EDE4-C7F8-448B-B475-60F7CA6AC2FF}" = lport=2869 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{062621A9-D223-4EB9-83FB-C3163BC5ED8F}" = protocol=17 | dir=in | app=c:\windows\system32\rundll32.exe | "{0F4C0D84-8945-4279-A863-7832BA8BE650}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{11C8DC70-3736-4C5E-AA43-D49EAA46E75F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{11CF649A-B94A-4777-BBC2-B29FB89F961F}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{1DD6C315-6D6F-4C88-9A8C-1F4F7A2B9646}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{1EEC080B-4BBC-4436-A369-2A2AE2E1CA50}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{2BA1CFEB-898A-4D94-A9E6-28CAD61219AA}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "{35B1B8FE-48CA-4EA0-8EE8-5BA02E7A4F4D}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{4FD9A9A4-1148-4041-B581-3F53F3B34A0A}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{555B92D9-EF90-49AB-B587-EE7DAED750B9}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{6435A5D5-321F-405F-AB32-F4CDD8884A4F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{65C96EE3-EE1F-4F75-A615-5D5C61E20ABE}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{71E69720-498E-4AC0-B143-D5C5E53EA1E4}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{741F79F7-87BD-40DD-BF90-2A458D812D28}" = dir=in | app=e:\setup\hpznui01.exe | "{74AD4907-3DA3-4921-BBB3-D20857903F06}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{7A64F80F-8533-4EFB-B519-042409152F3B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe | "{7DAAA77D-D339-4C00-A7D1-42881E692799}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{7EB085B8-344E-41CB-9D92-AB651F064199}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{83A9B118-0636-4C01-B622-3CD39E11C4B0}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "{A097F30A-63C3-4179-8242-351D4AF62150}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{A19BA251-0372-4956-B678-8C01F08A66D7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{A5596B96-3587-4484-A583-540B1A484054}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{AF92B6E9-02ED-485F-8196-528D4296F852}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{B078174B-CAB9-422D-8BD4-6B0FD1F6B70C}" = protocol=17 | dir=in | app=c:\jpvedf.exe | "{B45744D4-86A4-4417-A215-719ED5DE9E9A}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | "{B886CDAE-7D75-4194-8002-0783DF489F48}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe | "{BF1A007B-6F94-4FA6-8ED1-16F1109689A1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{BFC63AFD-4FFB-404E-BA61-F98AF7A59333}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe | "{C434E94E-D58F-4FDB-A8E8-948F2C85C7B7}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{C48B682E-B5E0-4EFA-87C2-7A54E0146B5C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{CEB005FC-A593-403D-9E0F-B5D6D6CB7B01}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{D0E1E2AF-6703-458D-90FE-855975EEDF5D}" = protocol=6 | dir=in | app=c:\windows\system32\rundll32.exe | "{D1D6E669-9DD7-4B12-8B84-4A3DF994AD90}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{D5304801-E40F-405D-9C35-696BC5396BB4}" = protocol=6 | dir=in | app=c:\jpvedf.exe | "{EE6E359C-343C-4F65-84B3-0D1D5344E65F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{F5FD2F6C-4959-4877-8963-91D77D16EACE}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.5500 "{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1 "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support "{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin "{102CBC47-7FDE-4E6C-8A3A-67B79833FAC8}" = BPDSoftware_Ini "{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant "{11B2F891-91C8-47ce-945A-A91003EA27FB}" = BPDSoftware "{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1 "{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1 "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18AB082B-6584-4F74-8ABC-D5935CF46E4C}" = 8500A909_eDocs "{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget "{2284D904-C138-4B58-93EC-5C362AB5130A}" = The Sims
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.