Solved Windows host process (run32dll) stops working

TheMick · 2010/08/29

[Resolved] Windows host process (run32dll) stops working

Cannot open pes ext from windows explorer by double clicking. I have Mcafee Total Protection. It shows cookies removal on a daily basis, but no alerts. Today I noticed that the appearance of an emboroidery software changed its background color on its own. I dont see all pictures in Explorer. I have my folder options set for view thumbnail. I ran Microsoft tools and no problems were found.
DDS (Ver_10-03-17.01) - NTFSx86
Run by Brenda at 21:26:19.14 on Sun 08/29/2010
Internet Explorer: 8.0.6001.18943
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6002.2.1252.1.1033.18.3060.1906 [GMT -4:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\crypserv.exe
C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe
C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\McAfee Online Backup\MOBKbackup.exe
C:\Windows\system32\rundll32.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\McAfee Online Backup\MOBKbackup.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Brenda\Desktop\dds.scr
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://insightbb.com/
uSearch Bar = Preserve
uWindow Title = Internet Explorer provided by Dell
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
uURLSearchHooks: H - No File
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20100817022207.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0401.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: CyberDefender Link Patrol: {dd662a0c-12fe-4b38-ba53-247f7ec82f46} - c:\users\brenda\appdata\locallow\cyberdefender\cdmyidd.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: CyberDefender Link Patrol: {dd662a0c-12fe-4b38-ba53-247f7ec82f46} - c:\users\brenda\appdata\locallow\cyberdefender\cdmyidd.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0401.0\npwinext.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe "
uRun: [RegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0401.0\mswinext.exe "
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\status~1.lnk - c:\program files\brother\brmfcmon\BrMfcWnd.exe
uPolicies-explorer: <NO NAME> = none
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
Trusted Zone: insightbb.com
Trusted Zone: internet
Trusted Zone: intuit.com\ttlc
Trusted Zone: mcafee.com
Trusted Zone: trymedia.com\fe
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-nz/wlscctrl2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6064/mcfscan.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\615\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\brenda\appdata\roaming\mozilla\firefox\profiles\hh2hq2dv.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://pogo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files\microsoft\search enhancement pack\search helper\firefoxextension\searchhelperextension\components\SEPsearchhelperff.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.use_native_popup_windows ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.enable_click_image_resizing ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "accessibility.browsewithcaret_shortcut.enabled ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.high_water_mark ", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.gc_frequency ", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.lu ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.nu ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.nz ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbaam7a8h ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--p1ai ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbayh7gpa ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.tel ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.proxy.type ", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.buffer.cache.count ", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.buffer.cache.size ", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref( "dom.ipc.plugins.timeoutSecs ", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "ui.trackpoint_hack.enabled ", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.debug ", false);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.agedWeight ", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.bucketSize ", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.maxTimeGroupings ", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.timeGroupingSize ", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.boundaryWeight ", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.formfill.prefixWeight ", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref( "accelerometer.enabled ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "html5.enable ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl3.rsa_seed_sha ", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.download.backgroundInterval ", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.url.manual ", "http://www.firefox.com ");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref( "browser.search.param.yahoo-fr-ja ", "mozff ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ", "chrome://browser/locale/browser.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ", "chrome://browser/locale/browser.properties ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add ", "addons.mozilla.org ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add.36 ", "getpersonas.com ");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "lightweightThemes.update.enabled ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.allTabs.previews ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.hide_infobar_for_outdated_plugin ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "toolbar.customization.usesheet ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.nptest.dll ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npswf32.dll ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npctrl.dll ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npqtplugin.dll ", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.enable ", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.max ", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.cachetime ", 20);

============= SERVICES / DRIVERS ===============

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-5-31 385880]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-8-8 64304]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-8-8 160720]
R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2010-8-8 54776]
R2 dsl-db;Remote Access DB;c:\program files\common files\dell\mysql\bin\mysqld.exe [2007-9-14 5730304]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2010-8-14 88176]
R2 McMPFSvc;McAfee Personal Firewall Service; "c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-14 271480]
R2 McNaiAnn;McAfee VirusScan Announcer; "c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-14 271480]
R2 McProxy;McAfee Proxy Service; "c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-8-14 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-8-14 170144]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-8-14 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-8-14 141792]
R2 MOBKbackup;McAfee Online Backup;c:\program files\mcafee online backup\MOBKbackup.exe [2010-4-13 229688]
R2 vseamps;vseamps;c:\program files\common files\authentium\antivirus5\vseamps.exe [2010-4-8 117288]
R2 vsedsps;vsedsps;c:\program files\common files\authentium\antivirus5\vsedsps.exe [2010-4-8 117288]
R2 vseqrts;vseqrts;c:\program files\common files\authentium\antivirus5\vseqrts.exe [2010-4-8 154152]
R3 busbcrw;USB Card Reader Writer driver;c:\windows\system32\drivers\busbcrw.sys [2008-10-21 18944]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-8-8 55456]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-8-14 152320]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-8-14 51688]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-8-8 312616]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-1-20 16896]
S2 Apache2.2;Remote Access Media Server;c:\program files\common files\dell\apache\bin\httpd.exe [2007-9-21 15872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 dsl-fs-sync;Remote Access File Sync Service;c:\program files\common files\dell\remote access file sync service\dsl_fs_sync.exe [2009-4-13 189680]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-13 135664]
S2 WinDriver;WinDriver;c:\windows\system32\drivers\windrvr.sys [2008-10-20 196756]
S3 atidgllk;atidgllk;c:\dell\drivers\r169419\atidgllk.sys [2010-8-8 12048]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-7-24 30192]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2010-4-10 266544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-8-8 83496]
S3 wdpnp;WinDriver USB Client;c:\windows\system32\drivers\wdpnp.sys [2008-10-4 22748]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2010-08-29 07:33:04 0 d-----w- c:\program files\common files\Windows Live
2010-08-25 20:02:22 0 d-----w- c:\users\brenda\appdata\roaming\Uniblue
2010-08-24 00:48:18 1056768 ------w- c:\windows\system32\Roboex32.dll
2010-08-23 18:25:22 26624 ------w- c:\windows\system32\hercb.dll
2010-08-23 18:25:22 122949 ----a-w- c:\windows\system32\mir4.dll
2010-08-23 18:25:12 0 d-----w- c:\program files\Buzz Tools
2010-08-17 05:58:27 0 d-----w- c:\windows\MATS
2010-08-17 05:58:27 0 d-----w- c:\program files\Microsoft Fix it Center
2010-08-16 15:58:46 0 d-----w- c:\program files\Microsoft
2010-08-16 15:58:41 0 d-----w- c:\program files\MSN Toolbar
2010-08-16 15:57:56 0 d-----w- c:\program files\MSN Toolbar Installer
2010-08-15 08:38:08 0 d-----w- c:\program files\common files\Authentium
2010-08-15 07:44:57 510 ----a-w- c:\windows\WORDPAD.INI
2010-08-14 04:49:28 0 d-----w- c:\program files\SiteAdvisor
2010-08-14 04:48:30 51688 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-08-14 04:48:30 152320 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-08-14 04:48:10 0 d-----w- c:\program files\McAfee.com
2010-08-14 04:48:06 0 d-----w- c:\program files\McAfee
2010-08-14 03:13:28 0 d-----w- c:\users\brenda\appdata\roaming\Malwarebytes
2010-08-14 03:13:17 0 d-----w- c:\programdata\Malwarebytes
2010-08-13 02:49:31 0 d-----w- c:\programdata\Designer's Gallery
2010-08-12 12:52:59 2037760 ----a-w- c:\windows\system32\win32k.sys
2010-08-12 12:52:53 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-08-12 12:52:45 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-08-12 12:52:45 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-08-12 12:52:24 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-08-12 12:52:18 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-12 12:52:18 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-12 12:52:11 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-11 18:15:43 0 d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2010-08-11 06:34:15 0 d-----w- c:\users\brenda\appdata\roaming\Office-Kit.com
2010-08-11 06:34:15 0 d-----w- c:\programdata\Office-Kit.com
2010-08-10 07:03:44 0 d-----w- c:\windows\SQL9_KB970892_ENU
2010-08-08 19:52:51 0 d-----w- c:\program files\Microsoft SQL Server
2010-08-08 19:17:31 0 d-----w- c:\windows\PCHEALTH
2010-08-08 19:14:25 0 d-----w- c:\programdata\Microsoft Help
2010-08-08 08:55:27 0 d-----w- c:\program files\McAfeeMOBK
2010-08-08 08:55:21 54776 ----a-w- c:\windows\system32\drivers\MOBK.sys
2010-08-08 08:54:00 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2010-08-08 08:53:22 83496 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2010-08-08 08:53:22 64304 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2010-08-08 08:53:22 55456 ----a-w- c:\windows\system32\drivers\cfwids.sys
2010-08-08 08:53:22 312616 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2010-08-08 08:53:22 160720 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2010-08-08 05:07:09 16050 ----a-w- c:\windows\system32\results.xml
2010-08-08 04:41:10 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-08-08 04:40:01 528384 ----a-w- c:\windows\RtlExUpd.dll
2010-08-08 04:40:01 319488 ----a-w- c:\windows\HideWin.exe
2010-08-08 04:33:16 74703 ----a-w- c:\windows\system32\mfc45.dll
2010-08-08 04:32:57 0 d-----w- c:\users\brenda\appdata\roaming\iolo
2010-08-08 04:32:57 0 d-----w- c:\programdata\iolo
2010-08-08 04:24:24 985600 ----a-w- c:\windows\system32\drivers\HSX_DPV.sys
2010-08-08 04:24:24 8704 ----a-w- c:\windows\system32\drivers\XAudio.sys
2010-08-08 04:24:24 661504 ----a-w- c:\windows\system32\drivers\HSX_CNXT.sys
2010-08-08 04:24:24 267776 ----a-w- c:\windows\system32\drivers\HSXHWBS2.sys
2010-08-08 04:23:55 229376 ----a-w- c:\windows\system32\UCI32M25.dll
2010-08-08 04:23:55 145890 ----a-w- c:\windows\system32\drivers\HSFProf.cty
2010-08-08 03:59:58 0 d-----w- c:\program files\M779
2010-08-08 03:56:43 0 d-----w- c:\program files\NetWaiting
2010-08-08 03:24:32 0 d-----w- c:\windows\system32\Lang
2010-08-08 03:12:56 0 d-----w- c:\program files\Dell Remote Access
2010-08-08 03:12:56 0 d-----w- c:\program files\common files\Dell
2010-08-08 02:59:12 0 d-----w- c:\program files\ATI Technologies
2010-08-08 02:59:08 0 d-----w- c:\program files\ATI
2010-08-08 02:41:34 0 d-----w- c:\program files\Digital Line Detect
2010-08-07 19:16:57 0 d-----w- C:\Designer's Gallery
2010-08-05 23:58:04 0 d-----w- c:\users\brenda\appdata\roaming\PeerNetworking
2010-08-05 05:09:25 0 d-----w- c:\program files\McAfee Online Backup
2010-08-05 04:33:38 0 d-----w- c:\programdata\McAfee Anti-Theft
2010-08-04 04:45:29 0 d-----w- c:\program files\MSECache
2010-08-03 17:28:46 0 d-----w- c:\program files\EMBIRD32
2010-08-03 17:27:00 0 d-----w- c:\users\brenda\appdata\roaming\EMBIRD32
2010-07-31 11:40:58 0 d-----w- c:\programdata\WindowsSearch

==================== Find3M ====================

2010-08-26 00:10:20 11152 ----a-w- c:\users\brenda\appdata\roaming\wklnhst.dat
2010-08-19 23:42:12 224777 ----a-w- c:\program files\uninstal.log
2010-08-17 02:59:28 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-16 15:32:55 103784 ----a-w- c:\users\brenda\GoToAssistDownloadHelper.exe
2010-08-08 08:54:17 51200 ----a-w- c:\windows\inf\infpub.dat
2010-08-08 08:54:17 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-08-08 08:54:15 86016 ----a-w- c:\windows\inf\infstor.dat
2010-06-26 06:05:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:02:15 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 06:02:15 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 04:25:02 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-11 16:16:20 274944 ----a-w- c:\windows\system32\schannel.dll
2009-11-17 08:37:23 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 02:43:21 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-10-20 04:32:24 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2008-07-24 20:53:18 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 21:27:41.34 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft® Windows Vistaâ„¢ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 7/24/2008 9:01:50 AM
System Uptime: 8/29/2010 6:50:15 PM (3 hours ago)

Motherboard: Dell Inc. | | 0RY007
Processor: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz | Socket 775 | 1800/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 223 GiB total, 160.937 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 1.626 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP903: 8/18/2010 4:02:26 PM - Configured Microsoft Office Professional Plus 2007
RP905: 8/18/2010 9:14:19 PM - Configured Microsoft Office Professional Plus 2007
RP907: 8/18/2010 9:27:57 PM - Configured Microsoft Office Professional Plus 2007
RP909: 8/18/2010 9:38:27 PM - Removed Microsoft Office Professional Plus 2007
RP910: 8/19/2010 1:56:59 PM - Windows Update
RP911: 8/20/2010 3:37:39 AM - Scheduled Checkpoint
RP912: 8/21/2010 12:03:29 AM - Scheduled Checkpoint
RP913: 8/21/2010 9:12:58 PM - Scheduled Checkpoint
RP914: 8/22/2010 7:00:02 PM - Windows Backup
RP915: 8/23/2010 7:59:53 PM - Scheduled Checkpoint
RP916: 8/24/2010 1:43:08 AM - Windows Update
RP917: 8/25/2010 12:30:46 AM - Scheduled Checkpoint
RP918: 8/25/2010 6:09:37 PM - Scheduled Checkpoint
RP919: 8/27/2010 12:13:35 AM - Scheduled Checkpoint
RP920: 8/27/2010 2:18:15 AM - Windows Update
RP921: 8/28/2010 12:00:05 AM - Scheduled Checkpoint
RP922: 8/28/2010 2:18:27 AM - Removed Microsoft Office 2007 Primary Interop Assemblies
RP923: 8/28/2010 2:19:24 AM - Removed Microsoft Office 2007 Primary Interop Assemblies
RP924: 8/28/2010 2:20:26 AM - Removed Microsoft Office Small Business Connectivity Components
RP925: 8/29/2010 12:00:04 AM - Scheduled Checkpoint
RP926: 8/29/2010 3:32:24 AM - Windows Update
RP927: 8/29/2010 7:00:04 PM - Windows Backup

==== Installed Programs ======================

32 bit Windows Card Reader Driver
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
Adorable Ideas Design Packs
Apple Application Support
Apple Software Update
ATI Catalyst Install Manager
ATI Parental Control & Encoder
AVerMedia M779 Driver
AVSDK5
Brother MFL-Pro Suite MFC-490CW
Browser Address Error Redirector
Buzz Tools
Compatibility Pack for the 2007 Office system
Conexant D850 PCI V.92 Modem
Coupon Printer for Windows
CyberDefender Link Patrol
Dell Driver Download Manager
Dell Driver Download Manager - 1
Dell Getting Started Guide
Dell Remote Access
Dell Support Center (Support Software)
Designer's Gallery SizeWorks
Designer's Gallery StudioPlus
Digital Line Detect
EZ Fonts
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist Corporate
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections 12.1.11.0
Internet Explorer (Enable DEP)
Internet Service Offers Launcher
Java Auto Updater
Java(TM) 6 Update 21
McAfee Online Backup
McAfee Total Protection
McAfee Virtual Technician
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Automated Troubleshooting Services Shim
Microsoft Default Manager
Microsoft Fix it Center
Microsoft Office 2003 Web Components
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft UI Engine
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Modem Diagnostic Tool
Mozilla Firefox (3.6.8)
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music, Photos & Videos Launcher
NetWaiting
OGA Notifier 2.0.0048.0
PaperPort Image Printer
PE-DESIGN Ver5
PE-DESIGN Version 2.0
Product Documentation Launcher
Quicken 2007
QuickTime
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
ScanSoft PaperPort 11
SmartSizer Gold
Spelling Dictionaries Support For Adobe Reader 8
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wkyiper
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wkyiper
TurboTax 2009 wrapper
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Windows 7 Upgrade Advisor
Windows Driver Package - Logitech HIDClass (10/16/2006 1.0)
Windows Live ID Sign-in Assistant
Windows Live OneCare safety scanner
Word Whomp To Go

==== Event Viewer Messages From Past Week ========

8/29/2010 6:51:40 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
8/29/2010 6:51:11 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: McPvDrv
8/29/2010 6:51:06 PM, Error: Service Control Manager [7038] - The dsl-fs-sync service was unable to log on as .\RA Media Server with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
8/29/2010 6:51:06 PM, Error: Service Control Manager [7038] - The Apache2.2 service was unable to log on as .\RA Media Server with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
8/29/2010 6:51:06 PM, Error: Service Control Manager [7000] - The WinDriver service failed to start due to the following error: WinDriver is not a valid Win32 application.
8/29/2010 6:51:06 PM, Error: Service Control Manager [7000] - The Remote Access Media Server service failed to start due to the following error: The service did not start due to a logon failure.
8/29/2010 6:51:06 PM, Error: Service Control Manager [7000] - The Remote Access File Sync Service service failed to start due to the following error: The service did not start due to a logon failure.
8/25/2010 5:21:01 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
8/24/2010 7:05:50 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
8/24/2010 7:05:50 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/24/2010 7:05:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments " " in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
8/24/2010 11:44:07 PM, Error: netbt [4321] - The name "TURKEYTOM :0" could not be registered on the interface with IP address 192.168.2.2. The computer with the IP address 192.168.2.4 did not allow the name to be claimed by this computer.

