by magic » June 27th, 2010, 6:46 pm
>Hooks
==============================================
ntkrnlpa.exe+0x000A87AA, Type: Inline - RelativeJump 0x81EDF7AA-->81EDF7B1 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000AC934, Type: Inline - RelativeCall 0x81EE3934-->888EE6B9 [unknown_code_page]
ntkrnlpa.exe+0x000ACD40, Type: Inline - PushRet 0x81EE3D40-->A18EE6B4 [unknown_code_page]
[1464]Photoshop.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->00000000 [shimeng.dll]
[1464]Photoshop.exe-->advapi32.dll-->RegCloseKey, Type: IAT modification 0x00F6B030-->00000000 [AcLayers.dll]
[1464]Photoshop.exe-->advapi32.dll-->RegCreateKeyExA, Type: IAT modification 0x00F6B014-->00000000 [AcLayers.dll]
[1464]Photoshop.exe-->advapi32.dll-->RegDeleteKeyA, Type: IAT modification 0x00F6B010-->00000000 [AcLayers.dll]
[1464]Photoshop.exe-->advapi32.dll-->RegEnumValueA, Type: IAT modification 0x00F6B00C-->00000000 [AcLayers.dll]
[1464]Photoshop.exe-->advapi32.dll-->RegOpenKeyA, Type: IAT modification 0x00F6B01C-->00000000 [AcLayers.dll]
[1464]Photoshop.exe-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x00F6B028-->00000000 [AcLayers.dll]
[1464]Photoshop.exe-->advapi32.dll-->RegQueryValueExA, Type: IAT modification 0x00F6B03C-->00000000 [AcLayers.dll]
[1464]Photoshop.exe-->advapi32.dll-->RegSetValueExA, Type: IAT modification 0x00F6B02C-->00000000 [AcLayers.dll]
[1464]Photoshop.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->00000000 [shimeng.dll]
[1464]Photoshop.exe-->kernel32.dll-->CreateProcessA, Type: IAT modification 0x00F6B3A8-->00000000 [AcGenral.dll]
[1464]Photoshop.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x00F6B32C-->00000000 [shimeng.dll]
[1464]Photoshop.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[1464]Photoshop.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->00000000 [shimeng.dll]
[1464]Photoshop.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->00000000 [shimeng.dll]
[1464]Photoshop.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[1464]Photoshop.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[1464]Photoshop.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[1464]Photoshop.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[1464]Photoshop.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->00000000 [shimeng.dll]
[1464]Photoshop.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[1464]Photoshop.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[1464]Photoshop.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[1464]Photoshop.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[1516]taskeng.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[1516]taskeng.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[1516]taskeng.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[1516]taskeng.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[1516]taskeng.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[1516]taskeng.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[1516]taskeng.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[1516]taskeng.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[1516]taskeng.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[1756]dwm.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[1756]dwm.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[1756]dwm.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[1756]dwm.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[1756]dwm.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[1756]dwm.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[1756]dwm.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[1756]dwm.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[1756]dwm.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[1788]explorer.exe-->kernel32.dll-->ntdll.dll-->NtClose, Type: IAT modification 0x77DF1050-->00000000 [LVPrcInj01.dll]
[1788]explorer.exe-->kernel32.dll-->ntdll.dll-->NtCreateFile, Type: IAT modification 0x77DF1018-->00000000 [LVPrcInj01.dll]
[1788]explorer.exe-->kernel32.dll-->ntdll.dll-->NtDeviceIoControlFile, Type: IAT modification 0x77DF1054-->00000000 [LVPrcInj01.dll]
[1788]explorer.exe-->kernel32.dll-->ntdll.dll-->NtDuplicateObject, Type: IAT modification 0x77DF1354-->00000000 [LVPrcInj01.dll]
[2604]rundll32.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->00000000 [shimeng.dll]
[2604]rundll32.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->00000000 [shimeng.dll]
[2604]rundll32.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->00000000 [shimeng.dll]
[2604]rundll32.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->00000000 [shimeng.dll]
[2660]unsecapp.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[2660]unsecapp.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[2660]unsecapp.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[2660]unsecapp.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[2660]unsecapp.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[2660]unsecapp.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[2660]unsecapp.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[2660]unsecapp.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[2660]unsecapp.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[2996]iexplore.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->00000000 [IEShims.dll]
[2996]iexplore.exe-->gdi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77B61130-->00000000 [IEShims.dll]
[2996]iexplore.exe-->gdi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77B6119C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->gdi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77B611BC-->00000000 [IEShims.dll]
[2996]iexplore.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->00000000 [IEShims.dll]
[2996]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77B6111C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77B61110-->00000000 [IEShims.dll]
[2996]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77B61174-->00000000 [IEShims.dll]
[2996]iexplore.exe-->gdi32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x77B611AC-->00000000 [IEShims.dll]
