PID 0 Parent PID 0 [System Process]
PID 4 Parent PID 0 System
PID 1208 Parent PID 4 kind {Session manager} C:\WINDOWS\system32\smss.exe
PID 1476 Parent PID 1208 kind {Client Server Runtime Process} C:\WINDOWS\system32\csrss.exe
PID 1500 Parent PID 1208 kind {WinLogon} C:\WINDOWS\system32\winlogon.exe
PID 1544 Parent PID 1500 kind {Services.exe} C:\WINDOWS\system32\services.exe
PID 1556 Parent PID 1500 kind {lsass} C:\WINDOWS\system32\lsass.exe
PID 1760 Parent PID 1544 kind {DCom Server} C:\WINDOWS\system32\svchost.exe
PID 1828 Parent PID 1544 kind {RPC Service} C:\WINDOWS\system32\svchost.exe
PID 1868 Parent PID 1544 kind {DHCP Client} C:\WINDOWS\system32\svchost.exe
PID 192 Parent PID 1544 kind {DNS Client} C:\WINDOWS\system32\svchost.exe
PID 244 Parent PID 1544 kind {WebClient} C:\WINDOWS\system32\svchost.exe
PID 848 Parent PID 1544 kind {Print Spooler} C:\WINDOWS\system32\spoolsv.exe
PID 856 Parent PID 784 kind {Explorer} C:\WINDOWS\explorer.exe
PID 1936 Parent PID 856 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PID 1944 Parent PID 856 D:\download\flashget.exe
PID 1952 Parent PID 856 C:\WINDOWS\system32\igfxtray.exe
PID 1960 Parent PID 856 C:\WINDOWS\system32\hkcmd.exe
PID 1968 Parent PID 856 C:\WINDOWS\system32\igfxpers.exe
PID 1992 Parent PID 856 C:\WINDOWS\RTHDCPL.EXE
PID 1980 Parent PID 1544 kind {WebClient} C:\WINDOWS\system32\svchost.exe
PID 524 Parent PID 1544 service {Apache2.2} C:\xampp\apache\bin\httpd.exe
PID 568 Parent PID 856 C:\Program Files\Common Files\Java\Java Update\jusched.exe
PID 592 Parent PID 856 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
PID 688 Parent PID 856 C:\Program Files\Messenger\msmsgs.exe
PID 708 Parent PID 856 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PID 724 Parent PID 856 kind {CTF Loader} C:\WINDOWS\system32\ctfmon.exe
PID 744 Parent PID 856 C:\Documents and Settings\Intel\Local Settings\Data aplikac\Google\Update\GoogleUpdate.exe
PID 792 Parent PID 1544 service {btwdins} C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
PID 1012 Parent PID 1544 service {JavaQuickStarterService} C:\Program Files\Java\jre7\bin\jqs.exe
PID 1128 Parent PID 1544 service {MDM} C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PID 2224 Parent PID 1544 service {mysql} C:\xampp\mysql\bin\mysqld.exe
PID 2404 Parent PID 1544 service {NanoServiceMain} C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PID 2472 Parent PID 1544 service {PSUAService} C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
PID 2668 Parent PID 1544 kind {Windows Image Acquisition} C:\WINDOWS\system32\svchost.exe
PID 3044 Parent PID 1992 C:\DOCUME~1\Intel\LOCALS~1\Temp\RtkBtMnt.exe
PID 3240 Parent PID 524 service {Apache2.2} C:\xampp\apache\bin\httpd.exe
PID 2448 Parent PID 1544 service {WmiApSrv} C:\WINDOWS\system32\wbem\wmiapsrv.exe
PID 2624 Parent PID 1868 kind {Windows update} C:\WINDOWS\system32\wuauclt.exe
PID 908 Parent PID 2504 C:\Program Files\Opera\opera.exe
PID 148 Parent PID 856 kind {Firefox browser} C:\Program Files\Mozilla Firefox\firefox.exe
PID 2152 Parent PID 856 kind {Cmd.exe} C:\WINDOWS\system32\cmd.exe
PID 1312 Parent PID 2152 C:\Documents and Settings\Intel\Dokumenty\Sta
MyWindowsChecker: len 13, kernel name ntkrnlpa.exe
Major 5 Minor 1 BuildNumber 2600 PlatformId 2 ServicePackMajor 3 ServicePackMinor 0 SuiteMask 256 ProductType 1  CSDVersion Service Pack 3
HighestUserAddress: 7FFEFFFF
UserProbeAddress:   7FFF0000
SystemRangeStart:   80000000
NtMajorVersion: 5
NtMinorVersion: 1
BuildNumber:    2600
GlobalFlag: 0
Processors: 1
MmVerifierFlags 0
MmSystemSize    2 Large
DebuggerEnabled 0
DebuggerNotPresent 0
SafeBootMode    0
NXSupportPolicy 2
CR0 80010031 PE ET NE WP PG
CR4 000006F9 VME DE PSE PAE MCE PGE OSFXSR OSXMMEXCPT
cpuid 0: 6E8
cpuid 1: 10800
cpuid 2: C109 SSE3 MONITOR TM2 xTPR_UpdateControl PDCM
cpuid 3: AFE9FBFF FPU VME DE PSE TSC MSR PAE MCE CX8 APIC SEP MTRR PGE MCA CMOV PAT CLFSH DS ACPI MMX FXSR SSE SSE2 SS TM PBE