==== End Of File ===========================

broni · 2010/08/29

Welcome aboard

pes ext
Click to expand...

??

STEP 1. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam.php to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
Alternative downloads:
- http://majorgeeks.com/GMER_d5198.html
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
Do NOT use the computer while GMER is running!
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

STEP 3. Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

TheMick · 2010/08/30

I ran the Malwarebytes and pasted the results into my reply message. There was not anything found. I than ran GMER around 3:30am at 6am it was still running. I went to bed. My computer shutdown and I believe everthing was lost. I found the Malwarebytes folder but it was empty. I will rerun the GMer since do action was taken.

broni · 2010/08/30

Ok...

TheMick · 2010/08/30

Windows host (run32dll) is not working

I am sending this is many sections this is no 1

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-30 18:04:53
Windows 6.0.6002 Service Pack 2
Running: 0wduzefo.exe; Driver: C:\Windows\TEMP\awryipog.sys

---- System - GMER 1.0.15 ----

Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0x8A033D88]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0x8A033DB2]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0x8A033D9E]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0x8A033D74]
Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwYieldExecution 822419D2 5 Bytes JMP 8A033D78 \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwTerminateProcess 82406DA3 5 Bytes JMP 8A033DB6 \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtMapViewOfSection 824264FA 7 Bytes JMP 8A033D8C \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwUnmapViewOfSection 824267BD 5 Bytes JMP 8A033DA2 \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.)

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\system32\services.exe[708] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00630000
.text C:\Windows\system32\services.exe[708] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00630FD4
.text C:\Windows\system32\services.exe[708] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00630FE5
.text C:\Windows\system32\services.exe[708] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 008D00A4
.text C:\Windows\system32\services.exe[708] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 008D0093
.text C:\Windows\system32\services.exe[708] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 008D0F1E
.text C:\Windows\system32\services.exe[708] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 008D00B5
.text C:\Windows\system32\services.exe[708] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 008D0078
.text C:\Windows\system32\services.exe[708] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 008D0FDE
.text C:\Windows\system32\services.exe[708] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 008D0FB9
.text C:\Windows\system32\services.exe[708] kernel32.dll!CreatePipe 766C8E6E 1 Byte [E9]
.text C:\Windows\system32\services.exe[708] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 008D0F72
.text C:\Windows\system32\services.exe[708] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 008D005B
.text C:\Windows\system32\services.exe[708] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 008D0040
.text C:\Windows\system32\services.exe[708] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 008D0F9E
.text C:\Windows\system32\services.exe[708] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 008D0025
.text C:\Windows\system32\services.exe[708] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 008D0F83
.text C:\Windows\system32\services.exe[708] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 008D0F0D
.text C:\Windows\system32\services.exe[708] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 008D000A
.text C:\Windows\system32\services.exe[708] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 008D0FEF
.text C:\Windows\system32\services.exe[708] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 008D0F43
.text C:\Windows\system32\services.exe[708] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 008C0F83
.text C:\Windows\system32\services.exe[708] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 008C001B
.text C:\Windows\system32\services.exe[708] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 008C0000
.text C:\Windows\system32\services.exe[708] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 008C0F94
.text C:\Windows\system32\services.exe[708] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 008C0036
.text C:\Windows\system32\services.exe[708] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 008C0FCA
.text C:\Windows\system32\services.exe[708] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 008C0FE5
.text C:\Windows\system32\services.exe[708] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 008C0FAF
.text C:\Windows\system32\services.exe[708] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00920042
.text C:\Windows\system32\services.exe[708] msvcrt.dll!system 767D804B 5 Bytes JMP 00920FB7
.text C:\Windows\system32\services.exe[708] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00920FC8
.text C:\Windows\system32\services.exe[708] msvcrt.dll!_open 767DD106 5 Bytes JMP 0092000C
.text C:\Windows\system32\services.exe[708] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 0092001D
.text C:\Windows\system32\services.exe[708] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00920FEF
.text C:\Windows\system32\services.exe[708] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 008B0000
.text C:\Windows\system32\lsass.exe[788] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00880FE5
.text C:\Windows\system32\lsass.exe[788] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00880FCA
.text C:\Windows\system32\lsass.exe[788] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 0088000A
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 00940F7E
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 00940F8F
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00940115
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 009400FA
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 00940095
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 00940FE5
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 0094002C
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 00940FAA
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 00940084
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 00940058
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 00940073
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00940047
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 009400BA
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00940126
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 0094001B
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 0094000A
.text C:\Windows\system32\lsass.exe[788] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 009400E9
.text C:\Windows\system32\lsass.exe[788] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 00930FAC
.text C:\Windows\system32\lsass.exe[788] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 00930044
.text C:\Windows\system32\lsass.exe[788] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 00930000
.text C:\Windows\system32\lsass.exe[788] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 00930FBD
.text C:\Windows\system32\lsass.exe[788] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 00930073
.text C:\Windows\system32\lsass.exe[788] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 00930022
.text C:\Windows\system32\lsass.exe[788] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 00930011
.text C:\Windows\system32\lsass.exe[788] ADVAPI32.dll!RegOpenKeyExW

TheMick · 2010/08/30

C:\Windows\system32\lsass.exe[788] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 0095004E
.text C:\Windows\system32\lsass.exe[788] msvcrt.dll!system 767D804B 5 Bytes JMP 0095003D
.text C:\Windows\system32\lsass.exe[788] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00950011
.text C:\Windows\system32\lsass.exe[788] msvcrt.dll!_open 767DD106 5 Bytes JMP 00950000
.text C:\Windows\system32\lsass.exe[788] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00950022
.text C:\Windows\system32\lsass.exe[788] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00950FD7
.text C:\Windows\system32\lsass.exe[788] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 008A000A
.text C:\Windows\system32\svchost.exe[940] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00080FE5
.text C:\Windows\system32\svchost.exe[940] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 0008001B
.text C:\Windows\system32\svchost.exe[940] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00080000
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 000C00AB
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 000C0F6F
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 000C00D7
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 000C0F40
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 000C006E
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 000C000A
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 000C0FB9
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 000C0090
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 000C005D
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 000C0040
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 000C0F94
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 000C002F
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 000C007F
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 000C0F2F
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 000C0FD4
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 000C0FEF
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 000C00C6
.text C:\Windows\system32\svchost.exe[940] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 000D0027
.text C:\Windows\system32\svchost.exe[940] msvcrt.dll!system 767D804B 5 Bytes JMP 000D000C
.text C:\Windows\system32\svchost.exe[940] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 000D0FC1
.text C:\Windows\system32\svchost.exe[940] msvcrt.dll!_open 767DD106 5 Bytes JMP 000D0FEF
.text C:\Windows\system32\svchost.exe[940] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 000D0FA6
.text C:\Windows\system32\svchost.exe[940] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 000D0FD2
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 000A0062
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 000A0FD1
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 000A0000
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 000A0FC0
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 000A0FAF
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 000A002C
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 000A001B
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 000A0047
.text C:\Windows\system32\svchost.exe[940] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 00090FEF
.text C:\Windows\system32\svchost.exe[1004] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 008C0FEF
.text C:\Windows\system32\svchost.exe[1004] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 008C0025
.text C:\Windows\system32\svchost.exe[1004] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 008C000A
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 009C0086
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 009C0F40
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 009C0F1B
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 009C00A8
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 009C0F9B
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 009C002C
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 009C0047
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 009C0F65
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 009C0FAC
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 009C0058
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 009C0069
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 009C0FD1
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 009C0F76
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 009C00CD
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 009C001B
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 009C0000
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 009C0097
.text C:\Windows\system32\svchost.exe[1004] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00A60FA1
.text C:\Windows\system32\svchost.exe[1004] msvcrt.dll!system 767D804B 5 Bytes JMP 00A60FB2
.text C:\Windows\system32\svchost.exe[1004] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00A60011
.text C:\Windows\system32\svchost.exe[1004] msvcrt.dll!_open 767DD106 5 Bytes JMP 00A60000
.text C:\Windows\system32\svchost.exe[1004] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00A60022
.text C:\Windows\system32\svchost.exe[1004] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00A60FE3
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 009B0F7C
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 009B0F9E
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 009B0FE5
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 009B0F8D
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 009B0039
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 009B0FB9
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 009B0FCA
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 009B000A
.text C:\Windows\system32\svchost.exe[1004] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 009A0FEF
.text C:\Windows\System32\svchost.exe[1048] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00A20FEF
.text C:\Windows\System32\svchost.exe[1048] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00A2000A
.text C:\Windows\System32\svchost.exe[1048] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00A20FD4
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 01250F46
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 0125008C
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 01250F24
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 012500B1
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 01250F72
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 01250FDB
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 0125002C
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 0125007B
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 01250F83
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 01250FAF
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 01250F9E
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 01250FCA
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 01250F61
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 012500D6
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 0125001B
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 0125000A
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 01250F35
.text C:\Windows\System32\svchost.exe[1048] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 01260F9C
.text C:\Windows\System32\svchost.exe[1048] msvcrt.dll!system 767D804B 5 Bytes JMP 01260027
.text C:\Windows\System32\svchost.exe[1048] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 01260FB7
.text C:\Windows\System32\svchost.exe[1048] msvcrt.dll!_open 767DD106 5 Bytes JMP 01260FEF

TheMick · 2010/08/30

C:\Windows\system32\lsass.exe[788] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 0095004E
.text C:\Windows\system32\lsass.exe[788] msvcrt.dll!system 767D804B 5 Bytes JMP 0095003D
.text C:\Windows\system32\lsass.exe[788] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00950011
.text C:\Windows\system32\lsass.exe[788] msvcrt.dll!_open 767DD106 5 Bytes JMP 00950000
.text C:\Windows\system32\lsass.exe[788] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00950022
.text C:\Windows\system32\lsass.exe[788] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00950FD7
.text C:\Windows\system32\lsass.exe[788] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 008A000A
.text C:\Windows\system32\svchost.exe[940] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00080FE5
.text C:\Windows\system32\svchost.exe[940] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 0008001B
.text C:\Windows\system32\svchost.exe[940] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00080000
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 000C00AB
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 000C0F6F
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 000C00D7
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 000C0F40
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 000C006E
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 000C000A
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 000C0FB9
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 000C0090
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 000C005D
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 000C0040
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 000C0F94
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 000C002F
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 000C007F
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 000C0F2F
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 000C0FD4
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 000C0FEF
.text C:\Windows\system32\svchost.exe[940] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 000C00C6
.text C:\Windows\system32\svchost.exe[940] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 000D0027
.text C:\Windows\system32\svchost.exe[940] msvcrt.dll!system 767D804B 5 Bytes JMP 000D000C
.text C:\Windows\system32\svchost.exe[940] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 000D0FC1
.text C:\Windows\system32\svchost.exe[940] msvcrt.dll!_open 767DD106 5 Bytes JMP 000D0FEF
.text C:\Windows\system32\svchost.exe[940] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 000D0FA6
.text C:\Windows\system32\svchost.exe[940] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 000D0FD2
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 000A0062
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 000A0FD1
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 000A0000
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 000A0FC0
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 000A0FAF
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 000A002C
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 000A001B
.text C:\Windows\system32\svchost.exe[940] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 000A0047
.text C:\Windows\system32\svchost.exe[940] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 00090FEF
.text C:\Windows\system32\svchost.exe[1004] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 008C0FEF
.text C:\Windows\system32\svchost.exe[1004] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 008C0025
.text C:\Windows\system32\svchost.exe[1004] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 008C000A
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 009C0086
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 009C0F40
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 009C0F1B
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 009C00A8
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 009C0F9B
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 009C002C
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 009C0047
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 009C0F65
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 009C0FAC
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 009C0058
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 009C0069
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 009C0FD1
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 009C0F76
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 009C00CD
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 009C001B
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 009C0000
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 009C0097
.text C:\Windows\system32\svchost.exe[1004] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00A60FA1
.text C:\Windows\system32\svchost.exe[1004] msvcrt.dll!system 767D804B 5 Bytes JMP 00A60FB2
.text C:\Windows\system32\svchost.exe[1004] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00A60011
.text C:\Windows\system32\svchost.exe[1004] msvcrt.dll!_open 767DD106 5 Bytes JMP 00A60000
.text C:\Windows\system32\svchost.exe[1004] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00A60022
.text C:\Windows\system32\svchost.exe[1004] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00A60FE3
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 009B0F7C
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 009B0F9E
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 009B0FE5
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 009B0F8D
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 009B0039
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 009B0FB9
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 009B0FCA
.text C:\Windows\system32\svchost.exe[1004] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 009B000A
.text C:\Windows\system32\svchost.exe[1004] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 009A0FEF
.text C:\Windows\System32\svchost.exe[1048] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00A20FEF
.text C:\Windows\System32\svchost.exe[1048] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00A2000A
.text C:\Windows\System32\svchost.exe[1048] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00A20FD4
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 01250F46
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 0125008C
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 01250F24
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 012500B1
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 01250F72
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 01250FDB
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 0125002C
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 0125007B
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 01250F83
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 01250FAF
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 01250F9E
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 01250FCA
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 01250F61
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 012500D6
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 0125001B
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 0125000A
.text C:\Windows\System32\svchost.exe[1048] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 01250F35
.text C:\Windows\System32\svchost.exe[1048] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 01260F9C
.text C:\Windows\System32\svchost.exe[1048] msvcrt.dll!system 767D804B 5 Bytes JMP 01260027
.text C:\Windows\System32\svchost.exe[1048] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 01260FB7
.text C:\Windows\System32\svchost.exe[1048] msvcrt.dll!_open 767DD106 5 Bytes JMP 01260FEF