[2996]iexplore.exe-->mswsock.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x6D64123C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x768E125C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateDirectoryW, Type: IAT modification 0x768E13B0-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x768E1460-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateHardLinkW, Type: IAT modification 0x768E11A4-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x768E12E8-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x768E13B4-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->FindClose, Type: IAT modification 0x768E132C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->FindFirstFileW, Type: IAT modification 0x768E1328-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->FindNextFileW, Type: IAT modification 0x768E1114-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->GetBinaryTypeW, Type: IAT modification 0x768E1280-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesA, Type: IAT modification 0x768E1370-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesExW, Type: IAT modification 0x768E14A4-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesW, Type: IAT modification 0x768E13BC-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->GetLongPathNameW, Type: IAT modification 0x768E14EC-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileIntW, Type: IAT modification 0x768E1390-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileSectionNamesW, Type: IAT modification 0x768E1164-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileSectionW, Type: IAT modification 0x768E1100-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileStringW, Type: IAT modification 0x768E13A0-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->GetShortPathNameA, Type: IAT modification 0x768E136C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->GetShortPathNameW, Type: IAT modification 0x768E1428-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x768E14E0-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x768E1284-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x768E1448-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->MoveFileExW, Type: IAT modification 0x768E13C0-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x768E130C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->RemoveDirectoryW, Type: IAT modification 0x768E13AC-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->ReplaceFileW, Type: IAT modification 0x768E1140-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x768E1384-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->SetCurrentDirectoryW, Type: IAT modification 0x768E124C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->SetFileAttributesW, Type: IAT modification 0x768E13B8-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->WritePrivateProfileSectionW, Type: IAT modification 0x768E1168-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->kernel32.dll-->WritePrivateProfileStringW, Type: IAT modification 0x768E116C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->ntdll.dll-->NtQueryDirectoryFile, Type: IAT modification 0x768E2320-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->user32.dll-->LoadImageW, Type: IAT modification 0x768E1890-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->user32.dll-->PrivateExtractIconsW, Type: IAT modification 0x768E1A6C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->shell32.dll-->user32.dll-->WinHelpW, Type: IAT modification 0x768E191C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->advapi32.dll-->RegCloseKey, Type: IAT modification 0x77D5154C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x77D51548-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->advapi32.dll-->RegDeleteKeyW, Type: IAT modification 0x77D51544-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->advapi32.dll-->RegEnumValueW, Type: IAT modification 0x77D51524-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x77D51528-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->advapi32.dll-->RegQueryInfoKeyW, Type: IAT modification 0x77D51520-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->advapi32.dll-->RegQueryValueExW, Type: IAT modification 0x77D5152C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->CallNextHookEx, Type: Inline - RelativeJump 0x775A8E3B-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->CreateDialogIndirectParamA, Type: Inline - RelativeJump 0x775C26F1-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->CreateDialogIndirectParamW, Type: Inline - RelativeJump 0x775C9A62-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->CreateDialogParamA, Type: Inline - RelativeJump 0x775C17AA-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->CreateDialogParamW, Type: Inline - RelativeJump 0x775A72A2-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->CreateWindowExW, Type: Inline - RelativeJump 0x775B1305-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->DialogBoxIndirectParamA, Type: Inline - RelativeJump 0x775E847D-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->DialogBoxIndirectParamW, Type: Inline - RelativeJump 0x775D2EF5-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->DialogBoxParamA, Type: Inline - RelativeJump 0x775E8152-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->DialogBoxParamW, Type: Inline - RelativeJump 0x775D10B0-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->EnableWindow, Type: Inline - RelativeJump 0x775ACD8B-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->EndDialog, Type: Inline - RelativeJump 0x775D326E-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->GetAsyncKeyState, Type: Inline - RelativeJump 0x775A863C-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->GetKeyState, Type: Inline - RelativeJump 0x775B8CB1-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->IsDialogMessage, Type: Inline - RelativeJump 0x775C1847-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->IsDialogMessageW, Type: Inline - RelativeJump 0x775C0745-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77D511A8-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77D512B8-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x77D511B4-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77D511B0-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->FindClose, Type: IAT modification 0x77D511E4-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->FindFirstFileW, Type: IAT modification 0x77D511EC-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->FindNextFileW, Type: IAT modification 0x77D511E8-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->GetPrivateProfileStringW, Type: IAT modification 0x77D51328-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77D51250-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77D512FC-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77D511AC-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x77D51154-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->SetCurrentDirectoryW, Type: IAT modification 0x77D511D8-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->kernel32.dll-->WritePrivateProfileStringW, Type: IAT modification 0x77D512BC-->00000000 [IEShims.dll]