WindowsType: Uniprocessor Free
KDDB:
 ETHREAD.StartAddress    224
 PsLoadedModuleList:     80554140
 PsActiveProcessHead:    8055A2D8
 PspCidTable:            8055A3E0
 MmLoadedUserImageList:  80554010
 KiProcessorBlock:       80552FC0 (7BFC0)
 KernelVerifier:         0
 KeBugCheckCallbackList: 80553178 (7C178)
 MmNonPagedPoolStart:    81C12000
 MmNonPagedPoolEnd:      FFBE0000
 MmPagedPoolStart:       E1000000
 MmPagedPoolEnd:         EB7FFFFF
 MmPageSize: 4096
KeLargestCacheLine: 40
MmProductType: 0
Decode system scheme - simple
Decode scheme - simple
Driver RPHook loaded from C:\DOCUME~1\Intel\LOCALS~1\Temp\drv2
804D7000:1F9D00 flags C004000 LoadCount 1 \WINDOWS\system32\ntkrnlpa.exe
806D1000:20380 flags C004000 LoadCount 1 \WINDOWS\system32\hal.dll
F8975000:2000 flags 9004000 LoadCount 3 \WINDOWS\system32\KDCOM.DLL
F8885000:3000 flags 9004000 LoadCount 2 \WINDOWS\system32\BOOTVID.dll
F8346000:2E000 flags 9004000 LoadCount 1 ACPI.sys
F8977000:2000 flags D004000 LoadCount 20 \WINDOWS\system32\DRIVERS\WMILIB.SYS
F8335000:11000 flags 9004000 LoadCount 1 pci.sys
F8475000:A000 flags 9004000 LoadCount 1 isapnp.sys
F8233000:18000 flags D004000 LoadCount 0 \WINDOWS\System32\Drivers\SCSIPORT.SYS
F8889000:3000 flags 9004000 LoadCount 1 compbatt.sys
F888D000:4000 flags D004000 LoadCount 2 \WINDOWS\system32\DRIVERS\BATTC.SYS
F8A3D000:1000 flags 9004000 LoadCount 1 pciide.sys
F86F5000:7000 flags D004000 LoadCount 1 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
F8215000:1E000 flags 9004000 LoadCount 1 pcmcia.sys
F8485000:B000 flags 9004000 LoadCount 1 MountMgr.sys
F81F6000:1F000 flags 9004000 LoadCount 1 ftdisk.sys
F8979000:2000 flags 9004000 LoadCount 1 dmload.sys
F81D0000:26000 flags 9004000 LoadCount 1 dmio.sys
F8891000:3000 flags 9004000 LoadCount 1 ACPIEC.sys
F8A3E000:1000 flags D004000 LoadCount 1 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
F86FD000:5000 flags 9004000 LoadCount 1 PartMgr.sys
F8495000:D000 flags 9004000 LoadCount 1 VolSnap.sys
F81B8000:18000 flags 9004000 LoadCount 1 atapi.sys
F84A5000:9000 flags 9004000 LoadCount 1 disk.sys
F84B5000:D000 flags D004000 LoadCount 2 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
F8198000:20000 flags 9004000 LoadCount 3 fltMgr.sys
F8186000:12000 flags 9004000 LoadCount 1 sr.sys
F816F000:17000 flags D004000 LoadCount 6 KSecDD.sys
F80E2000:8D000 flags 9004000 LoadCount 1 Ntfs.sys
F80B5000:2D000 flags 9004000 LoadCount 18 NDIS.sys
F809B000:1A000 flags 9004000 LoadCount 1 Mup.sys
F84E5000:A000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\intelppm.sys
F8925000:3000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\wmiacpi.sys
F7F25000:11D000 flags 1104000 LoadCount 1 \SystemRoot\system32\DRIVERS\ialmnt5.sys
F7EE9000:14000 flags 9104000 LoadCount 6 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
F7EC1000:28000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\HDAudBus.sys
F872D000:6000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\usbuhci.sys
F7E9D000:24000 flags 9104000 LoadCount 2 \SystemRoot\system32\DRIVERS\USBPORT.SYS
F873D000:8000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\usbehci.sys
F84F5000:C000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
F7E25000:78000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\ar5211.sys
F8505000:F000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\EMS7SK.sys
F7E11000:14000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\sdbus.sys
F7DFE000:13000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\ESM7SK.sys
F8525000:A000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\ESD7SK.sys
F8939000:4000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\CmBatt.sys
F8535000:D000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\i8042prt.sys
F8755000:6000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\kbdclass.sys