TheMick · 2010/08/30

.text C:\Windows\System32\svchost.exe[1048] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 0126000C
.text C:\Windows\System32\svchost.exe[1048] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 01260FDE
.text C:\Windows\System32\svchost.exe[1048] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 01240F8A
.text C:\Windows\System32\svchost.exe[1048] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 01240011
.text C:\Windows\System32\svchost.exe[1048] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 01240FE5
.text C:\Windows\System32\svchost.exe[1048] ADVAPI32.dll!RegCreateKeyW 7660391E 1 Byte [E9]
.text C:\Windows\System32\svchost.exe[1048] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 01240022
.text C:\Windows\System32\svchost.exe[1048] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 01240047
.text C:\Windows\System32\svchost.exe[1048] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 01240FC0
.text C:\Windows\System32\svchost.exe[1048] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 01240000
.text C:\Windows\System32\svchost.exe[1048] ADVAPI32.dll!RegOpenKeyExW 76617BA1 1 Byte [E9]
.text C:\Windows\System32\svchost.exe[1048] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 01240FA5
.text C:\Windows\System32\svchost.exe[1048] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 00A40000
.text C:\Windows\System32\svchost.exe[1048] wininet.dll!InternetOpenA 75D0D690 5 Bytes JMP 00A50FEF
.text C:\Windows\System32\svchost.exe[1048] wininet.dll!InternetOpenW 75D0DB09 5 Bytes JMP 00A50FCA
.text C:\Windows\System32\svchost.exe[1048] wininet.dll!InternetOpenUrlA 75D0F3A4 5 Bytes JMP 00A50FB9
.text C:\Windows\System32\svchost.exe[1048] wininet.dll!InternetOpenUrlW 75D56DDF 5 Bytes JMP 00A5000A
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00260FEF
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00260FCD
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00260FDE
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 00B30090
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 00B30F54
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00B30F2F
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 00B300BC
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 00B30F65
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 00B3002C
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 00B30FD1
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 00B30075
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 00B30F80
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 00B30FA5
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 00B3003D
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00B30FC0
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 00B30064
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00B300E1
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 00B30011
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00B30000
.text C:\Windows\System32\svchost.exe[1172] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 00B300AB
.text C:\Windows\System32\svchost.exe[1172] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00B4002C
.text C:\Windows\System32\svchost.exe[1172] msvcrt.dll!system 767D804B 5 Bytes JMP 00B40FA1
.text C:\Windows\System32\svchost.exe[1172] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00B40011
.text C:\Windows\System32\svchost.exe[1172] msvcrt.dll!_open 767DD106 5 Bytes JMP 00B40FEF
.text C:\Windows\System32\svchost.exe[1172] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00B40FBC
.text C:\Windows\System32\svchost.exe[1172] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00B40000
.text C:\Windows\System32\svchost.exe[1172] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 00A1006C
.text C:\Windows\System32\svchost.exe[1172] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 00A1003D
.text C:\Windows\System32\svchost.exe[1172] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 00A10FEF
.text C:\Windows\System32\svchost.exe[1172] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 00A10FC0
.text C:\Windows\System32\svchost.exe[1172] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 00A10FAF
.text C:\Windows\System32\svchost.exe[1172] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 00A1001B
.text C:\Windows\System32\svchost.exe[1172] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 00A1000A
.text C:\Windows\System32\svchost.exe[1172] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 00A1002C
.text C:\Windows\System32\svchost.exe[1172] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 00960000
.text C:\Windows\System32\svchost.exe[1216] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00810FE5
.text C:\Windows\System32\svchost.exe[1216] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00810FCA
.text C:\Windows\System32\svchost.exe[1216] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 0081000A
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 00FE0F8D
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 00FE00D3
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00FE00F8
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 00FE0F61
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 00FE0FC3
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 00FE0025
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 00FE0040
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 00FE00B8
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 00FE0091
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 00FE0FDE
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 00FE0080
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00FE005B
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 00FE0FA8
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00FE0F3C
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 00FE0FEF
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00FE000A
.text C:\Windows\System32\svchost.exe[1216] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 00FE0F72
.text C:\Windows\System32\svchost.exe[1216] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00FF0049
.text C:\Windows\System32\svchost.exe[1216] msvcrt.dll!system 767D804B 5 Bytes JMP 00FF002E
.text C:\Windows\System32\svchost.exe[1216] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00FF0FC8
.text C:\Windows\System32\svchost.exe[1216] msvcrt.dll!_open 767DD106 5 Bytes JMP 00FF0FEF
.text C:\Windows\System32\svchost.exe[1216] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00FF001D
.text C:\Windows\System32\svchost.exe[1216] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00FF0000
.text C:\Windows\System32\svchost.exe[1216] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 00E10051
.text C:\Windows\System32\svchost.exe[1216] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 00E10FAF
.text C:\Windows\System32\svchost.exe[1216] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 00E10FEF
.text C:\Windows\System32\svchost.exe[1216] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 00E10040
.text C:\Windows\System32\svchost.exe[1216] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 00E10F94
.text C:\Windows\System32\svchost.exe[1216] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 00E10014
.text C:\Windows\System32\svchost.exe[1216] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 00E10FDE
.text C:\Windows\System32\svchost.exe[1216] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 00E10025
.text C:\Windows\System32\svchost.exe[1216] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 00E00FEF
.text C:\Windows\system32\svchost.exe[1232] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 012C0FE5
.text C:\Windows\system32\svchost.exe[1232] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 012C0000
.text C:\Windows\system32\svchost.exe[1232] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 012C0FCA
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 01510F56
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 015100A6
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 01510F3B
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 015100D2
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 01510069
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 01510FCA
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 0151001B
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 0151008B
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 0151004E
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 01510F9B
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 0151003D
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 0151002C
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 0151007A
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 015100F7
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 01510FE5
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 01510000
.text C:\Windows\system32\svchost.exe[1232] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 015100B7
.text C:\Windows\system32\svchost.exe[1232] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 01530F8B
.text C:\Windows\system32\svchost.exe[1232] msvcrt.dll!system 767D804B 5 Bytes JMP 01530FA6
.text C:\Windows\system32\svchost.exe[1232] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 01530FD2
.text C:\Windows\system32\svchost.exe[1232] msvcrt.dll!_open 767DD106 5 Bytes JMP 01530FE3
.text C:\Windows\system32\svchost.exe[1232] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 01530FB7
.text C:\Windows\system32\svchost.exe[1232] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 01530000
.text C:\Windows\system32\svchost.exe[1232] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 01440F8A
.text C:\Windows\system32\svchost.exe[1232] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 0144002C
.text C:\Windows\system32\svchost.exe[1232] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 01440000
.text C:\Windows\system32\svchost.exe[1232] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 01440F9B
.text C:\Windows\system32\svchost.exe[1232] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 01440F79
.text C:\Windows\system32\svchost.exe[1232] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 01440FD4
.text C:\Windows\system32\svchost.exe[1232] ADVAPI32.dll!RegOpenKeyW

TheMick · 2010/08/30

7660E2B5 5 Bytes JMP 01440FEF
.text C:\Windows\system32\svchost.exe[1232] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 0144001B
.text C:\Windows\system32\svchost.exe[1232] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 01310FEF
.text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00140FEF
.text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00140FCD
.text C:\Windows\system32\svchost.exe[1340] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00140FDE
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 001800B6
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 00180F70
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00180F29
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 00180F3A
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 00180091
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 00180FB9
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 00180014
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 00180F8B
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 00180076
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 0018004A
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 0018005B
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00180025
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 00180F9C
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00180F0E
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 00180FDE
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00180FEF
.text C:\Windows\system32\svchost.exe[1340] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 00180F4B
.text C:\Windows\system32\svchost.exe[1340] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00190064
.text C:\Windows\system32\svchost.exe[1340] msvcrt.dll!system 767D804B 5 Bytes JMP 00190049
.text C:\Windows\system32\svchost.exe[1340] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 0019001D
.text C:\Windows\system32\svchost.exe[1340] msvcrt.dll!_open 767DD106 5 Bytes JMP 0019000C
.text C:\Windows\system32\svchost.exe[1340] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00190038
.text C:\Windows\system32\svchost.exe[1340] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00190FE3
.text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 0017004A
.text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 00170FB9
.text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 00170000
.text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 00170FA8
.text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 00170F97
.text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 00170FDB
.text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 00170011
.text C:\Windows\system32\svchost.exe[1340] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 00170FCA
.text C:\Windows\system32\svchost.exe[1340] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 00150000
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 001D0000
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 001D001B
.text C:\Windows\system32\svchost.exe[1424] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 001D0FEF
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 00A30F24
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 00A30F35
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00A30EEE
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 00A30F09
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 00A30045
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 00A30014
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 00A30FC3
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 00A3006A
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 00A30F6B
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 00A30FA1
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 00A30F86
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00A30FB2
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 00A30F50
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00A300A0
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 00A30FD4
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00A30FEF
.text C:\Windows\system32\svchost.exe[1424] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 00A30085
.text C:\Windows\system32\svchost.exe[1424] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00BC002E
.text C:\Windows\system32\svchost.exe[1424] msvcrt.dll!system 767D804B 5 Bytes JMP 00BC0FAD
.text C:\Windows\system32\svchost.exe[1424] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00BC0FD2
.text C:\Windows\system32\svchost.exe[1424] msvcrt.dll!_open 767DD106 5 Bytes JMP 00BC0000
.text C:\Windows\system32\svchost.exe[1424] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00BC001D
.text C:\Windows\system32\svchost.exe[1424] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00BC0FE3
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 009E0F94
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 009E001B
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 009E0000
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 009E0036
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 009E0047
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegOpenKeyExA

TheMick · 2010/08/30

76607C42 5 Bytes JMP 009E0FCA
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 009E0FE5
.text C:\Windows\system32\svchost.exe[1424] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 009E0FB9
.text C:\Windows\system32\svchost.exe[1424] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 009B000A
.text C:\Windows\system32\svchost.exe[1424] WinInet.dll!InternetOpenA 75D0D690 5 Bytes JMP 009D0FEF
.text C:\Windows\system32\svchost.exe[1424] WinInet.dll!InternetOpenW 75D0DB09 5 Bytes JMP 009D000A
.text C:\Windows\system32\svchost.exe[1424] WinInet.dll!InternetOpenUrlA 75D0F3A4 5 Bytes JMP 009D001B
.text C:\Windows\system32\svchost.exe[1424] WinInet.dll!InternetOpenUrlW 75D56DDF 5 Bytes JMP 009D0036
.text C:\Windows\Explorer.EXE[1580] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 02470000
.text C:\Windows\Explorer.EXE[1580] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 02470FE5
.text C:\Windows\Explorer.EXE[1580] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 0247001B
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 024E0FAC
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 024E00F2
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 024E0F6F
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 024E0F8A
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 024E00B5
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 024E0036
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 024E0047
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 024E00E1
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 024E0098
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 024E006C
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 024E007D
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 024E0FDB
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 024E00D0
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 024E0F5E
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 024E0025
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 024E000A
.text C:\Windows\Explorer.EXE[1580] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 024E0F9B
.text C:\Windows\Explorer.EXE[1580] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 024D0036
.text C:\Windows\Explorer.EXE[1580] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 024D0F9E
.text C:\Windows\Explorer.EXE[1580] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 024D0FE5
.text C:\Windows\Explorer.EXE[1580] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 024D0025
.text C:\Windows\Explorer.EXE[1580] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 024D0F79
.text C:\Windows\Explorer.EXE[1580] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 024D0FD4
.text C:\Windows\Explorer.EXE[1580] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 024D0000
.text C:\Windows\Explorer.EXE[1580] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 024D0FB9
.text C:\Windows\Explorer.EXE[1580] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 024F0FAF
.text C:\Windows\Explorer.EXE[1580] msvcrt.dll!system 767D804B 5 Bytes JMP 024F003A
.text C:\Windows\Explorer.EXE[1580] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 024F0029
.text C:\Windows\Explorer.EXE[1580] msvcrt.dll!_open 767DD106 5 Bytes JMP 024F0000
.text C:\Windows\Explorer.EXE[1580] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 024F0FCA
.text C:\Windows\Explorer.EXE[1580] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 024F0FEF
.text C:\Windows\Explorer.EXE[1580] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 02490000
.text C:\Windows\Explorer.EXE[1580] WININET.dll!InternetOpenA 75D0D690 5 Bytes JMP 024A0FEF
.text C:\Windows\Explorer.EXE[1580] WININET.dll!InternetOpenW 75D0DB09 5 Bytes JMP 024A0FDE
.text C:\Windows\Explorer.EXE[1580] WININET.dll!InternetOpenUrlA 75D0F3A4 5 Bytes JMP 024A000A
.text C:\Windows\Explorer.EXE[1580] WININET.dll!InternetOpenUrlW 75D56DDF 5 Bytes JMP 024A0FB9
.text C:\Windows\system32\svchost.exe[1592] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 0095000A
.text C:\Windows\system32\svchost.exe[1592] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00950036
.text C:\Windows\system32\svchost.exe[1592] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 0095001B
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 009400C4
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 00940F7E
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00940F4B
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 00940F5C
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 00940FA3
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 00940FE5
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 00940FD4
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 009400A9
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 0094007D
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 0094005B
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 0094006C
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00940040
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 00940098
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00940F3A
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 00940011
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00940000
.text C:\Windows\system32\svchost.exe[1592] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 00940F6D
.text C:\Windows\system32\svchost.exe[1592] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00A5005F
.text C:\Windows\system32\svchost.exe[1592] msvcrt.dll!system 767D804B 5 Bytes JMP 00A5004E
.text C:\Windows\system32\svchost.exe[1592] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00A50018
.text C:\Windows\system32\svchost.exe[1592] msvcrt.dll!_open 767DD106 5 Bytes JMP 00A50FEF
.text C:\Windows\system32\svchost.exe[1592] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00A50033
.text C:\Windows\system32\svchost.exe[1592] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00A50FDE
.text C:\Windows\system32\svchost.exe[1592] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 00A00065
.text C:\Windows\system32\svchost.exe[1592] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 00A00FCD
.text C:\Windows\system32\svchost.exe[1592] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 00A00000
.text C:\Windows\system32\svchost.exe[1592] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 00A00054
.text C:\Windows\system32\svchost.exe[1592] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 00A00076
.text C:\Windows\system32\svchost.exe[1592] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 00A0002F
.text C:\Windows\system32\svchost.exe[1592] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 00A00FEF
.text C:\Windows\system32\svchost.exe[1592] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 00A00FDE
.text C:\Windows\system32\svchost.exe[1592] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 00960000
.text C:\Windows\system32\svchost.exe[1848] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00A50FEF
.text C:\Windows\system32\svchost.exe[1848] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00A50FDE
.text C:\Windows\system32\svchost.exe[1848] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00A50014
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 00A400D5
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 00A400B0
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00A40F74
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 00A40101
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 00A40084
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 00A40022
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 00A40047
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 00A40F85
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 00A40FAA
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 00A40062
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 00A40073
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00A40FD1
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 00A4009F
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00A40F59
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 00A40011
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00A40000
.text C:\Windows\system32\svchost.exe[1848] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 00A400F0
.text C:\Windows\system32\svchost.exe[1848] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00B40F95
.text C:\Windows\system32\svchost.exe[1848] msvcrt.dll!system 767D804B 5 Bytes JMP 00B40020
.text C:\Windows\system32\svchost.exe[1848] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00B40FC1
.text C:\Windows\system32\svchost.exe[1848] msvcrt.dll!_open 767DD106 5 Bytes JMP 00B40FEF
.text C:\Windows\system32\svchost.exe[1848] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00B40FB0
.text C:\Windows\system32\svchost.exe[1848] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00B40FD2
.text C:\Windows\system32\svchost.exe[1848] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 00A3002C
.text C:\Windows\system32\svchost.exe[1848] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 00A30FAF
.text C:\Windows\system32\svchost.exe[1848] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 00A30000
.text C:\Windows\system32\svchost.exe[1848] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 00A30F94
.text C:\Windows\system32\svchost.exe[1848] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 00A3003D
.text C:\Windows\system32\svchost.exe[1848] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 00A30FD1
.text C:\Windows\system32\svchost.exe[1848] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 00A30011
.text C:\Windows\system32\svchost.exe[1848] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 00A30FC0
.text C:\Windows\system32\svchost.exe[1848] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 00A20000
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 4C930000
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 4C930036
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 4C930025
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 4C920F3C
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 4C920082
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 4C920F17
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!CreateProcessA