[2996]iexplore.exe-->user32.dll-->keybd_event, Type: Inline - RelativeJump 0x775FD972-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->MessageBoxExA, Type: Inline - RelativeJump 0x775FD639-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->MessageBoxExW, Type: Inline - RelativeJump 0x775FD65D-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->MessageBoxIndirectA, Type: Inline - RelativeJump 0x775FD4D9-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->MessageBoxIndirectW, Type: Inline - RelativeJump 0x775FD5D3-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->SendInput, Type: Inline - RelativeJump 0x775D2F75-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->SetCursorPos, Type: Inline - RelativeJump 0x775E6FB2-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->SetKeyboardState, Type: Inline - RelativeJump 0x775D0987-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x775A87AD-->00000000 [ieframe.dll]
[2996]iexplore.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x775A98DB-->00000000 [ieframe.dll]
[2996]iexplore.exe-->wininet.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x704114B0-->00000000 [IEShims.dll]
[2996]iexplore.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->00000000 [IEShims.dll]
[3584]MSASCui.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3584]MSASCui.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3584]MSASCui.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3584]MSASCui.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3584]MSASCui.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3584]MSASCui.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3584]MSASCui.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3584]MSASCui.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3584]MSASCui.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3596]igfxtray.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3596]igfxtray.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3596]igfxtray.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3596]igfxtray.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3596]igfxtray.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3596]igfxtray.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3596]igfxtray.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3596]igfxtray.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3596]igfxtray.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3624]hkcmd.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3624]hkcmd.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3624]hkcmd.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3624]hkcmd.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3624]hkcmd.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3624]hkcmd.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3624]hkcmd.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3624]hkcmd.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3624]hkcmd.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3640]igfxpers.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3640]igfxpers.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3640]igfxpers.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3640]igfxpers.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3640]igfxpers.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3640]igfxpers.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3640]igfxpers.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3640]igfxpers.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3640]igfxpers.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3664]WLTRAY.EXE-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3664]WLTRAY.EXE-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3664]WLTRAY.EXE-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3664]WLTRAY.EXE-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3664]WLTRAY.EXE-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3664]WLTRAY.EXE-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3664]WLTRAY.EXE-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3664]WLTRAY.EXE-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3664]WLTRAY.EXE-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3676]PDVDDXSrv.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3676]PDVDDXSrv.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3676]PDVDDXSrv.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3676]PDVDDXSrv.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3676]PDVDDXSrv.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3676]PDVDDXSrv.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3676]PDVDDXSrv.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3676]PDVDDXSrv.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3676]PDVDDXSrv.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3724]igfxsrvc.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3724]igfxsrvc.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3724]igfxsrvc.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3724]igfxsrvc.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3724]igfxsrvc.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3724]igfxsrvc.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3724]igfxsrvc.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3724]igfxsrvc.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3724]igfxsrvc.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3740]COCIManager.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3740]COCIManager.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3740]COCIManager.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3740]COCIManager.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3740]COCIManager.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3740]COCIManager.