F7DCE000:30000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\SynTP.sys
F8985000:2000 flags 9104000 LoadCount 4 \SystemRoot\system32\DRIVERS\USBD.SYS
F8765000:6000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\mouclass.sys
F8545000:B000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\imapi.sys
F8555000:10000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\cdrom.sys
F8565000:F000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\redbook.sys
F7DAB000:23000 flags 9104000 LoadCount 9 \SystemRoot\system32\DRIVERS\ks.sys
F7CDF000:CC000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\btkrnl.sys
F8B48000:1000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\audstub.sys
F8575000:D000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\rasl2tp.sys
F894D000:3000 flags 9104000 LoadCount 2 \SystemRoot\system32\DRIVERS\ndistapi.sys
F7CC8000:17000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\ndiswan.sys
F8585000:B000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\raspppoe.sys
F8595000:C000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\raspptp.sys
F8795000:5000 flags 9104000 LoadCount 11 \SystemRoot\system32\DRIVERS\TDI.SYS
F7CB6000:12000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\psched.sys
F85A5000:9000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\msgpc.sys
F87A5000:5000 flags 9104000 LoadCount 2 \SystemRoot\system32\DRIVERS\ptilink.sys
F87B5000:5000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\raspti.sys
F7C86000:30000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\rdpdr.sys
F85B5000:A000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\termdd.sys
F898D000:2000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\swenum.sys
F7C28000:5E000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\update.sys
F8971000:4000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\mssmbios.sys
F7BDA000:4E000 flags 9104000 LoadCount 1 \SystemRoot\system32\drivers\btaudio.sys
F7B8E000:24000 flags 9104000 LoadCount 2 \SystemRoot\system32\drivers\portcls.sys
F85C5000:F000 flags 9104000 LoadCount 2 \SystemRoot\system32\drivers\drmk.sys
F85D5000:A000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\NDProxy.SYS
AA37E000:442000 flags 9104000 LoadCount 1 \SystemRoot\system32\drivers\RtkHDAud.sys
AA348000:36000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
AA254000:F4000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\HSF_DPV.sys
AA1A3000:B1000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
F87E5000:8000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\Modem.SYS
F8605000:F000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\usbhub.sys
F7F01000:3000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\Fs_Rec.SYS
F8BC5000:1000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\Null.SYS
F899D000:2000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\Beep.SYS
F881D000:6000 flags 9104000 LoadCount 1 \SystemRoot\System32\drivers\vga.sys
F89A1000:2000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\mnmdd.SYS
F89A5000:2000 flags 9104000 LoadCount 1 \SystemRoot\System32\DRIVERS\RDPCDD.sys
F882D000:5000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\Msfs.SYS
F883D000:8000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\Npfs.SYS
F8929000:3000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\rasacd.sys
AA148000:13000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\ipsec.sys
AA0EF000:59000 flags 9104000 LoadCount 2 \SystemRoot\system32\DRIVERS\tcpip.sys
AA0C7000:28000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\netbt.sys
F8935000:3000 flags 9104000 LoadCount 1 \SystemRoot\System32\drivers\ws2ifsl.sys
AA0A5000:22000 flags 9104000 LoadCount 1 \SystemRoot\System32\drivers\afd.sys
F8625000:9000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\netbios.sys
AA07A000:2B000 flags 9104000 LoadCount 2 \SystemRoot\system32\DRIVERS\rdbss.sys