TheMick · 2010/08/30

766A1C28 5 Bytes JMP 4C9200AE
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 4C920F68
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 4C92000A
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 4C920025
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 4C920F57
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 4C920036
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 4C920F9E
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 4C920F79
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 4C920FB9
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 4C920067
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 4C9200BF
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 4C920FD4
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 4C920FEF
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 4C920093
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 4C95004E
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] msvcrt.dll!system 767D804B 5 Bytes JMP 4C950FC3
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 4C950029
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] msvcrt.dll!_open 767DD106 5 Bytes JMP 4C950FEF
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 4C950FDE
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 4C950018
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 4C910065
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 4C91002F
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 4C910FEF
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 4C91004A
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 4C910F9E
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 4C91000A
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 4C910FDE
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 4C910FC3
.text c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[2444] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 4C940000
.text C:\Windows\system32\svchost.exe[2484] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00710FEF
.text C:\Windows\system32\svchost.exe[2484] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00710014
.text C:\Windows\system32\svchost.exe[2484] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00710FDE
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 00700F41
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 00700091
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 007000BD
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 007000A2
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 0070005B
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 0070000A
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 00700FB9
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 00700F66
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 00700F83
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 00700040
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 00700F9E
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00700025
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 00700076
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 007000CE
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 00700FD4
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00700FEF
.text C:\Windows\system32\svchost.exe[2484] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 00700F30
.text C:\Windows\system32\svchost.exe[2484] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 008C0F95
.text C:\Windows\system32\svchost.exe[2484] msvcrt.dll!system 767D804B 5 Bytes JMP 008C0FA6
.text C:\Windows\system32\svchost.exe[2484] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 008C0FD2
.text C:\Windows\system32\svchost.exe[2484] msvcrt.dll!_open 767DD106 5 Bytes JMP 008C0000
.text C:\Windows\system32\svchost.exe[2484] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 008C0FB7
.text C:\Windows\system32\svchost.exe[2484] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 008C0FE3
.text C:\Windows\system32\svchost.exe[2484] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 006C004E
.text C:\Windows\system32\svchost.exe[2484] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 006C0022
.text C:\Windows\system32\svchost.exe[2484] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 006C0000
.text C:\Windows\system32\svchost.exe[2484] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 006C0033
.text C:\Windows\system32\svchost.exe[2484] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 006C0069
.text C:\Windows\system32\svchost.exe[2484] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 006C0FD1
.text C:\Windows\system32\svchost.exe[2484] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 006C0011
.text C:\Windows\system32\svchost.exe[2484] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 006C0FB6
.text C:\Windows\system32\svchost.exe[2484] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 00760000
.text C:\Windows\system32\svchost.exe[2736] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00AA0FEF
.text C:\Windows\system32\svchost.exe[2736] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00AA0FC3
.text C:\Windows\system32\svchost.exe[2736] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00AA0FDE
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 00A90F9E
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 00A90FAF
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00A90110
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 00A900FF
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 00A900B5
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 00A90036
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 00A90051
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 00A900DA
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 00A90FDB
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 00A9007D
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 00A90098
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00A9006C
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 00A90FCA
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00A90F5E
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 00A90025
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00A9000A
.text C:\Windows\system32\svchost.exe[2736] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 00A90F8D
.text C:\Windows\system32\svchost.exe[2736] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00B4004C
.text C:\Windows\system32\svchost.exe[2736] msvcrt.dll!system 767D804B 5 Bytes JMP 00B4003B
.text C:\Windows\system32\svchost.exe[2736] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00B40FD2
.text C:\Windows\system32\svchost.exe[2736] msvcrt.dll!_open 767DD106 5 Bytes JMP 00B4000C
.text C:\Windows\system32\svchost.exe[2736] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00B40FC1
.text C:\Windows\system32\svchost.exe[2736] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00B40FE3
.text C:\Windows\system32\svchost.exe[2736] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 00A50076
.text C:\Windows\system32\svchost.exe[2736] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 00A50FD4
.text C:\Windows\system32\svchost.exe[2736] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 00A5000A
.text C:\Windows\system32\svchost.exe[2736] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 00A5005B
.text C:\Windows\system32\svchost.exe[2736] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 00A50087
.text C:\Windows\system32\svchost.exe[2736] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 00A50036
.text C:\Windows\system32\svchost.exe[2736] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 00A50025
.text C:\Windows\system32\svchost.exe[2736] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 00A50FEF
.text C:\Windows\system32\svchost.exe[2736] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 00AF0000
.text C:\Windows\System32\svchost.exe[2844] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 0007000A
.text C:\Windows\System32\svchost.exe[2844] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00070FE5
.text C:\Windows\System32\svchost.exe[2844] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 0007001B
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 00060F14
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 00060F25
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00060EEF
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 00060086
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 00060049
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 00060FC0
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 00060FAF
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 00060F40
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 00060038
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 00060F79
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 0006001B
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00060F94
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 0006005A
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00060ED4
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 00060000
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00060FEF
.text C:\Windows\System32\svchost.exe[2844] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 0006006B
.text C:\Windows\System32\svchost.exe[2844] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00080FAF
.text C:\Windows\System32\svchost.exe[2844] msvcrt.dll!system 767D804B 5 Bytes JMP 00080044
.text C:\Windows\System32\svchost.exe[2844] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00080FDE
.text C:\Windows\System32\svchost.exe[2844] msvcrt.dll!_open 767DD106 5 Bytes JMP 00080FEF
.text C:\Windows\System32\svchost.exe[2844] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00080033
.text C:\Windows\System32\svchost.exe[2844] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00080018
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 0005004A
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 00050FAF
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 00050000
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 00050F9E
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 00050F8D
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 00050FDB
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 00050011
.text C:\Windows\System32\svchost.exe[2844] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 00050FCA

TheMick · 2010/08/30

.text C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe[3488] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 70059AE2 C:\Program Files\Common Files\McAfee\McProxy\mcproxy.dll (McAfee Proxy Service Module/McAfee, Inc.)
.text C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe[3488] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 70059A20 C:\Program Files\Common Files\McAfee\McProxy\mcproxy.dll (McAfee Proxy Service Module/McAfee, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00040000
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00040022
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00040011
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 000100C7
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 000100B6
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00010F4B
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 00010F5C
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 0001008A
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 00010014
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 0001002F
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 000100A5
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 0001006F
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 00010054
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 00010FB2
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00010FC3
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 00010F95
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00010F3A
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 00010FDE
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00010FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 000100E2
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 00060065
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 00060FC3
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 0006000A
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 0006004A
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 00060080
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 0006002F
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 00060FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 00060FD4
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] USER32.dll!CreateWindowExW 75B51305 5 Bytes JMP 6CE9DB24 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] USER32.dll!DialogBoxParamW 75B710B0 5 Bytes JMP 6CDC5501 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] USER32.dll!DialogBoxIndirectParamW 75B72EF5 5 Bytes JMP 6CF94B4F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] USER32.dll!DialogBoxParamA 75B88152 5 Bytes JMP 6CF94AEC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] USER32.dll!DialogBoxIndirectParamA 75B8847D 5 Bytes JMP 6CF94BB2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] USER32.dll!MessageBoxIndirectA 75B9D4D9 5 Bytes JMP 6CF94A81 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] USER32.dll!MessageBoxIndirectW 75B9D5D3 5 Bytes JMP 6CF94A16 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] USER32.dll!MessageBoxExA 75B9D639 5 Bytes JMP 6CF949B4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] USER32.dll!MessageBoxExW 75B9D65D 5 Bytes JMP 6CF94952 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 0007003D
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] msvcrt.dll!system 767D804B 5 Bytes JMP 0007002C
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00070000
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] msvcrt.dll!_open 767DD106 5 Bytes JMP 00070FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 0007001B
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00070FC6
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 0009000A
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] WININET.dll!InternetOpenA 75D0D690 5 Bytes JMP 001F0000
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] WININET.dll!InternetOpenW 75D0DB09 5 Bytes JMP 001F001B
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] WININET.dll!InternetOpenUrlA 75D0F3A4 5 Bytes JMP 001F0FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[3948] WININET.dll!InternetOpenUrlW 75D56DDF 5 Bytes JMP 001F0FD4
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00040FE5
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00040FB9
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00040FD4
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 000100C4
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 000100A9
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00010F3E
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 00010F63
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 0001007D
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 00010FDE
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 0001002F
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 00010098
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 0001006C
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 00010051
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 00010FAF
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00010040
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!VirtualProtectEx

TheMick · 2010/08/30

766CDBDA 5 Bytes JMP 00010F92
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 000100F0
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 0001000A
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00010FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 000100D5
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 00060051
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 00060FC0
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 00060FE5
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 00060FA5
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 00060062
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 0006001B
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 0006000A
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 0006002C
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] USER32.dll!SetWindowsHookExW 75B487AD 5 Bytes JMP 6CE99AD5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] USER32.dll!CallNextHookEx 75B48E3B 5 Bytes JMP 6CE8D135 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] USER32.dll!UnhookWindowsHookEx 75B498DB 5 Bytes JMP 6CE04666 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] USER32.dll!CreateWindowExW 75B51305 5 Bytes JMP 6CE9DB24 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] USER32.dll!DialogBoxParamW 75B710B0 5 Bytes JMP 6CDC5501 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] USER32.dll!DialogBoxIndirectParamW 75B72EF5 5 Bytes JMP 6CF94B4F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] USER32.dll!DialogBoxParamA 75B88152 5 Bytes JMP 6CF94AEC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] USER32.dll!DialogBoxIndirectParamA 75B8847D 5 Bytes JMP 6CF94BB2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] USER32.dll!MessageBoxIndirectA 75B9D4D9 5 Bytes JMP 6CF94A81 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] USER32.dll!MessageBoxIndirectW 75B9D5D3 5 Bytes JMP 6CF94A16 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] USER32.dll!MessageBoxExA 75B9D639 5 Bytes JMP 6CF949B4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] USER32.dll!MessageBoxExW 75B9D65D 5 Bytes JMP 6CF94952 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00070016
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] msvcrt.dll!system 767D804B 5 Bytes JMP 00070F95
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00070FB7
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] msvcrt.dll!_open 767DD106 5 Bytes JMP 00070FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00070FA6
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00070FD2
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ole32.dll!OleLoadFromStream 75DF1E12 5 Bytes JMP 6CF94ED0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] ole32.dll!CoCreateInstance 75E29EA6 5 Bytes JMP 6CE9DB80 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 00170FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] WININET.dll!InternetReadFile 75CF654B 5 Bytes JMP 02B3EF20 c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (SiteAdvisor/McAfee, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] WININET.dll!InternetCloseHandle 75CF9088 5 Bytes JMP 02B3EE00 c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (SiteAdvisor/McAfee, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] WININET.dll!HttpOpenRequestA 75CFD508 5 Bytes JMP 02B3F060 c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (SiteAdvisor/McAfee, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] WININET.dll!InternetConnectA 75CFDEAE 5 Bytes JMP 02B3F160 c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (SiteAdvisor/McAfee, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] WININET.dll!InternetOpenA 75D0D690 5 Bytes JMP 00310000
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] WININET.dll!InternetOpenW 75D0DB09 5 Bytes JMP 00310011
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] WININET.dll!InternetOpenUrlA 75D0F3A4 5 Bytes JMP 00310FDB
.text C:\Program Files\Internet Explorer\iexplore.exe[4720] WININET.dll!InternetOpenUrlW 75D56DDF 5 Bytes JMP 0031002C
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00040FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 0004002F
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 0004000A
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 000100EB
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 000100DA
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00010121
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 00010F80
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 000100AE
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 00010FDE
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 0001002F
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 000100C9
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 0001009D
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 0001005B
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 00010080
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 0001004A
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 00010FB9
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00010F65
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 00010FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00010000
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 000100FC
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 00060F83
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 0006001B
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 00060FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 00060F94
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 00060F68
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 0006000A
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 00060FDE
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 00060FB9
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!CreateDialogParamW 75B472A2 5 Bytes JMP 6CE9DEB0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!GetAsyncKeyState 75B4863C 5 Bytes JMP 6CDB8F37 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!SetWindowsHookExW 75B487AD 5 Bytes JMP 6CE99AD5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!CallNextHookEx 75B48E3B 5 Bytes JMP 6CE8D135 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!UnhookWindowsHookEx 75B498DB 5 Bytes JMP 6CE04666 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!EnableWindow 75B4CD8B 5 Bytes JMP 6CE9DD3D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!CreateWindowExW 75B51305 5 Bytes JMP 6CE9DB24 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!GetKeyState 75B58CB1 5 Bytes JMP 6CE9D2EB C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!IsDialogMessageW 75B60745 5 Bytes JMP 6CDC5A13 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!CreateDialogParamA 75B617AA 5 Bytes JMP 6CF957D6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!IsDialogMessage 75B61847 5 Bytes JMP 6CF95072 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!CreateDialogIndirectParamA 75B626F1 5 Bytes JMP 6CF9580D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!CreateDialogIndirectParamW 75B69A62 5 Bytes JMP 6CF95844 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!SetKeyboardState 75B70987 5 Bytes JMP 6CF953E1 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!DialogBoxParamW 75B710B0 5 Bytes JMP 6CDC5501 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!DialogBoxIndirectParamW 75B72EF5 5 Bytes JMP 6CF94B4F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!SendInput 75B72F75 5 Bytes JMP 6CF95F9F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!EndDialog 75B7326E 5 Bytes JMP 6CDC7EBA C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!SetCursorPos 75B86FB2 5 Bytes JMP 6CF95FF3 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!DialogBoxParamA 75B88152 5 Bytes JMP 6CF94AEC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!DialogBoxIndirectParamA 75B8847D 5 Bytes JMP 6CF94BB2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!MessageBoxIndirectA 75B9D4D9 5 Bytes JMP 6CF94A81 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!MessageBoxIndirectW 75B9D5D3 5 Bytes JMP 6CF94A16 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!MessageBoxExA 75B9D639 5 Bytes JMP 6CF949B4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!MessageBoxExW 75B9D65D 5 Bytes JMP 6CF94952 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] USER32.dll!keybd_event 75B9D972 5 Bytes JMP 6CF96323 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 0007005A
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] msvcrt.dll!system 767D804B 5 Bytes JMP 00070FCF
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 0007002E
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] msvcrt.dll!_open 767DD106 5 Bytes JMP 00070000
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00070049
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 0007001D
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] SHELL32.dll!SHRestricted + D95 768B89A8 4 Bytes [4D, 30, C7, 64]
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] SHELL32.dll!SHRestricted + D9D 768B89B0 8 Bytes [57, 2F, C7, 64, 9C, 5B, C6, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ole32.dll!OleLoadFromStream 75DF1E12 5 Bytes JMP 6CF94ED0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] ole32.dll!CoCreateInstance 75E29EA6 5 Bytes JMP 6CE9DB80 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 00360000
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] WININET.dll!InternetReadFile 75CF654B 5 Bytes JMP 02D4EF20 c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (SiteAdvisor/McAfee, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] WININET.dll!InternetCloseHandle 75CF9088 5 Bytes JMP 02D4EE00 c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (SiteAdvisor/McAfee, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] WININET.dll!HttpOpenRequestA 75CFD508 5 Bytes JMP 02D4F060 c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (SiteAdvisor/McAfee, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] WININET.dll!InternetConnectA 75CFDEAE 5 Bytes JMP 02D4F160 c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (SiteAdvisor/McAfee, Inc.)
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] WININET.dll!InternetOpenA 75D0D690 5 Bytes JMP 003D0FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] WININET.dll!InternetOpenW 75D0DB09 5 Bytes JMP 003D0FD4
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] WININET.dll!InternetOpenUrlA 75D0F3A4 5 Bytes JMP 003D0FC3
.text C:\Program Files\Internet Explorer\iexplore.exe[4756] WININET.dll!InternetOpenUrlW 75D56DDF 5 Bytes JMP 003D000A
.text C:\Windows\system32\svchost.exe[4812] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00040000
.text C:\Windows\system32\svchost.exe[4812] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00040FCA
.text C:\Windows\system32\svchost.exe[4812] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00040FDB
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 000100C4
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 00010F7E
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 000100FA
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 00010F63
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 00010098
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 0001001B
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 00010FCA
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 00010F99
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 00010087
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 00010051
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 0001006C
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00010040
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 000100A9
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00010F52
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 00010FEF
.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 0001000A