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3740]COCIManager.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3740]COCIManager.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3740]COCIManager.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3812]iTunesHelper.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3812]iTunesHelper.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3812]iTunesHelper.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3812]iTunesHelper.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3812]iTunesHelper.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3812]iTunesHelper.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3812]iTunesHelper.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3812]iTunesHelper.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3812]iTunesHelper.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3824]jusched.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3824]jusched.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3824]jusched.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3824]jusched.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3824]jusched.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3824]jusched.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3824]jusched.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3824]jusched.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3824]jusched.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3876]NOELauncher.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->00000000 [shimeng.dll]
[3876]NOELauncher.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->00000000 [shimeng.dll]
[3876]NOELauncher.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x0040A128-->00000000 [shimeng.dll]
[3876]NOELauncher.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3876]NOELauncher.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->00000000 [shimeng.dll]
[3876]NOELauncher.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->00000000 [shimeng.dll]
[3876]NOELauncher.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3876]NOELauncher.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3876]NOELauncher.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3876]NOELauncher.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3876]NOELauncher.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->00000000 [shimeng.dll]
[3876]NOELauncher.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3876]NOELauncher.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3876]NOELauncher.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3876]NOELauncher.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3896]Quickcam.exe-->kernel32.dll-->FindResourceA, Type: IAT modification 0x004FD2D0-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->kernel32.dll-->FindResourceExW, Type: IAT modification 0x004FD2CC-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->kernel32.dll-->FindResourceW, Type: IAT modification 0x004FD4B8-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->kernel32.dll-->FreeResource, Type: IAT modification 0x004FD3E8-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->kernel32.dll-->GetProfileIntA, Type: IAT modification 0x004FD2C8-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->kernel32.dll-->GetProfileIntW, Type: IAT modification 0x004FD37C-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3896]Quickcam.exe-->kernel32.dll-->LoadResource, Type: IAT modification 0x004FD4BC-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->kernel32.dll-->LockResource, Type: IAT modification 0x004FD4C0-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->kernel32.dll-->ntdll.dll-->NtClose, Type: IAT modification 0x77DF1050-->00000000 [LVPrcInj01.dll]
[3896]Quickcam.exe-->kernel32.dll-->ntdll.dll-->NtCreateFile, Type: IAT modification 0x77DF1018-->00000000 [LVPrcInj01.dll]
[3896]Quickcam.exe-->kernel32.dll-->ntdll.dll-->NtDeviceIoControlFile, Type: IAT modification 0x77DF1054-->00000000 [LVPrcInj01.dll]
[3896]Quickcam.exe-->kernel32.dll-->ntdll.dll-->NtDuplicateObject, Type: IAT modification 0x77DF1354-->00000000 [LVPrcInj01.dll]
[3896]Quickcam.exe-->kernel32.dll-->SizeofResource, Type: IAT modification 0x004FD4C4-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->user32.dll-->LoadMenuA, Type: IAT modification 0x004FD7B8-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->user32.dll-->LoadMenuW, Type: IAT modification 0x004FD6D4-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->user32.dll-->LoadStringA, Type: IAT modification 0x004FD7B4-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->user32.dll-->LoadStringW, Type: IAT modification 0x004FD7B0-->00000000 [Quickcam.exe]
[3896]Quickcam.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3896]Quickcam.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3896]Quickcam.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3896]Quickcam.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3896]Quickcam.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3896]Quickcam.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3896]Quickcam.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3896]Quickcam.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3920]sidebar.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3920]sidebar.exe-->kernel32.dll-->ntdll.dll-->NtClose, Type: IAT modification 0x77DF1050-->00000000 [LVPrcInj01.dll]
[3920]sidebar.exe-->kernel32.dll-->ntdll.dll-->NtCreateFile, Type: IAT modification 0x77DF1018-->00000000 [LVPrcInj01.dll]
[3920]sidebar.exe-->kernel32.dll-->ntdll.dll-->NtDeviceIoControlFile, Type: IAT modification 0x77DF1054-->00000000 [LVPrcInj01.dll]
[3920]sidebar.exe-->kernel32.dll-->ntdll.dll-->NtDuplicateObject, Type: IAT modification 0x77DF1354-->00000000 [LVPrcInj01.dll]