AA027000:2B000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\psinknc.sys
A9FC1000:16000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\NNSTlsc.sys
A9F90000:31000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\NNSStrm.sys
A9F4F000:19000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\NNSSmtp.sys
A9F2B000:24000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\NNSPrv.sys
A9EE6000:45000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\NNSProt.sys
A9EA6000:18000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\NNSPop3.sys
A9E90000:16000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\NNSPicc.sys
F886D000:8000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\usbccgp.sys
A9E73000:1D000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\NNSIds.sys
A9E57000:1C000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\NNSHttp.sys
A9E1C000:13000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\NNSAlpc.sys
A9DFE000:1E000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\usbvideo.sys
A9D8E000:70000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\mrxsmb.sys
F8635000:B000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\Fips.SYS
F8655000:9000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\wanarp.sys
F8665000:10000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\Cdfs.SYS
A9D76000:18000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\dump_atapi.sys
F89AF000:2000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000:1CA000 flags 29104000 LoadCount 1 \SystemRoot\System32\win32k.sys
A9F6C000:3000 flags 9104000 LoadCount 1 \SystemRoot\System32\drivers\Dxapi.sys
F8785000:5000 flags 9104000 LoadCount 1 \SystemRoot\System32\watchdog.sys
BF000000:12000 flags 29104000 LoadCount 1 \SystemRoot\System32\drivers\dxg.sys
F8A69000:1000 flags 9104000 LoadCount 1 \SystemRoot\System32\drivers\dxgthk.sys
BF021000:22000 flags 21104000 LoadCount 1 \SystemRoot\System32\ialmdnt5.dll
BF012000:F000 flags 21104000 LoadCount 1 \SystemRoot\System32\ialmrnt5.dll
BF043000:3B000 flags 21104000 LoadCount 1 \SystemRoot\System32\ialmdev5.DLL
BF07E000:F0000 flags 21104000 LoadCount 1 \SystemRoot\System32\ialmdd5.DLL
BF16E000:47000 flags 29104000 LoadCount 1 \SystemRoot\System32\ATMFD.DLL
A9C13000:23000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\PSINAflt.sys
A9BF7000:1C000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\PSINProt.sys
A9BDF000:18000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\PSINFile.sys
A9BC4000:1B000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\PSINProc.sys
A9C36000:4000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\ndisuio.sys
A9D0E000:10000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\rspndr.sys
A98B7000:15000 flags 9104000 LoadCount 1 \SystemRoot\system32\drivers\wdmaud.sys
A9A74000:F000 flags 9104000 LoadCount 1 \SystemRoot\system32\drivers\sysaudio.sys
A9633000:2C000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\mrxdav.sys
F8775000:6000 flags 9104000 LoadCount 1 \??\C:\WINDOWS\system32\drivers\btserial.sys
A9293000:58000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\srv.sys
A93C3000:4000 flags 9104000 LoadCount 1 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
A98CC000:A000 flags 9104000 LoadCount 1 \SystemRoot\System32\DRIVERS\PSKMAD.sys
A8B72000:41000 flags 9104000 LoadCount 1 \SystemRoot\System32\Drivers\HTTP.sys
A856C000:9A000 flags 1104000 LoadCount 1 \??\C:\Documents and Settings\Intel\Dokumenty\PCHunter_free\PCHunter_free\PCHunter32.sys
A8541000:2B000 flags 9104000 LoadCount 1 \SystemRoot\system32\drivers\kmixer.sys
A9D1E000:10000 flags 9104000 LoadCount 1 \??\C:\DOCUME~1\Intel\LOCALS~1\Temp\drv2
7C900000:B1000 flags 0 LoadCount 1 \WINDOWS\system32\ntdll.dll
Patched KeReleaseInStackQueuedSpinLockFromDpcLevel + C12
Patched KiDispatchInterrupt + 22A
KernelSection .text rva 600, size 6B710, 0x2608 relocs has 0x14 patched bytes !