TheMick · 2010/08/30

.text C:\Windows\system32\svchost.exe[4812] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 000100D5
.text C:\Windows\system32\svchost.exe[4812] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00060042
.text C:\Windows\system32\svchost.exe[4812] msvcrt.dll!system 767D804B 5 Bytes JMP 00060FB7
.text C:\Windows\system32\svchost.exe[4812] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00060FD2
.text C:\Windows\system32\svchost.exe[4812] msvcrt.dll!_open 767DD106 5 Bytes JMP 0006000C
.text C:\Windows\system32\svchost.exe[4812] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00060027
.text C:\Windows\system32\svchost.exe[4812] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00060FE3
.text C:\Windows\system32\svchost.exe[4812] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 00070FA5
.text C:\Windows\system32\svchost.exe[4812] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 00070036
.text C:\Windows\system32\svchost.exe[4812] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 00070000
.text C:\Windows\system32\svchost.exe[4812] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 00070047
.text C:\Windows\system32\svchost.exe[4812] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 0007006C
.text C:\Windows\system32\svchost.exe[4812] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 00070FCA
.text C:\Windows\system32\svchost.exe[4812] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 00070FE5
.text C:\Windows\system32\svchost.exe[4812] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 0007001B
.text C:\Windows\system32\svchost.exe[4812] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 000B0FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] ntdll.dll!NtCreateFile 774743D4 5 Bytes JMP 00040FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] ntdll.dll!NtCreateProcess 77474494 5 Bytes JMP 00040FAF
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] ntdll.dll!NtProtectVirtualMemory 77474D34 5 Bytes JMP 00040FD4
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!GetStartupInfoW 766A1929 5 Bytes JMP 000100B3
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!GetStartupInfoA 766A19C9 5 Bytes JMP 000100A2
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!CreateProcessW 766A1BF3 5 Bytes JMP 00010104
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!CreateProcessA 766A1C28 5 Bytes JMP 000100E9
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!VirtualProtect 766A1DC3 5 Bytes JMP 0001006C
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!CreateNamedPipeA 766A2EF5 5 Bytes JMP 0001001B
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!CreateNamedPipeW 766A5C0C 5 Bytes JMP 00010FCA
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!CreatePipe 766C8E6E 5 Bytes JMP 00010087
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!LoadLibraryExW 766C9109 5 Bytes JMP 0001005B
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!LoadLibraryW 766C9362 5 Bytes JMP 00010036
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!LoadLibraryExA 766C94B4 5 Bytes JMP 00010F9E
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!LoadLibraryA 766C94DC 5 Bytes JMP 00010FAF
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!VirtualProtectEx 766CDBDA 5 Bytes JMP 00010F77
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!GetProcAddress 766E903B 5 Bytes JMP 00010115
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!CreateFileW 766EAECB 5 Bytes JMP 0001000A
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!CreateFileA 766ECE5F 5 Bytes JMP 00010FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] kernel32.dll!WinExec 76735CF7 5 Bytes JMP 000100D8
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] ADVAPI32.dll!RegCreateKeyExA 765F39AB 5 Bytes JMP 00060F8D
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] ADVAPI32.dll!RegCreateKeyA 765F3BA9 5 Bytes JMP 00060FA8
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] ADVAPI32.dll!RegOpenKeyA 765F89C7 5 Bytes JMP 00060000
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] ADVAPI32.dll!RegCreateKeyW 7660391E 5 Bytes JMP 0006002F
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] ADVAPI32.dll!RegCreateKeyExW 766041F1 5 Bytes JMP 0006004A
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] ADVAPI32.dll!RegOpenKeyExA 76607C42 5 Bytes JMP 00060FD4
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] ADVAPI32.dll!RegOpenKeyW 7660E2B5 5 Bytes JMP 00060FE5
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] ADVAPI32.dll!RegOpenKeyExW 76617BA1 5 Bytes JMP 00060FB9
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] USER32.dll!CreateWindowExW 75B51305 5 Bytes JMP 6CE9DB24 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] USER32.dll!DialogBoxParamW 75B710B0 5 Bytes JMP 6CDC5501 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] USER32.dll!DialogBoxIndirectParamW 75B72EF5 5 Bytes JMP 6CF94B4F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] USER32.dll!DialogBoxParamA 75B88152 5 Bytes JMP 6CF94AEC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] USER32.dll!DialogBoxIndirectParamA 75B8847D 5 Bytes JMP 6CF94BB2 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] USER32.dll!MessageBoxIndirectA 75B9D4D9 5 Bytes JMP 6CF94A81 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] USER32.dll!MessageBoxIndirectW 75B9D5D3 5 Bytes JMP 6CF94A16 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] USER32.dll!MessageBoxExA 75B9D639 5 Bytes JMP 6CF949B4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] USER32.dll!MessageBoxExW 75B9D65D 5 Bytes JMP 6CF94952 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] msvcrt.dll!_wsystem 767D7F2F 5 Bytes JMP 00070038
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] msvcrt.dll!system 767D804B 5 Bytes JMP 00070027
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] msvcrt.dll!_creat 767DBBE1 5 Bytes JMP 00070FC1
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] msvcrt.dll!_open 767DD106 5 Bytes JMP 00070FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] msvcrt.dll!_wcreat 767DD326 5 Bytes JMP 00070016
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] msvcrt.dll!_wopen 767DD501 5 Bytes JMP 00070FD2
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] WS2_32.dll!socket 75BE36D1 5 Bytes JMP 000A0FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] WININET.dll!InternetOpenA 75D0D690 5 Bytes JMP 003F0FEF
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] WININET.dll!InternetOpenW 75D0DB09 5 Bytes JMP 003F0FDE
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] WININET.dll!InternetOpenUrlA 75D0F3A4 5 Bytes JMP 003F0FC3
.text C:\Program Files\Internet Explorer\iexplore.exe[5044] WININET.dll!InternetOpenUrlW 75D56DDF 5 Bytes JMP 003F000A

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcessHeap] 0126E660
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] 0126E140
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DuplicateHandle] 0126D2A0
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!IsDebuggerPresent] 0126EBE0
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] 0126C260
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 0126BBD0
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetEnvironmentStringsW] 0126BF90
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetFilePointer] 0126D100
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!MapViewOfFileEx] 0126D7C0
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileMappingW] 0126D550
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!MapViewOfFile] 0126D740
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!OpenFileMappingW] 0126DC20
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!UnmapViewOfFile] 0126D930
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileType] 0126D450
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FlushViewOfFile] 0126D690
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileSize] 0126D240
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!WriteFile] 0126D0C0
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetACP] 0126E680
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!TerminateProcess] 0126C110
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GlobalAlloc] 0126E3A0
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GlobalLock] 0126E2C0
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GlobalUnlock] 0126E280
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] 0126C940
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 0126BA30
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CloseHandle] 0126D340
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 0126B9A0
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 0126BC80
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 0126A730
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!ReadFile] 0126CC90
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetVersion] 0126E650
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [USER32.dll!LoadIconW] 0126E920
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [USER32.dll!LoadCursorW] 0126E8C0
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateDialogParamW] 0126EB10
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [USER32.dll!DialogBoxParamW] 0126EBB0
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [USER32.dll!LoadStringW] 0126E9E0
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] 0126E5D0
IAT C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe[2092] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW] 0126E580
IAT C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe[2344] @ C:\Windows\system32\CRYPT32.dll [ADVAPI32.dll!RegQueryValueExW] [00A076E0] C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee Process Validation Service/McAfee, Inc.)
IAT C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe[2344] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00A07740] C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee Process Validation Service/McAfee, Inc.)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [64C61AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [64C6007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [64C5E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [64C60994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [64C5EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [64C5A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [64C61D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [64C63ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [64C62999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [64C63035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [64C5FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [64C5E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [64C5DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [64C5FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [64C5D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [64C6FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [64C7051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [64C6EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [64C6F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [64C6EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [64C6E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [64C6ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [64C6007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [64C5FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [64C5E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [64C5FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [64C5E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [64C61AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [64C5EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [64C63ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [64C62CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [64C62926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [64C63035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [64C62999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [64C5BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [64C6173F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [64C5BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [64C60F0F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [64C614E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [64C5ED1B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [64C5BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [64C61D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [64C5C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [64C6103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [64C5EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [64C60994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [64C61614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [64C60921] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [64C5FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [64C5A073] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [64C5A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [64C5E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [64C5E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [64C5FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [64C5FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [64C60C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [64C5DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [64C5D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [64C5D361] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [64C5EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [64C6007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [64C5C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [64C5E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [64C63035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [64C62999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [64C61AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [64C5BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [64C5BFCD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [64C5E717] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [64C62CD2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [64C62926] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [64C63ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [64C623A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [64C5BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [64C5FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW] [64C5FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA] [64C5F973] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [64C6ED95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [64C6E43D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [64C6EDE8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [64C6F9B7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [64C6E9C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [64C6E5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [64C6EB3D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [64C7020D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [64C6F4DB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [64C6EF31] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

TheMick · 2010/08/30

IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [64C6FBB3] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [64C6F817] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [64C7051D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [64C6FF19] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [64C70085] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [64C70395] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [64C6FDAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [64C6F677] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [64C5CFA8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [64C62999] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [64C60C95] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [64C5D22A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [64C5D9DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [64C5DC5C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [64C5EB68] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [64C61D56] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [64C5E1E9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [64C5CAA7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [64C6007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [64C5A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [64C60994] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [64C63035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [64C63ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [64C5C709] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [64C5BD77] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [64C61AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [64C5CD20] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [64C5D4B8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [64C61614] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [64C6103D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [64C5EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [64C5C0FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [64C5BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [64C609B9] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [64C5C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [64C5FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [64C5E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [64C5C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [64C5FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [64C5C5D8] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [64C5F0D0] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [64C5FAAA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [64C5F5C5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringByKeyW] [64C6620B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHCreateStreamOnFileW] [64C67595] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryKeyW] [64C660AE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!AssocQueryStringW] [64C6615B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyA] [64C675E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCombineW] [64C66533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHOpenRegStream2W] [64C6799A] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryW] [64C6684F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsURLW] [64C66E45] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootA] [64C66AFB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRootW] [64C66B47] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripToRootW] [64C67281] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFindOnPathW] [64C66716] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathStripPathW] [64C671ED] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRemoveArgsW] [64C67021] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetBoolUSValueW] [64C67FBE] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathSkipRootW] [64C67159] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryEmptyW] [64C668E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsSystemFolderW] [64C66BE2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsDirectoryA] [64C66803] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathRelativePathToW] [64C66F81] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootA] [64C663A5] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetPathW] [64C680BD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegSetPathW] [64C68513] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetUSValueW] [64C68176] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathCreateFromUrlW] [64C665DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHQueryValueExW] [64C67BA4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHRegGetValueW] [64C68235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsNetworkPathW] [64C6697F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerShareW] [64C66DAD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCServerW] [64C66D15] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathUnExpandEnvStringsW] [64C6731F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathMakeSystemFolderW] [64C66EDD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsUNCW] [64C66C7D] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathIsRelativeW] [64C66AAF] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHGetValueW] [64C678EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathBuildRootW] [64C663F4] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteValueW] [64C676D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHSetValueW] [64C68732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumKeyExW] [64C6777E] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHEnumValueW] [64C67831] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!PathFileExistsW] [64C6667B] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [SHLWAPI.dll!SHDeleteKeyW] [64C67636] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [64C5BB38] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [64C63ADC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [64C63035] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [64C6007C] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [64C61AEC] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [64C5A3FB] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [64C5EE46] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [64C5C848] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [64C5C368] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [64C5E860] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [64C5FD66] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [64C5BEA2] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [64C5FBE1] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [64C68235] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [64C681D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [64C672CD] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA]