[3920]sidebar.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3920]sidebar.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3920]sidebar.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3920]sidebar.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3920]sidebar.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3920]sidebar.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3920]sidebar.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3920]sidebar.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3948]TeaTimer.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3948]TeaTimer.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3948]TeaTimer.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3948]TeaTimer.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3948]TeaTimer.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3948]TeaTimer.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3948]TeaTimer.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3948]TeaTimer.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3948]TeaTimer.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3972]PCSuite.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3972]PCSuite.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3972]PCSuite.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3972]PCSuite.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3972]PCSuite.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3972]PCSuite.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3972]PCSuite.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3972]PCSuite.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3972]PCSuite.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->kernel32.dll-->CloseHandle, Type: Inline - DirectJump 0x7685AE8D-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->kernel32.dll-->CreateFileA, Type: Inline - DirectJump 0x7685CE5F-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->kernel32.dll-->CreateFileW, Type: Inline - DirectJump 0x7685AECB-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->kernel32.dll-->FindFirstFileA, Type: Inline - DirectJump 0x7683895D-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->kernel32.dll-->FindFirstFileW, Type: Inline - DirectJump 0x7684F00C-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->kernel32.dll-->ntdll.dll-->NtClose, Type: IAT modification 0x77DF1050-->00000000 [LVPrcInj01.dll]
[3996]msnmsgr.exe-->kernel32.dll-->ntdll.dll-->NtCreateFile, Type: IAT modification 0x77DF1018-->00000000 [LVPrcInj01.dll]
[3996]msnmsgr.exe-->kernel32.dll-->ntdll.dll-->NtDeviceIoControlFile, Type: IAT modification 0x77DF1054-->00000000 [LVPrcInj01.dll]
[3996]msnmsgr.exe-->kernel32.dll-->ntdll.dll-->NtDuplicateObject, Type: IAT modification 0x77DF1354-->00000000 [LVPrcInj01.dll]
[3996]msnmsgr.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[3996]msnmsgr.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[4664]iexplore.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->00000000 [IEShims.dll]
[4664]iexplore.exe-->gdi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77B61130-->00000000 [IEShims.dll]
[4664]iexplore.exe-->gdi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77B6119C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->gdi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77B611BC-->00000000 [IEShims.dll]
[4664]iexplore.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->00000000 [IEShims.dll]
[4664]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77B6111C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77B61110-->00000000 [IEShims.dll]
[4664]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77B61174-->00000000 [IEShims.dll]
[4664]iexplore.exe-->gdi32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x77B611AC-->00000000 [IEShims.dll]
[4664]iexplore.exe-->mswsock.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x6D64123C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x768E125C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateDirectoryW, Type: IAT modification 0x768E13B0-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x768E1460-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateHardLinkW, Type: IAT modification 0x768E11A4-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x768E12E8-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x768E13B4-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->FindClose, Type: IAT modification 0x768E132C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->FindFirstFileW, Type: IAT modification 0x768E1328-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->FindNextFileW, Type: IAT modification 0x768E1114-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->GetBinaryTypeW, Type: IAT modification 0x768E1280-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesA, Type: IAT modification 0x768E1370-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesExW, Type: IAT modification 0x768E14A4-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesW, Type: IAT modification 0x768E13BC-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->GetLongPathNameW, Type: IAT modification 0x768E14EC-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileIntW, Type: IAT modification 0x768E1390-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileSectionNamesW, Type: IAT modification 0x768E1164-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileSectionW, Type: IAT modification 0x768E1100-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileStringW, Type: IAT modification 0x768E13A0-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->GetShortPathNameA, Type: IAT modification 0x768E136C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->GetShortPathNameW, Type: IAT modification 0x768E1428-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x768E14E0-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x768E1284-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x768E1448-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->MoveFileExW, Type: IAT modification 0x768E13C0-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x768E130C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->RemoveDirectoryW, Type: IAT modification 0x768E13AC-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->ReplaceFileW, Type: IAT modification 0x768E1140-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x768E1384-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->SetCurrentDirectoryW, Type: IAT modification 0x768E124C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->SetFileAttributesW, Type: IAT modification 0x768E13B8-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->WritePrivateProfileSectionW, Type: IAT modification 0x768E1168-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->kernel32.dll-->WritePrivateProfileStringW, Type: IAT modification 0x768E116C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->ntdll.dll-->NtQueryDirectoryFile, Type: IAT modification 0x768E2320-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->user32.dll-->LoadImageW, Type: IAT modification 0x768E1890-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->user32.dll-->PrivateExtractIconsW, Type: IAT modification 0x768E1A6C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->shell32.dll-->user32.dll-->WinHelpW, Type: IAT modification 0x768E191C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->advapi32.dll-->RegCloseKey, Type: IAT modification 0x77D5154C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x77D51548-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->advapi32.dll-->RegDeleteKeyW, Type: IAT modification 0x77D51544-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->advapi32.dll-->RegEnumValueW, Type: IAT modification 0x77D51524-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x77D51528-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->advapi32.dll-->RegQueryInfoKeyW, Type: IAT modification 0x77D51520-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->advapi32.dll-->RegQueryValueExW, Type: IAT modification 0x77D5152C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->CallNextHookEx, Type: Inline - RelativeJump 0x775A8E3B-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->CreateDialogIndirectParamA, Type: Inline - RelativeJump 0x775C26F1-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->CreateDialogIndirectParamW, Type: Inline - RelativeJump 0x775C9A62-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->CreateDialogParamA, Type: Inline - RelativeJump 0x775C17AA-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->CreateDialogParamW, Type: Inline - RelativeJump 0x775A72A2-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->CreateWindowExW, Type: Inline - RelativeJump 0x775B1305-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->DialogBoxIndirectParamA, Type: Inline - RelativeJump 0x775E847D-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->DialogBoxIndirectParamW, Type: Inline - RelativeJump 0x775D2EF5-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->DialogBoxParamA, Type: Inline - RelativeJump 0x775E8152-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->DialogBoxParamW, Type: Inline - RelativeJump 0x775D10B0-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->EnableWindow, Type: Inline - RelativeJump 0x775ACD8B-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->EndDialog, Type: Inline - RelativeJump 0x775D326E-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->GetAsyncKeyState, Type: Inline - RelativeJump 0x775A863C-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->GetKeyState, Type: Inline - RelativeJump 0x775B8CB1-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->IsDialogMessage, Type: Inline - RelativeJump 0x775C1847-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->IsDialogMessageW, Type: Inline - RelativeJump 0x775C0745-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77D511A8-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77D512B8-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x77D511B4-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77D511B0-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->FindClose, Type: IAT modification 0x77D511E4-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->FindFirstFileW, Type: IAT modification 0x77D511EC-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->FindNextFileW, Type: IAT modification 0x77D511E8-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->GetPrivateProfileStringW, Type: IAT modification 0x77D51328-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77D51250-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77D512FC-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77D511AC-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x77D51154-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->SetCurrentDirectoryW, Type: IAT modification 0x77D511D8-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->kernel32.dll-->WritePrivateProfileStringW, Type: IAT modification 0x77D512BC-->00000000 [IEShims.dll]
[4664]iexplore.exe-->user32.dll-->keybd_event, Type: Inline - RelativeJump 0x775FD972-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->MessageBoxExA, Type: Inline - RelativeJump 0x775FD639-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->MessageBoxExW, Type: Inline - RelativeJump 0x775FD65D-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->MessageBoxIndirectA, Type: Inline - RelativeJump 0x775FD4D9-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->MessageBoxIndirectW, Type: Inline - RelativeJump 0x775FD5D3-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->SendInput, Type: Inline - RelativeJump 0x775D2F75-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->SetCursorPos, Type: Inline - RelativeJump 0x775E6FB2-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->SetKeyboardState, Type: Inline - RelativeJump 0x775D0987-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x775A87AD-->00000000 [ieframe.dll]
[4664]iexplore.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x775A98DB-->00000000 [ieframe.dll]
[4664]iexplore.exe-->wininet.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x704114B0-->00000000 [IEShims.dll]
[4664]iexplore.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->00000000 [IEShims.dll]
[4948]WINWORD.EXE-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[4948]WINWORD.EXE-->kernel32.dll-->SetUnhandledExceptionFilter, Type: Inline - RelativeJump 0x7683A84F-->00000000 [MSO.DLL]
[4948]WINWORD.EXE-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[4948]WINWORD.EXE-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[4948]WINWORD.EXE-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[4948]WINWORD.EXE-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[4948]WINWORD.EXE-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[4948]WINWORD.EXE-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[4948]WINWORD.EXE-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[4948]WINWORD.EXE-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[5044]iexplore.exe-->user32.dll-->CreateWindowExW, Type: Inline - RelativeJump 0x775B1305-->00000000 [ieframe.dll]
[5044]iexplore.exe-->user32.dll-->DialogBoxIndirectParamA, Type: Inline - RelativeJump 0x775E847D-->00000000 [ieframe.dll]