TheMick · 2010/08/30

[64C675E7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [64C676D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [64C665DA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [64C6788F] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [64C686D7] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [64C678EA] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [64C68732] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [64C66533] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[4756] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [64C582F6] C:\Program Files\Internet Explorer\IEShims.dll (Internet Explorer Compatibility Shims/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \FileSystem\Ntfs \Ntfs MOBK.sys (Mozy Change Monitor Filter Driver/Mozy, Inc.)
AttachedDevice \Driver\tdx \Device\Tcp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Udp mfewfpk.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \FileSystem\fastfat \Fat MOBK.sys (Mozy Change Monitor Filter Driver/Mozy, Inc.)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\.jar@ jarfile
Reg HKLM\SOFTWARE\Classes\.jnlp@ JNLPFile
Reg HKLM\SOFTWARE\Classes\.jnlp@Content Type application/x-java-jnlp-file
Reg HKLM\SOFTWARE\Classes\.ldf@ SQLServer.Engine.LogFile
Reg HKLM\SOFTWARE\Classes\.mdf@ SQLServer.Engine.PrimaryDataFile
Reg HKLM\SOFTWARE\Classes\.ndf@ SQLServer.Engine.SecondaryDataFile
Reg HKLM\SOFTWARE\Classes\.odp@Content Type application/vnd.oasis.opendocument.presentation
Reg HKLM\SOFTWARE\Classes\.odp@ PowerPoint.OpenDocumentPresentation.12
Reg HKLM\SOFTWARE\Classes\.odp@PerceivedType document
Reg HKLM\SOFTWARE\Classes\.odp\shellex
Reg HKLM\SOFTWARE\Classes\.odp\shellex\{8895B1C6-B41F-4C1C-A562-0D564250836F}
Reg HKLM\SOFTWARE\Classes\.odp\shellex\{8895B1C6-B41F-4C1C-A562-0D564250836F}@ {65235197-874B-4A07-BDC5-E65EA825B718}
Reg HKLM\SOFTWARE\Classes\.ods@Content Type application/vnd.oasis.opendocument.spreadsheet
Reg HKLM\SOFTWARE\Classes\.ods@PerceivedType document
Reg HKLM\SOFTWARE\Classes\.ods@ Excel.OpenDocumentSpreadsheet.12
Reg HKLM\SOFTWARE\Classes\.ods\shellex
Reg HKLM\SOFTWARE\Classes\.ods\shellex\{8895B1C6-B41F-4C1C-A562-0D564250836F}
Reg HKLM\SOFTWARE\Classes\.ods\shellex\{8895B1C6-B41F-4C1C-A562-0D564250836F}@ {00020827-0000-0000-C000-000000000046}
Reg HKLM\SOFTWARE\Classes\.odt@ Word.OpenDocumentText.12
Reg HKLM\SOFTWARE\Classes\.odt@Content Type application/vnd.oasis.opendocument.text
Reg HKLM\SOFTWARE\Classes\.odt@PerceivedType document
Reg HKLM\SOFTWARE\Classes\.odt\shellex
Reg HKLM\SOFTWARE\Classes\.odt\shellex\{8895B1C6-B41F-4C1C-A562-0D564250836F}
Reg HKLM\SOFTWARE\Classes\.odt\shellex\{8895B1C6-B41F-4C1C-A562-0D564250836F}@ {84F66100-FF7C-4FB4-B0C0-02CD7FB668FE}
Reg HKLM\SOFTWARE\Classes\.psd1@ Microsoft.PowerShellData.1
Reg HKLM\SOFTWARE\Classes\.psm1@ Microsoft.PowerShellModule.1
Reg HKLM\SOFTWARE\Classes\DMM.CEALG@ CEALG Class
Reg HKLM\SOFTWARE\Classes\DMM.CEALG\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.CEALG\CLSID@ {89555CC1-4928-11D3-8D4C-00E029154FDE}
Reg HKLM\SOFTWARE\Classes\DMM.CEALG\CurVer
Reg HKLM\SOFTWARE\Classes\DMM.CEALG\CurVer@ DMM.CEALG.1
Reg HKLM\SOFTWARE\Classes\DMM.CEALG.1@ CEALG Class
Reg HKLM\SOFTWARE\Classes\DMM.CEALG.1\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.CEALG.1\CLSID@ {89555CC1-4928-11D3-8D4C-00E029154FDE}
Reg HKLM\SOFTWARE\Classes\DMM.ClassificationModel@ ClassificationModel Class
Reg HKLM\SOFTWARE\Classes\DMM.ClassificationModel\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.ClassificationModel\CLSID@ {830437A6-2F36-11D3-8C76-00600832DCED}
Reg HKLM\SOFTWARE\Classes\DMM.ClassificationModel\CurVer
Reg HKLM\SOFTWARE\Classes\DMM.ClassificationModel\CurVer@ DMM.ClassificationModel.1
Reg HKLM\SOFTWARE\Classes\DMM.ClassificationModel.1@ ClassificationModel Class
Reg HKLM\SOFTWARE\Classes\DMM.ClassificationModel.1\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.ClassificationModel.1\CLSID@ {830437A6-2F36-11D3-8C76-00600832DCED}
Reg HKLM\SOFTWARE\Classes\DMM.Classifier@ Classifier Class
Reg HKLM\SOFTWARE\Classes\DMM.Classifier\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.Classifier\CLSID@ {08EAF772-59A5-11D3-B3A7-00C04F687719}
Reg HKLM\SOFTWARE\Classes\DMM.Classifier\CurVer
Reg HKLM\SOFTWARE\Classes\DMM.Classifier\CurVer@ DMM.Classifier.1
Reg HKLM\SOFTWARE\Classes\DMM.Classifier.1@ Classifier Class
Reg HKLM\SOFTWARE\Classes\DMM.Classifier.1\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.Classifier.1\CLSID@ {08EAF772-59A5-11D3-B3A7-00C04F687719}
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCount@ DMMCorrCount Class
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCount\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCount\CLSID@ {65813659-4461-11D3-8C7B-00600832DCED}
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCount\CurVer
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCount\CurVer@ DMM.DMMCorrCount.1
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCount.1@ DMMCorrCount Class
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCount.1\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCount.1\CLSID@ {65813659-4461-11D3-8C7B-00600832DCED}
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCountSource@ DMMCorrCountSource Class
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCountSource\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCountSource\CLSID@ {65813656-4461-11D3-8C7B-00600832DCED}
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCountSource\CurVer
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCountSource\CurVer@ DMM.DMMCorrCountSource.1
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCountSource.1@ DMMCorrCountSource Class
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCountSource.1\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.DMMCorrCountSource.1\CLSID@ {65813656-4461-11D3-8C7B-00600832DCED}
Reg HKLM\SOFTWARE\Classes\DMM.FeatureSelection@ FeatureSelection Class
Reg HKLM\SOFTWARE\Classes\DMM.FeatureSelection\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.FeatureSelection\CLSID@ {ED56664F-4088-11D3-B394-00C04F687719}
Reg HKLM\SOFTWARE\Classes\DMM.FeatureSelection\CurVer
Reg HKLM\SOFTWARE\Classes\DMM.FeatureSelection\CurVer@ DMM.FeatureSelection.1
Reg HKLM\SOFTWARE\Classes\DMM.FeatureSelection.1@ FeatureSelection Class
Reg HKLM\SOFTWARE\Classes\DMM.FeatureSelection.1\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.FeatureSelection.1\CLSID@ {ED56664F-4088-11D3-B394-00C04F687719}
Reg HKLM\SOFTWARE\Classes\DMM.MarginalModel@ MarginalModel Class
Reg HKLM\SOFTWARE\Classes\DMM.MarginalModel\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.MarginalModel\CLSID@ {C1CD5360-28E5-11D3-8C76-00600832DCED}
Reg HKLM\SOFTWARE\Classes\DMM.MarginalModel\CurVer
Reg HKLM\SOFTWARE\Classes\DMM.MarginalModel\CurVer@ DMM.MarginalModel.1
Reg HKLM\SOFTWARE\Classes\DMM.MarginalModel.1@ MarginalModel Class
Reg HKLM\SOFTWARE\Classes\DMM.MarginalModel.1\CLSID
Reg HKLM\SOFTWARE\Classes\DMM.MarginalModel.1\CLSID@ {C1CD5360-28E5-11D3-8C76-00600832DCED}
Reg HKLM\SOFTWARE\Classes\Equation@ Microsoft Equation
Reg HKLM\SOFTWARE\Classes\Equation\CLSID
Reg HKLM\SOFTWARE\Classes\Equation\CLSID@ {0003000B-0000-0000-C000-000000000046}
Reg HKLM\SOFTWARE\Classes\Equation\CurVer
Reg HKLM\SOFTWARE\Classes\Equation\CurVer@ Equation.3
Reg HKLM\SOFTWARE\Classes\Equation\NotInsertable
Reg HKLM\SOFTWARE\Classes\Equation.2@ Microsoft Equation 2.0
Reg HKLM\SOFTWARE\Classes\Equation.2\CLSID
Reg HKLM\SOFTWARE\Classes\Equation.2\CLSID@ {00021700-0000-0000-C000-000000000046}
Reg HKLM\SOFTWARE\Classes\Equation.2\CurVer
Reg HKLM\SOFTWARE\Classes\Equation.2\CurVer@ Equation.3
Reg HKLM\SOFTWARE\Classes\Equation.2\NotInsertable
Reg HKLM\SOFTWARE\Classes\Forms.CheckBox.1@ Microsoft Forms 2.0 CheckBox
Reg HKLM\SOFTWARE\Classes\Forms.CheckBox.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.CheckBox.1\CLSID@ {8BD21D40-EC42-11CE-9E0D-00AA006002F3}
Reg HKLM\SOFTWARE\Classes\Forms.ComboBox.1@ Microsoft Forms 2.0 ComboBox
Reg HKLM\SOFTWARE\Classes\Forms.ComboBox.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.ComboBox.1\CLSID@ {8BD21D30-EC42-11CE-9E0D-00AA006002F3}
Reg HKLM\SOFTWARE\Classes\Forms.CommandButton.1@ Microsoft Forms 2.0 CommandButton
Reg HKLM\SOFTWARE\Classes\Forms.CommandButton.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.CommandButton.1\CLSID@ {D7053240-CE69-11CD-A777-00DD01143C57}
Reg HKLM\SOFTWARE\Classes\Forms.Form.1@ Microsoft Forms 2.0 Form
Reg HKLM\SOFTWARE\Classes\Forms.Form.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.Form.1\CLSID@ {C62A69F0-16DC-11CE-9E98-00AA00574A4F}
Reg HKLM\SOFTWARE\Classes\Forms.Frame.1@ Microsoft Forms 2.0 Frame
Reg HKLM\SOFTWARE\Classes\Forms.Frame.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.Frame.1\CLSID@ {6E182020-F460-11CE-9BCD-00AA00608E01}
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Checkbox.1@ Microsoft Forms 2.0 HTML CHECKBOX
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Checkbox.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Checkbox.1\CLSID@ {5512D116-5CC6-11CF-8D67-00AA00BDCE1D}
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Hidden.1@ Microsoft Forms 2.0 HTML Hidden
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Hidden.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Hidden.1\CLSID@ {5512D11C-5CC6-11CF-8D67-00AA00BDCE1D}
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Image.1@ Microsoft Forms 2.0 HTML IMAGE
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Image.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Image.1\CLSID@ {5512D112-5CC6-11CF-8D67-00AA00BDCE1D}
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Option.1@ Microsoft Forms 2.0 HTML OPTION
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Option.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Option.1\CLSID@ {5512D118-5CC6-11CF-8D67-00AA00BDCE1D}
Reg HKLM\SOFTWARE\Classes\Forms.HTMLassword.1@ Microsoft Forms 2.0 HTML Password
Reg HKLM\SOFTWARE\Classes\Forms.HTMLassword.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.HTMLassword.1\CLSID@ {5512D11E-5CC6-11CF-8D67-00AA00BDCE1D}
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Reset.1@ Microsoft Forms 2.0 HTML RESET
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Reset.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Reset.1\CLSID@ {5512D114-5CC6-11CF-8D67-00AA00BDCE1D}
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Select.1@ Microsoft Forms 2.0 HTML SELECT
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Select.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Select.1\CLSID@ {5512D122-5CC6-11CF-8D67-00AA00BDCE1D}
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Submitbutton.1@ Microsoft Forms 2.0 HTML SUBMIT
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Submitbutton.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Submitbutton.1\CLSID@ {5512D110-5CC6-11CF-8D67-00AA00BDCE1D}
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Text.1@ Microsoft Forms 2.0 HTML TEXT
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Text.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.HTML:Text.1\CLSID@ {5512D11A-5CC6-11CF-8D67-00AA00BDCE1D}
Reg HKLM\SOFTWARE\Classes\Forms.HTML:TextArea.1@ Microsoft Forms 2.0 HTML TextAREA
Reg HKLM\SOFTWARE\Classes\Forms.HTML:TextArea.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.HTML:TextArea.1\CLSID@ {5512D124-5CC6-11CF-8D67-00AA00BDCE1D}
Reg HKLM\SOFTWARE\Classes\Forms.Image.1@ Microsoft Forms 2.0 Image
Reg HKLM\SOFTWARE\Classes\Forms.Image.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.Image.1\CLSID@ {4C599241-6926-101B-9992-00000B65C6F9}
Reg HKLM\SOFTWARE\Classes\Forms.Label.1@ Microsoft Forms 2.0 Label
Reg HKLM\SOFTWARE\Classes\Forms.Label.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.Label.1\CLSID@ {978C9E23-D4B0-11CE-BF2D-00AA003F40D0}
Reg HKLM\SOFTWARE\Classes\Forms.ListBox.1@ Microsoft Forms 2.0 ListBox
Reg HKLM\SOFTWARE\Classes\Forms.ListBox.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.ListBox.1\CLSID@ {8BD21D20-EC42-11CE-9E0D-00AA006002F3}
Reg HKLM\SOFTWARE\Classes\Forms.MultiPage.1@ Microsoft Forms 2.0 MultiPage
Reg HKLM\SOFTWARE\Classes\Forms.MultiPage.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.MultiPage.1\CLSID@ {46E31370-3F7A-11CE-BED6-00AA00611080}
Reg HKLM\SOFTWARE\Classes\Forms.OptionButton.1@ Microsoft Forms 2.0 OptionButton
Reg HKLM\SOFTWARE\Classes\Forms.OptionButton.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.OptionButton.1\CLSID@ {8BD21D50-EC42-11CE-9E0D-00AA006002F3}
Reg HKLM\SOFTWARE\Classes\Forms.ScrollBar.1@ Microsoft Forms 2.0 ScrollBar
Reg HKLM\SOFTWARE\Classes\Forms.ScrollBar.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.ScrollBar.1\CLSID@ {DFD181E0-5E2F-11CE-A449-00AA004A803D}
Reg HKLM\SOFTWARE\Classes\Forms.SpinButton.1@ Microsoft Forms 2.0 SpinButton
Reg HKLM\SOFTWARE\Classes\Forms.SpinButton.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.SpinButton.1\CLSID@ {79176FB0-B7F2-11CE-97EF-00AA006D2776}
Reg HKLM\SOFTWARE\Classes\Forms.TabStrip.1@ Microsoft Forms 2.0 TabStrip
Reg HKLM\SOFTWARE\Classes\Forms.TabStrip.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.TabStrip.1\CLSID@ {EAE50EB0-4A62-11CE-BED6-00AA00611080}
Reg HKLM\SOFTWARE\Classes\Forms.TextBox.1@ Microsoft Forms 2.0 TextBox
Reg HKLM\SOFTWARE\Classes\Forms.TextBox.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.TextBox.1\CLSID@ {8BD21D10-EC42-11CE-9E0D-00AA006002F3}
Reg HKLM\SOFTWARE\Classes\Forms.ToggleButton.1@ Microsoft Forms 2.0 ToggleButton
Reg HKLM\SOFTWARE\Classes\Forms.ToggleButton.1\CLSID
Reg HKLM\SOFTWARE\Classes\Forms.ToggleButton.1\CLSID@ {8BD21D60-EC42-11CE-9E0D-00AA006002F3}
Reg HKLM\SOFTWARE\Classes\HWDeviceLogin.IDHWDevice@ Windows Live HW Device
Reg HKLM\SOFTWARE\Classes\HWDeviceLogin.IDHWDevice\CLSID
Reg HKLM\SOFTWARE\Classes\HWDeviceLogin.IDHWDevice\CLSID@ {1C109E4C-2F30-4EA3-A57A-A290877A2303}
Reg HKLM\SOFTWARE\Classes\HWDeviceLogin.IDHWDevice\CurVer
Reg HKLM\SOFTWARE\Classes\HWDeviceLogin.IDHWDevice\CurVer@ HWDeviceLogin.IDHWDevice.1
Reg HKLM\SOFTWARE\Classes\HWDeviceLogin.IDHWDevice.1@ Windows Live HW Device
Reg HKLM\SOFTWARE\Classes\HWDeviceLogin.IDHWDevice.1\CLSID
Reg HKLM\SOFTWARE\Classes\HWDeviceLogin.IDHWDevice.1\CLSID@ {1C109E4C-2F30-4EA3-A57A-A290877A2303}
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBHOCtrl@ Windows Live Sign-in Control
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBHOCtrl\CLSID
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBHOCtrl\CLSID@ {D2517915-48CE-4286-970F-921E881B8C5C}
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBHOCtrl\CurVer
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBHOCtrl\CurVer@ IDBHO.IDBHOCtrl.1
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBHOCtrl.1@ Windows Live Sign-in Control
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBHOCtrl.1\CLSID
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBHOCtrl.1\CLSID@ {D2517915-48CE-4286-970F-921E881B8C5C}
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBrowserExtension@ Windows Live Sign-in Helper
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBrowserExtension\CLSID
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBrowserExtension\CLSID@ {9030D464-4C02-4ABF-8ECC-5164760863C6}
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBrowserExtension\CurVer
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBrowserExtension\CurVer@ IDBHO.IDBrowserExtension.1
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBrowserExtension.1@ Windows Live Sign-in Helper
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBrowserExtension.1\CLSID
Reg HKLM\SOFTWARE\Classes\IDBHO.IDBrowserExtension.1\CLSID@ {9030D464-4C02-4ABF-8ECC-5164760863C6}
Reg HKLM\SOFTWARE\Classes\igfx.CUIService.1\CLSID
Reg HKLM\SOFTWARE\Classes\igfx.CUIService.1\CLSID@ {0F195FA1-CCF0-11D2-8B20-00A0C93CB1F4}
Reg HKLM\SOFTWARE\Classes\jarfile@ Executable Jar File
Reg HKLM\SOFTWARE\Classes\jarfile\shell
Reg HKLM\SOFTWARE\Classes\jarfile\shell\open
Reg HKLM\SOFTWARE\Classes\jarfile\shell\open\command
Reg HKLM\SOFTWARE\Classes\jarfile\shell\open\command@ "C:\Program Files\Java\jre6\bin\javaw.exe" -jar "%1" %*
Reg HKLM\SOFTWARE\Classes\JavaPlugin\CLSID
Reg HKLM\SOFTWARE\Classes\JavaPlugin\CLSID@ {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
Reg HKLM\SOFTWARE\Classes\JavaPlugin.160_21\CLSID
Reg HKLM\SOFTWARE\Classes\JavaPlugin.160_21\CLSID@ {5852F5ED-8BF4-11D4-A245-0080C6F74284}

TheMick · 2010/08/30

HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationInstanceDimension.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationInstanceDimension.9\CLSID@ {B6B04F24-88EB-3914-A474-A6678E5F8052}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationInstanceMeasure@ Microsoft.AnalysisServices.AggregationInstanceMeasure
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationInstanceMeasure\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationInstanceMeasure\CLSID@ {088B3BF5-E295-3F76-80D6-A50A2FE6DF9D}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationInstanceMeasure\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationInstanceMeasure\CurVer@ Microsoft.AnalysisServices.AggregationInstanceMeasure.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationInstanceMeasure.9@ Microsoft.AnalysisServices.AggregationInstanceMeasure
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationInstanceMeasure.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationInstanceMeasure.9\CLSID@ {088B3BF5-E295-3F76-80D6-A50A2FE6DF9D}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationType@ Microsoft.AnalysisServices.AggregationType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationType\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationType\CLSID@ {3CD62A57-BE72-35F3-BB9C-E389DDD9A4D6}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationType\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationType\CurVer@ Microsoft.AnalysisServices.AggregationType.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationType.9@ Microsoft.AnalysisServices.AggregationType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationType.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationType.9\CLSID@ {3CD62A57-BE72-35F3-BB9C-E389DDD9A4D6}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationUsage@ Microsoft.AnalysisServices.AggregationUsage
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationUsage\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationUsage\CLSID@ {7877D558-5378-4E1F-9624-104CA12B3607}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationUsage\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationUsage\CurVer@ Microsoft.AnalysisServices.AggregationUsage.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationUsage.9@ Microsoft.AnalysisServices.AggregationUsage
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationUsage.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AggregationUsage.9\CLSID@ {7877D558-5378-4E1F-9624-104CA12B3607}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameter@ Microsoft.AnalysisServices.AlgorithmParameter
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameter\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameter\CLSID@ {43F3DB34-4346-4848-BB4B-5C329A656E19}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameter\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameter\CurVer@ Microsoft.AnalysisServices.AlgorithmParameter.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameter.9@ Microsoft.AnalysisServices.AlgorithmParameter
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameter.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameter.9\CLSID@ {43F3DB34-4346-4848-BB4B-5C329A656E19}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameterCollection@ Microsoft.AnalysisServices.AlgorithmParameterCollection
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameterCollection\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameterCollection\CLSID@ {8FDB2E6F-E045-45A8-8587-D3D491FF2E22}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameterCollection\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameterCollection\CurVer@ Microsoft.AnalysisServices.AlgorithmParameterCollection.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameterCollection.9@ Microsoft.AnalysisServices.AlgorithmParameterCollection
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameterCollection.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AlgorithmParameterCollection.9\CLSID@ {8FDB2E6F-E045-45A8-8587-D3D491FF2E22}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AmoException@ Microsoft.AnalysisServices.AmoException
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AmoException\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AmoException\CLSID@ {C1F01C60-4ED4-34C6-B72B-D7A232B35657}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AmoException\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AmoException\CurVer@ Microsoft.AnalysisServices.AmoException.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AmoException.9@ Microsoft.AnalysisServices.AmoException
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AmoException.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AmoException.9\CLSID@ {C1F01C60-4ED4-34C6-B72B-D7A232B35657}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnalysisState@ Microsoft.AnalysisServices.AnalysisState
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnalysisState\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnalysisState\CLSID@ {C181D26B-C32D-4D8F-9FD5-B3DA5D9BD18E}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnalysisState\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnalysisState\CurVer@ Microsoft.AnalysisServices.AnalysisState.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnalysisState.9@ Microsoft.AnalysisServices.AnalysisState
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnalysisState.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnalysisState.9\CLSID@ {C181D26B-C32D-4D8F-9FD5-B3DA5D9BD18E}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Annotation@ Microsoft.AnalysisServices.Annotation
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Annotation\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Annotation\CLSID@ {FEBF233D-E8CF-4EAF-8B2A-ED7E1C9E183D}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Annotation\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Annotation\CurVer@ Microsoft.AnalysisServices.Annotation.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Annotation.9@ Microsoft.AnalysisServices.Annotation
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Annotation.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Annotation.9\CLSID@ {FEBF233D-E8CF-4EAF-8B2A-ED7E1C9E183D}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationCollection@ Microsoft.AnalysisServices.AnnotationCollection
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationCollection\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationCollection\CLSID@ {660FA3D1-97B1-4C33-86AF-8F4381D4317E}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationCollection\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationCollection\CurVer@ Microsoft.AnalysisServices.AnnotationCollection.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationCollection.9@ Microsoft.AnalysisServices.AnnotationCollection
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationCollection.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationCollection.9\CLSID@ {660FA3D1-97B1-4C33-86AF-8F4381D4317E}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationVisibility@ Microsoft.AnalysisServices.AnnotationVisibility
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationVisibility\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationVisibility\CLSID@ {2498E5C7-7A27-3ACB-8C86-FFF0EFECD57C}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationVisibility\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationVisibility\CurVer@ Microsoft.AnalysisServices.AnnotationVisibility.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationVisibility.9@ Microsoft.AnalysisServices.AnnotationVisibility
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationVisibility.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AnnotationVisibility.9\CLSID@ {2498E5C7-7A27-3ACB-8C86-FFF0EFECD57C}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AssemblyReferencesHelper@ Microsoft.AnalysisServices.AssemblyReferencesHelper
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AssemblyReferencesHelper\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AssemblyReferencesHelper\CLSID@ {B61A666D-2EBC-3D5C-AEF9-678FDF07FD11}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AssemblyReferencesHelper\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AssemblyReferencesHelper\CurVer@ Microsoft.AnalysisServices.AssemblyReferencesHelper.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AssemblyReferencesHelper.9@ Microsoft.AnalysisServices.AssemblyReferencesHelper
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AssemblyReferencesHelper.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AssemblyReferencesHelper.9\CLSID@ {B61A666D-2EBC-3D5C-AEF9-678FDF07FD11}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBinding@ Microsoft.AnalysisServices.AttributeBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBinding\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBinding\CLSID@ {A590CCBA-97D1-4CE7-8D8A-9D593313B2C3}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBinding\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBinding\CurVer@ Microsoft.AnalysisServices.AttributeBinding.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBinding.9@ Microsoft.AnalysisServices.AttributeBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBinding.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBinding.9\CLSID@ {A590CCBA-97D1-4CE7-8D8A-9D593313B2C3}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBindingType@ Microsoft.AnalysisServices.AttributeBindingType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBindingType\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBindingType\CLSID@ {F0E0FD1D-1257-4B4A-BD45-38C86D2F970C}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBindingType\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBindingType\CurVer@ Microsoft.AnalysisServices.AttributeBindingType.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBindingType.9@ Microsoft.AnalysisServices.AttributeBindingType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBindingType.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeBindingType.9\CLSID@ {F0E0FD1D-1257-4B4A-BD45-38C86D2F970C}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributePermission@ Microsoft.AnalysisServices.AttributePermission
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributePermission\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributePermission\CLSID@ {28E086A9-7107-40D6-A878-77DA5BD59E12}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributePermission\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributePermission\CurVer@ Microsoft.AnalysisServices.AttributePermission.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributePermission.9@ Microsoft.AnalysisServices.AttributePermission
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributePermission.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributePermission.9\CLSID@ {28E086A9-7107-40D6-A878-77DA5BD59E12}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeRelationship@ Microsoft.AnalysisServices.AttributeRelationship
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeRelationship\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeRelationship\CLSID@ {7BE640AB-7EF4-4E4C-A97E-1BE1AF45BA19}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeRelationship\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeRelationship\CurVer@ Microsoft.AnalysisServices.AttributeRelationship.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeRelationship.9@ Microsoft.AnalysisServices.AttributeRelationship
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeRelationship.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeRelationship.9\CLSID@ {7BE640AB-7EF4-4E4C-A97E-1BE1AF45BA19}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeTranslation@ Microsoft.AnalysisServices.AttributeTranslation
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeTranslation\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeTranslation\CLSID@ {D896905A-32A1-4BB9-96DA-4B8941A15EF0}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeTranslation\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeTranslation\CurVer@ Microsoft.AnalysisServices.AttributeTranslation.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeTranslation.9@ Microsoft.AnalysisServices.AttributeTranslation
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeTranslation.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeTranslation.9\CLSID@ {D896905A-32A1-4BB9-96DA-4B8941A15EF0}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeType@ Microsoft.AnalysisServices.AttributeType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeType\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeType\CLSID@ {384C2DC6-3D20-457B-B912-3C5E68D262AD}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeType\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeType\CurVer@ Microsoft.AnalysisServices.AttributeType.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeType.9@ Microsoft.AnalysisServices.AttributeType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeType.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeType.9\CLSID@ {384C2DC6-3D20-457B-B912-3C5E68D262AD}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeUsage@ Microsoft.AnalysisServices.AttributeUsage
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeUsage\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeUsage\CLSID@ {A869FC84-35F7-4AAE-A54D-0E7AB1F3D666}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeUsage\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeUsage\CurVer@ Microsoft.AnalysisServices.AttributeUsage.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeUsage.9@ Microsoft.AnalysisServices.AttributeUsage
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeUsage.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.AttributeUsage.9\CLSID@ {A869FC84-35F7-4AAE-A54D-0E7AB1F3D666}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupInfo@ Microsoft.AnalysisServices.BackupInfo
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupInfo\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupInfo\CLSID@ {5F8831C5-DBBD-3EFE-BF69-606A0E7FB468}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupInfo\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupInfo\CurVer@ Microsoft.AnalysisServices.BackupInfo.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupInfo.9@ Microsoft.AnalysisServices.BackupInfo
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupInfo.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupInfo.9\CLSID@ {5F8831C5-DBBD-3EFE-BF69-606A0E7FB468}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocation@ Microsoft.AnalysisServices.BackupLocation
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocation\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocation\CLSID@ {D7468114-DC2B-464C-83F8-DD33513DEE47}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocation\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocation\CurVer@ Microsoft.AnalysisServices.BackupLocation.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocation.9@ Microsoft.AnalysisServices.BackupLocation
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocation.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocation.9\CLSID@ {D7468114-DC2B-464C-83F8-DD33513DEE47}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocationCollection@ Microsoft.AnalysisServices.BackupLocationCollection
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocationCollection\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocationCollection\CLSID@ {6CCE165D-2AFB-4C5D-93B4-0DF4C04F0947}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocationCollection\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocationCollection\CurVer@ Microsoft.AnalysisServices.BackupLocationCollection.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocationCollection.9@ Microsoft.AnalysisServices.BackupLocationCollection
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocationCollection.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BackupLocationCollection.9\CLSID@ {6CCE165D-2AFB-4C5D-93B4-0DF4C04F0947}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BindingCollection@ Microsoft.AnalysisServices.BindingCollection
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BindingCollection\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BindingCollection\CLSID@ {5585CD17-B90F-4EBD-ADB5-2FCBAD33B4B8}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BindingCollection\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BindingCollection\CurVer@ Microsoft.AnalysisServices.BindingCollection.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BindingCollection.9@ Microsoft.AnalysisServices.BindingCollection
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BindingCollection.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.BindingCollection.9\CLSID@ {5585CD17-B90F-4EBD-ADB5-2FCBAD33B4B8}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculatedMeasureBinding@ Microsoft.AnalysisServices.CalculatedMeasureBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculatedMeasureBinding\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculatedMeasureBinding\CLSID@ {736F7D74-F634-4C89-BB36-55DF50EF64A0}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculatedMeasureBinding\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculatedMeasureBinding\CurVer@ Microsoft.AnalysisServices.CalculatedMeasureBinding.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculatedMeasureBinding.9@ Microsoft.AnalysisServices.CalculatedMeasureBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculatedMeasureBinding.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculatedMeasureBinding.9\CLSID@ {736F7D74-F634-4C89-BB36-55DF50EF64A0}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationProperty@ Microsoft.AnalysisServices.CalculationProperty
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationProperty\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationProperty\CLSID@ {B76F2594-6867-4E8A-B314-FA8372C31760}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationProperty\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationProperty\CurVer@ Microsoft.AnalysisServices.CalculationProperty.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationProperty.9@ Microsoft.AnalysisServices.CalculationProperty
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationProperty.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationProperty.9\CLSID@ {B76F2594-6867-4E8A-B314-FA8372C31760}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationType@ Microsoft.AnalysisServices.CalculationType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationType\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationType\CLSID@ {FCEA3268-36AB-3CAE-BF1D-BF003BECE690}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationType\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationType\CurVer@ Microsoft.AnalysisServices.CalculationType.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationType.9@ Microsoft.AnalysisServices.CalculationType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationType.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalculationType.9\CLSID@ {FCEA3268-36AB-3CAE-BF1D-BF003BECE690}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalendarType@ Microsoft.AnalysisServices.CalendarType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalendarType\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalendarType\CLSID@ {96C47AD3-89EF-3D41-AC77-A179E08CA088}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalendarType\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalendarType\CurVer@ Microsoft.AnalysisServices.CalendarType.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalendarType.9@ Microsoft.AnalysisServices.CalendarType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalendarType.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CalendarType.9\CLSID@ {96C47AD3-89EF-3D41-AC77-A179E08CA088}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cardinality@ Microsoft.AnalysisServices.Cardinality
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cardinality\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cardinality\CLSID@ {F35048FE-8ACC-372B-9616-E6472961DE2C}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cardinality\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cardinality\CurVer@ Microsoft.AnalysisServices.Cardinality.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cardinality.9@ Microsoft.AnalysisServices.Cardinality
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cardinality.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cardinality.9\CLSID@ {F35048FE-8ACC-372B-9616-E6472961DE2C}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermission@ Microsoft.AnalysisServices.CellPermission
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermission\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermission\CLSID@ {C6E2F586-DB91-4B1F-B6FC-EFD81498CFF6}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermission\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermission\CurVer@ Microsoft.AnalysisServices.CellPermission.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermission.9@ Microsoft.AnalysisServices.CellPermission
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermission.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermission.9\CLSID@ {C6E2F586-DB91-4B1F-B6FC-EFD81498CFF6}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermissionAccess@ Microsoft.AnalysisServices.CellPermissionAccess
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermissionAccess\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermissionAccess\CLSID@ {D42D5E20-42CF-4D5B-AD48-08AC68793304}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermissionAccess\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermissionAccess\CurVer@ Microsoft.AnalysisServices.CellPermissionAccess.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermissionAccess.9@ Microsoft.AnalysisServices.CellPermissionAccess
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermissionAccess.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CellPermissionAccess.9\CLSID@ {D42D5E20-42CF-4D5B-AD48-08AC68793304}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssembly@ Microsoft.AnalysisServices.ClrAssembly
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssembly\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssembly\CLSID@ {247B8E26-41E3-460F-9996-F174511341D5}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssembly\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssembly\CurVer@ Microsoft.AnalysisServices.ClrAssembly.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssembly.9@ Microsoft.AnalysisServices.ClrAssembly
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssembly.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssembly.9\CLSID@ {247B8E26-41E3-460F-9996-F174511341D5}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFile@ Microsoft.AnalysisServices.ClrAssemblyFile
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFile\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFile\CLSID@ {09AEB310-E5ED-4BA2-A58B-440FA42CB09C}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFile\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFile\CurVer@ Microsoft.AnalysisServices.ClrAssemblyFile.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFile.9@ Microsoft.AnalysisServices.ClrAssemblyFile
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFile.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFile.9\CLSID@ {09AEB310-E5ED-4BA2-A58B-440FA42CB09C}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileCollection@ Microsoft.AnalysisServices.ClrAssemblyFileCollection
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileCollection\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileCollection\CLSID@ {8DB99C4E-C9A1-4B63-8C42-8D31A593E380}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileCollection\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileCollection\CurVer@ Microsoft.AnalysisServices.ClrAssemblyFileCollection.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileCollection.9@ Microsoft.AnalysisServices.ClrAssemblyFileCollection
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileCollection.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileCollection.9\CLSID@ {8DB99C4E-C9A1-4B63-8C42-8D31A593E380}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileType@ Microsoft.AnalysisServices.ClrAssemblyFileType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileType\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileType\CLSID@ {4ED058B4-6CD9-4CA4-9125-73CD589C56AE}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileType\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileType\CurVer@ Microsoft.AnalysisServices.ClrAssemblyFileType.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileType.9@ Microsoft.AnalysisServices.ClrAssemblyFileType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileType.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ClrAssemblyFileType.9\CLSID@ {4ED058B4-6CD9-4CA4-9125-73CD589C56AE}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ColumnBinding@ Microsoft.AnalysisServices.ColumnBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ColumnBinding\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ColumnBinding\CLSID@ {212B3A61-40A5-4CE9-A46E-0B30768D60E8}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ColumnBinding\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ColumnBinding\CurVer@ Microsoft.AnalysisServices.ColumnBinding.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ColumnBinding.9@ Microsoft.AnalysisServices.ColumnBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ColumnBinding.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ColumnBinding.9\CLSID@ {212B3A61-40A5-4CE9-A46E-0B30768D60E8}

broni · 2010/08/30

Wow! Go on...