[5044]iexplore.exe-->user32.dll-->DialogBoxIndirectParamW, Type: Inline - RelativeJump 0x775D2EF5-->00000000 [ieframe.dll]
[5044]iexplore.exe-->user32.dll-->DialogBoxParamA, Type: Inline - RelativeJump 0x775E8152-->00000000 [ieframe.dll]
[5044]iexplore.exe-->user32.dll-->DialogBoxParamW, Type: Inline - RelativeJump 0x775D10B0-->00000000 [ieframe.dll]
[5044]iexplore.exe-->user32.dll-->MessageBoxExA, Type: Inline - RelativeJump 0x775FD639-->00000000 [ieframe.dll]
[5044]iexplore.exe-->user32.dll-->MessageBoxExW, Type: Inline - RelativeJump 0x775FD65D-->00000000 [ieframe.dll]
[5044]iexplore.exe-->user32.dll-->MessageBoxIndirectA, Type: Inline - RelativeJump 0x775FD4D9-->00000000 [ieframe.dll]
[5044]iexplore.exe-->user32.dll-->MessageBoxIndirectW, Type: Inline - RelativeJump 0x775FD5D3-->00000000 [ieframe.dll]
[5168]wlcomm.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[5168]wlcomm.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[5168]wlcomm.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[5168]wlcomm.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[5168]wlcomm.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[5168]wlcomm.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[5168]wlcomm.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[5168]wlcomm.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[5168]wlcomm.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[5444]iexplore.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->00000000 [IEShims.dll]
[5444]iexplore.exe-->gdi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77B61130-->00000000 [IEShims.dll]
[5444]iexplore.exe-->gdi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77B6119C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->gdi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77B611BC-->00000000 [IEShims.dll]
[5444]iexplore.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->00000000 [IEShims.dll]
[5444]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77B6111C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77B61110-->00000000 [IEShims.dll]
[5444]iexplore.exe-->gdi32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77B61174-->00000000 [IEShims.dll]
[5444]iexplore.exe-->gdi32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x77B611AC-->00000000 [IEShims.dll]
[5444]iexplore.exe-->mswsock.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x6D64123C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x768E125C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateDirectoryW, Type: IAT modification 0x768E13B0-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x768E1460-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateHardLinkW, Type: IAT modification 0x768E11A4-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x768E12E8-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x768E13B4-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->FindClose, Type: IAT modification 0x768E132C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->FindFirstFileW, Type: IAT modification 0x768E1328-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->FindNextFileW, Type: IAT modification 0x768E1114-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->GetBinaryTypeW, Type: IAT modification 0x768E1280-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesA, Type: IAT modification 0x768E1370-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesExW, Type: IAT modification 0x768E14A4-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->GetFileAttributesW, Type: IAT modification 0x768E13BC-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->GetLongPathNameW, Type: IAT modification 0x768E14EC-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileIntW, Type: IAT modification 0x768E1390-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileSectionNamesW, Type: IAT modification 0x768E1164-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileSectionW, Type: IAT modification 0x768E1100-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->GetPrivateProfileStringW, Type: IAT modification 0x768E13A0-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->GetShortPathNameA, Type: IAT modification 0x768E136C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->GetShortPathNameW, Type: IAT modification 0x768E1428-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x768E14E0-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x768E1284-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x768E1448-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->MoveFileExW, Type: IAT modification 0x768E13C0-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x768E130C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->RemoveDirectoryW, Type: IAT modification 0x768E13AC-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->ReplaceFileW, Type: IAT modification 0x768E1140-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x768E1384-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->SetCurrentDirectoryW, Type: IAT modification 0x768E124C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->SetFileAttributesW, Type: IAT modification 0x768E13B8-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->WritePrivateProfileSectionW, Type: IAT modification 0x768E1168-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->kernel32.dll-->WritePrivateProfileStringW, Type: IAT modification 0x768E116C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->ntdll.dll-->NtQueryDirectoryFile, Type: IAT modification 0x768E2320-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->user32.dll-->LoadImageW, Type: IAT modification 0x768E1890-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->user32.dll-->PrivateExtractIconsW, Type: IAT modification 0x768E1A6C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->shell32.dll-->user32.dll-->WinHelpW, Type: IAT modification 0x768E191C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->advapi32.dll-->RegCloseKey, Type: IAT modification 0x77D5154C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x77D51548-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->advapi32.dll-->RegDeleteKeyW, Type: IAT modification 0x77D51544-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->advapi32.dll-->RegEnumValueW, Type: IAT modification 0x77D51524-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x77D51528-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->advapi32.dll-->RegQueryInfoKeyW, Type: IAT modification 0x77D51520-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->advapi32.dll-->RegQueryValueExW, Type: IAT modification 0x77D5152C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->CallNextHookEx, Type: Inline - RelativeJump 0x775A8E3B-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->CreateDialogIndirectParamA, Type: Inline - RelativeJump 0x775C26F1-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->CreateDialogIndirectParamW, Type: Inline - RelativeJump 0x775C9A62-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->CreateDialogParamA, Type: Inline - RelativeJump 0x775C17AA-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->CreateDialogParamW, Type: Inline - RelativeJump 0x775A72A2-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->CreateWindowExW, Type: Inline - RelativeJump 0x775B1305-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->DialogBoxIndirectParamA, Type: Inline - RelativeJump 0x775E847D-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->DialogBoxIndirectParamW, Type: Inline - RelativeJump 0x775D2EF5-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->DialogBoxParamA, Type: Inline - RelativeJump 0x775E8152-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->DialogBoxParamW, Type: Inline - RelativeJump 0x775D10B0-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->EnableWindow, Type: Inline - RelativeJump 0x775ACD8B-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->EndDialog, Type: Inline - RelativeJump 0x775D326E-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->GetAsyncKeyState, Type: Inline - RelativeJump 0x775A863C-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->GetKeyState, Type: Inline - RelativeJump 0x775B8CB1-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->IsDialogMessage, Type: Inline - RelativeJump 0x775C1847-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->IsDialogMessageW, Type: Inline - RelativeJump 0x775C0745-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77D511A8-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77D512B8-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x77D511B4-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77D511B0-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->FindClose, Type: IAT modification 0x77D511E4-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->FindFirstFileW, Type: IAT modification 0x77D511EC-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->FindNextFileW, Type: IAT modification 0x77D511E8-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->GetPrivateProfileStringW, Type: IAT modification 0x77D51328-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x77D51250-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x77D5115C-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->LoadLibraryW, Type: IAT modification 0x77D512FC-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77D511AC-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->SearchPathW, Type: IAT modification 0x77D51154-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->SetCurrentDirectoryW, Type: IAT modification 0x77D511D8-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->kernel32.dll-->WritePrivateProfileStringW, Type: IAT modification 0x77D512BC-->00000000 [IEShims.dll]
[5444]iexplore.exe-->user32.dll-->keybd_event, Type: Inline - RelativeJump 0x775FD972-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->MessageBoxExA, Type: Inline - RelativeJump 0x775FD639-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->MessageBoxExW, Type: Inline - RelativeJump 0x775FD65D-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->MessageBoxIndirectA, Type: Inline - RelativeJump 0x775FD4D9-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->MessageBoxIndirectW, Type: Inline - RelativeJump 0x775FD5D3-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->SendInput, Type: Inline - RelativeJump 0x775D2F75-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->SetCursorPos, Type: Inline - RelativeJump 0x775E6FB2-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->SetKeyboardState, Type: Inline - RelativeJump 0x775D0987-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->SetWindowsHookExW, Type: Inline - RelativeJump 0x775A87AD-->00000000 [ieframe.dll]
[5444]iexplore.exe-->user32.dll-->UnhookWindowsHookEx, Type: Inline - RelativeJump 0x775A98DB-->00000000 [ieframe.dll]
[5444]iexplore.exe-->wininet.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x704114B0-->00000000 [IEShims.dll]
[5444]iexplore.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->00000000 [IEShims.dll]
[5484]FlashUtil10h_ActiveX.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[5484]FlashUtil10h_ActiveX.exe-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[5484]FlashUtil10h_ActiveX.exe-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[5484]FlashUtil10h_ActiveX.exe-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[5484]FlashUtil10h_ActiveX.exe-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[5484]FlashUtil10h_ActiveX.exe-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[5484]FlashUtil10h_ActiveX.exe-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[5484]FlashUtil10h_ActiveX.exe-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[5484]FlashUtil10h_ActiveX.exe-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]
[5932]nscrnsav.scr-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump 0x76839109-->00000000 [unknown_code_page]
[5932]nscrnsav.scr-->ws2_32.dll-->accept, Type: Inline - DirectJump 0x762FBDF6-->00000000 [unknown_code_page]
[5932]nscrnsav.scr-->ws2_32.dll-->closesocket, Type: Inline - DirectJump 0x762E330C-->00000000 [unknown_code_page]
[5932]nscrnsav.scr-->ws2_32.dll-->connect, Type: Inline - DirectJump 0x762E40D9-->00000000 [unknown_code_page]
[5932]nscrnsav.scr-->ws2_32.dll-->htons, Type: Inline - DirectJump 0x762E3010-->00000000 [unknown_code_page]
[5932]nscrnsav.scr-->ws2_32.dll-->WSAAccept, Type: Inline - DirectJump 0x762FBB56-->00000000 [unknown_code_page]
[5932]nscrnsav.scr-->ws2_32.dll-->WSAAsyncSelect, Type: Inline - DirectJump 0x762FA17C-->00000000 [unknown_code_page]
[5932]nscrnsav.scr-->ws2_32.dll-->WSAConnect, Type: Inline - DirectJump 0x762ED7B0-->00000000 [unknown_code_page]
[5932]nscrnsav.scr-->ws2_32.dll-->WSAEventSelect, Type: Inline - DirectJump 0x762E5BFA-->00000000 [unknown_code_page]