TheMick · 2010/08/30

Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ComAssembly@ Microsoft.AnalysisServices.ComAssembly
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ComAssembly\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ComAssembly\CLSID@ {EB79D51C-7F27-46F6-A089-43DD46C6D6F3}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ComAssembly\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ComAssembly\CurVer@ Microsoft.AnalysisServices.ComAssembly.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ComAssembly.9@ Microsoft.AnalysisServices.ComAssembly
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ComAssembly.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ComAssembly.9\CLSID@ {EB79D51C-7F27-46F6-A089-43DD46C6D6F3}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Command@ Microsoft.AnalysisServices.Command
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Command\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Command\CLSID@ {F6506EF5-FBD7-4237-85D3-E3E66B1CAD9D}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Command\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Command\CurVer@ Microsoft.AnalysisServices.Command.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Command.9@ Microsoft.AnalysisServices.Command
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Command.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Command.9\CLSID@ {F6506EF5-FBD7-4237-85D3-E3E66B1CAD9D}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CommandCollection@ Microsoft.AnalysisServices.CommandCollection
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CommandCollection\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CommandCollection\CLSID@ {96BAC2E7-D849-4146-8100-A7BF3C0A9617}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CommandCollection\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CommandCollection\CurVer@ Microsoft.AnalysisServices.CommandCollection.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CommandCollection.9@ Microsoft.AnalysisServices.CommandCollection
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CommandCollection.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CommandCollection.9\CLSID@ {96BAC2E7-D849-4146-8100-A7BF3C0A9617}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionException@ Microsoft.AnalysisServices.ConnectionException
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionException\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionException\CLSID@ {0EDD4E11-1120-3D0E-BEE2-22EE4F447AFD}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionException\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionException\CurVer@ Microsoft.AnalysisServices.ConnectionException.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionException.9@ Microsoft.AnalysisServices.ConnectionException
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionException.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionException.9\CLSID@ {0EDD4E11-1120-3D0E-BEE2-22EE4F447AFD}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionExceptionCause@ Microsoft.AnalysisServices.ConnectionExceptionCause
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionExceptionCause\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionExceptionCause\CLSID@ {54101811-3328-3284-AD79-AF6F89389E6D}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionExceptionCause\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionExceptionCause\CurVer@ Microsoft.AnalysisServices.ConnectionExceptionCause.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionExceptionCause.9@ Microsoft.AnalysisServices.ConnectionExceptionCause
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionExceptionCause.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionExceptionCause.9\CLSID@ {54101811-3328-3284-AD79-AF6F89389E6D}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionStringSecurity@ Microsoft.AnalysisServices.ConnectionStringSecurity
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionStringSecurity\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionStringSecurity\CLSID@ {66B6C101-A959-3BBC-8700-567E6C4A8F55}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionStringSecurity\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionStringSecurity\CurVer@ Microsoft.AnalysisServices.ConnectionStringSecurity.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionStringSecurity.9@ Microsoft.AnalysisServices.ConnectionStringSecurity
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionStringSecurity.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionStringSecurity.9\CLSID@ {66B6C101-A959-3BBC-8700-567E6C4A8F55}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionType@ Microsoft.AnalysisServices.ConnectionType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionType\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionType\CLSID@ {BFA4D240-373C-36E3-80E7-7EFAED40972C}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionType\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionType\CurVer@ Microsoft.AnalysisServices.ConnectionType.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionType.9@ Microsoft.AnalysisServices.ConnectionType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionType.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.ConnectionType.9\CLSID@ {BFA4D240-373C-36E3-80E7-7EFAED40972C}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cube@ Microsoft.AnalysisServices.Cube
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cube\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cube\CLSID@ {127B4EBB-5328-4F6A-8A3B-72CF9BDA5F77}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cube\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cube\CurVer@ Microsoft.AnalysisServices.Cube.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cube.9@ Microsoft.AnalysisServices.Cube
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cube.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Cube.9\CLSID@ {127B4EBB-5328-4F6A-8A3B-72CF9BDA5F77}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttribute@ Microsoft.AnalysisServices.CubeAttribute
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttribute\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttribute\CLSID@ {B9D7DFD8-43B0-4D72-9D7E-1D1352B99196}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttribute\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttribute\CurVer@ Microsoft.AnalysisServices.CubeAttribute.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttribute.9@ Microsoft.AnalysisServices.CubeAttribute
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttribute.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttribute.9\CLSID@ {B9D7DFD8-43B0-4D72-9D7E-1D1352B99196}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttributeBinding@ Microsoft.AnalysisServices.CubeAttributeBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttributeBinding\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttributeBinding\CLSID@ {398A84EF-F7F5-405E-A642-3C3CE569257F}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttributeBinding\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttributeBinding\CurVer@ Microsoft.AnalysisServices.CubeAttributeBinding.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttributeBinding.9@ Microsoft.AnalysisServices.CubeAttributeBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttributeBinding.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeAttributeBinding.9\CLSID@ {398A84EF-F7F5-405E-A642-3C3CE569257F}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimension@ Microsoft.AnalysisServices.CubeDimension
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimension\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimension\CLSID@ {D245D11D-C3DD-4D75-9AF0-C90DB5094BCB}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimension\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimension\CurVer@ Microsoft.AnalysisServices.CubeDimension.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimension.9@ Microsoft.AnalysisServices.CubeDimension
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimension.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimension.9\CLSID@ {D245D11D-C3DD-4D75-9AF0-C90DB5094BCB}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionBinding@ Microsoft.AnalysisServices.CubeDimensionBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionBinding\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionBinding\CLSID@ {72245140-F8BD-4705-AE23-6DFABA51F92D}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionBinding\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionBinding\CurVer@ Microsoft.AnalysisServices.CubeDimensionBinding.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionBinding.9@ Microsoft.AnalysisServices.CubeDimensionBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionBinding.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionBinding.9\CLSID@ {72245140-F8BD-4705-AE23-6DFABA51F92D}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionPermission@ Microsoft.AnalysisServices.CubeDimensionPermission
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionPermission\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionPermission\CLSID@ {4666B2A3-340A-46F5-9D59-EEA5B95BA516}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionPermission\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionPermission\CurVer@ Microsoft.AnalysisServices.CubeDimensionPermission.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionPermission.9@ Microsoft.AnalysisServices.CubeDimensionPermission
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionPermission.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeDimensionPermission.9\CLSID@ {4666B2A3-340A-46F5-9D59-EEA5B95BA516}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeHierarchy@

TheMick · 2010/08/30

icrosoft.AnalysisServices.CubeHierarchy
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeHierarchy\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeHierarchy\CLSID@ {91C12D80-3018-4E79-AB9B-3DA2A2EFE79B}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeHierarchy\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeHierarchy\CurVer@ Microsoft.AnalysisServices.CubeHierarchy.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeHierarchy.9@ Microsoft.AnalysisServices.CubeHierarchy
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeHierarchy.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubeHierarchy.9\CLSID@ {91C12D80-3018-4E79-AB9B-3DA2A2EFE79B}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubePermission@ Microsoft.AnalysisServices.CubePermission
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubePermission\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubePermission\CLSID@ {2913B084-53E2-4CC4-85C2-CDB7437D983A}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubePermission\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubePermission\CurVer@ Microsoft.AnalysisServices.CubePermission.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubePermission.9@ Microsoft.AnalysisServices.CubePermission
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubePermission.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.CubePermission.9\CLSID@ {2913B084-53E2-4CC4-85C2-CDB7437D983A}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataAggregationMode@ Microsoft.AnalysisServices.DataAggregationMode
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataAggregationMode\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataAggregationMode\CLSID@ {5A3D26DC-8EEE-3073-A5DF-4C6C9913B08F}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataAggregationMode\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataAggregationMode\CurVer@ Microsoft.AnalysisServices.DataAggregationMode.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataAggregationMode.9@ Microsoft.AnalysisServices.DataAggregationMode
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataAggregationMode.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataAggregationMode.9\CLSID@ {5A3D26DC-8EEE-3073-A5DF-4C6C9913B08F}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Database@ Microsoft.AnalysisServices.Database
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Database\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Database\CLSID@ {47922F3A-A6AF-4F2A-AE68-8B08E0CF38A8}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Database\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Database\CurVer@ Microsoft.AnalysisServices.Database.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Database.9@ Microsoft.AnalysisServices.Database
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Database.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Database.9\CLSID@ {47922F3A-A6AF-4F2A-AE68-8B08E0CF38A8}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DatabasePermission@ Microsoft.AnalysisServices.DatabasePermission
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DatabasePermission\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DatabasePermission\CLSID@ {E8FA45D6-EE84-4A08-A3F7-9B0BD13FC461}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DatabasePermission\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DatabasePermission\CurVer@ Microsoft.AnalysisServices.DatabasePermission.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DatabasePermission.9@ Microsoft.AnalysisServices.DatabasePermission
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DatabasePermission.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DatabasePermission.9\CLSID@ {E8FA45D6-EE84-4A08-A3F7-9B0BD13FC461}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataItem@ Microsoft.AnalysisServices.DataItem
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataItem\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataItem\CLSID@ {DC06C2CC-28F4-41D0-AB97-7C78561AC9DC}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataItem\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataItem\CurVer@ Microsoft.AnalysisServices.DataItem.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataItem.9@ Microsoft.AnalysisServices.DataItem
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataItem.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataItem.9\CLSID@ {DC06C2CC-28F4-41D0-AB97-7C78561AC9DC}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataMiningMeasureGroupDimension@ Microsoft.AnalysisServices.DataMiningMeasureGroupDimension
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataMiningMeasureGroupDimension\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataMiningMeasureGroupDimension\CLSID@ {05D3B7FA-C00B-3188-B2F6-E43897CBED34}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataMiningMeasureGroupDimension\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataMiningMeasureGroupDimension\CurVer@ Microsoft.AnalysisServices.DataMiningMeasureGroupDimension.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataMiningMeasureGroupDimension.9@ Microsoft.AnalysisServices.DataMiningMeasureGroupDimension
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataMiningMeasureGroupDimension.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataMiningMeasureGroupDimension.9\CLSID@ {05D3B7FA-C00B-3188-B2F6-E43897CBED34}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceIsolation@ Microsoft.AnalysisServices.DataSourceIsolation
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceIsolation\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceIsolation\CLSID@ {C8126C91-11D3-3EDD-B925-90E1C1616E52}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceIsolation\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceIsolation\CurVer@ Microsoft.AnalysisServices.DataSourceIsolation.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceIsolation.9@ Microsoft.AnalysisServices.DataSourceIsolation
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceIsolation.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceIsolation.9\CLSID@ {C8126C91-11D3-3EDD-B925-90E1C1616E52}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourcePermission@ Microsoft.AnalysisServices.DataSourcePermission
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourcePermission\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourcePermission\CLSID@ {5F1DA093-C8AE-4995-A1E9-2817385F4E7C}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourcePermission\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourcePermission\CurVer@ Microsoft.AnalysisServices.DataSourcePermission.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourcePermission.9@ Microsoft.AnalysisServices.DataSourcePermission
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourcePermission.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourcePermission.9\CLSID@ {5F1DA093-C8AE-4995-A1E9-2817385F4E7C}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceView@ Microsoft.AnalysisServices.DataSourceView
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceView\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceView\CLSID@ {66A0FB41-ADB5-4729-B315-C191F7FD3E90}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceView\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceView\CurVer@ Microsoft.AnalysisServices.DataSourceView.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceView.9@ Microsoft.AnalysisServices.DataSourceView
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceView.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceView.9\CLSID@ {66A0FB41-ADB5-4729-B315-C191F7FD3E90}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceViewBinding@ Microsoft.AnalysisServices.DataSourceViewBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceViewBinding\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceViewBinding\CLSID@ {3EF61487-13C3-46DC-8BBD-7E51B30DC991}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceViewBinding\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceViewBinding\CurVer@ Microsoft.AnalysisServices.DataSourceViewBinding.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceViewBinding.9@ Microsoft.AnalysisServices.DataSourceViewBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceViewBinding.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DataSourceViewBinding.9\CLSID@ {3EF61487-13C3-46DC-8BBD-7E51B30DC991}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DegenerateMeasureGroupDimension@ Microsoft.AnalysisServices.DegenerateMeasureGroupDimension
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DegenerateMeasureGroupDimension\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DegenerateMeasureGroupDimension\CLSID@ {1A5D1111-F0FA-46B4-A048-C4328E7DD2BB}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DegenerateMeasureGroupDimension\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DegenerateMeasureGroupDimension\CurVer@ Microsoft.AnalysisServices.DegenerateMeasureGroupDimension.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DegenerateMeasureGroupDimension.9@ Microsoft.AnalysisServices.DegenerateMeasureGroupDimension
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DegenerateMeasureGroupDimension.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DegenerateMeasureGroupDimension.9\CLSID@ {1A5D1111-F0FA-46B4-A048-C4328E7DD2BB}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependenciesCalculator@ Microsoft.AnalysisServices.DependenciesCalculator
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependenciesCalculator\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependenciesCalculator\CLSID@ {786606A9-D908-42E9-95A5-8F4DDB6E8BA1}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependenciesCalculator\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependenciesCalculator\CurVer@ Microsoft.AnalysisServices.DependenciesCalculator.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependenciesCalculator.9@ Microsoft.AnalysisServices.DependenciesCalculator
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependenciesCalculator.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependenciesCalculator.9\CLSID@ {786606A9-D908-42E9-95A5-8F4DDB6E8BA1}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependencyType@ Microsoft.AnalysisServices.DependencyType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependencyType\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependencyType\CLSID@ {BAAF5EAB-BAA3-3E9F-89B4-5EE19CCDA4F2}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependencyType\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependencyType\CurVer@ Microsoft.AnalysisServices.DependencyType.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependencyType.9@ Microsoft.AnalysisServices.DependencyType
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependencyType.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DependencyType.9\CLSID@ {BAAF5EAB-BAA3-3E9F-89B4-5EE19CCDA4F2}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Dimension@ Microsoft.AnalysisServices.Dimension
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Dimension\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Dimension\CLSID@ {1E3D786D-BE27-4C3B-B139-49A43155C9C7}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Dimension\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Dimension\CurVer@ Microsoft.AnalysisServices.Dimension.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Dimension.9@ Microsoft.AnalysisServices.Dimension
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Dimension.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.Dimension.9\CLSID@ {1E3D786D-BE27-4C3B-B139-49A43155C9C7}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DimensionAttribute@ Microsoft.AnalysisServices.DimensionAttribute
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DimensionAttribute\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DimensionAttribute\CLSID@ {DFCB3BDD-51BE-416D-9E6C-3655EBB2845D}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DimensionAttribute\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DimensionAttribute\CurVer@ Microsoft.AnalysisServices.DimensionAttribute.9
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DimensionAttribute.9@ Microsoft.AnalysisServices.DimensionAttribute
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DimensionAttribute.9\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DimensionAttribute.9\CLSID@ {DFCB3BDD-51BE-416D-9E6C-3655EBB2845D}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DimensionBinding@ Microsoft.AnalysisServices.DimensionBinding
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DimensionBinding\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DimensionBinding\CLSID@ {D94D3947-7CDA-40B0-B897-A4E6D5166697}
Reg HKLM\SOFTWARE\Classes\Microsoft.AnalysisServices.DimensionBinding\CurVer

Log in or Sign up

Solved Windows host process (run32dll) stops working

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

Share This Page

Log in or Sign up

Solved Windows host process (run32dll) stops working

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

broni Moderator Malware Analyst

TheMick Inactive Thread Starter

TheMick Inactive Thread Starter

Share This Page

Useful Searches