STD at 80501BCC
 ZwAcceptConnectPort: 80599B0A
 ZwAccessCheck: 805E77B4
 ZwAccessCheckAndAuditAlarm: 805EAFFA
 ZwAccessCheckByType: 805E77E6
 ZwAccessCheckByTypeAndAuditAlarm: 805EB034
 ZwAccessCheckByTypeResultList: 805E781C
 ZwAccessCheckByTypeResultListAndAuditAlarm: 805EB078
 ZwAccessCheckByTypeResultListAndAuditAlarmByHandle: 805EB0BC
 ZwAddAtom: 8060C932
 ZwAddBootEntry: 8060D676
 ZwAdjustGroupsToken: 805E2B9A
 ZwAdjustPrivilegesToken: 805E27F2
 ZwAlertResumeThread: 805CB054
 ZwAlertThread: 805CB004
 ZwAllocateLocallyUniqueId: 8060CF58
 ZwAllocateUserPhysicalPages: 805AB798
 ZwAllocateUuids: 8060C570
 ZwAllocateVirtualMemory: 8059DF80
 ZwAreMappedFilesTheSame: 805A5BDA
 ZwAssignProcessToJobObject: 805CCB32
 ZwCallbackReturn: 804FF850
 ZwCancelDeviceWakeupRequest: 805BE6AE
 ZwCancelIoFile: 8056BE48
 ZwCancelTimer: 8053510E
 ZwClearEvent: 80605C08
 ZwClose: 805B1E24
 ZwCloseObjectAuditAlarm: 805EB534
 ZwCompactKeys: 8061A986
 ZwCompareTokens: 805EFA48
 ZwCompleteConnectPort: 8059A1F8
 ZwCompressKey: 8061ABDA
 ZwConnectPort: 80599AAA
 ZwContinue: 80540F18
 ZwCreateDebugObject: 80639754
 ZwCreateDirectoryObject: 805B3E58
 ZwCreateEvent: 80605C58
 ZwCreateEventPair: 8060DEEC
 ZwCreateFile: 8056E3EE
 ZwCreateIoCompletion: 8056DDCC
 ZwCreateJobObject: 805CBAF6
 ZwCreateJobSet: 805CB82E
 ZwCreateKey: 8061ADB6
 ZwCreateMailslotFile: 8056E4FC
 ZwCreateMutant: 8060E2E4
 ZwCreateNamedPipeFile: 8056E428
 ZwCreatePagingFile: 805A0F68
 ZwCreatePort: 8059A5C6
 ZwCreateProcess: 805C7626
 ZwCreateProcessEx: 805C7570
 ZwCreateProfile: 8060E704
 ZwCreateSection: 805A08AC
 ZwCreateSemaphore: 8060BC8E
 ZwCreateSymbolicLinkObject: 805B977E
 ZwCreateThread: 805C740E
 ZwCreateTimer: 8060DBB4
 ZwCreateToken: 805EFDF0
 ZwCreateWaitablePort: 8059A5EA
 ZwDebugActiveProcess: 8063A830
 ZwDebugContinue: 8063A980
 ZwDelayExecution: 8060D5C6
 ZwDeleteAtom: 8060CDE8
 ZwDeleteBootEntry: 805BE6AE
 ZwDeleteFile: 8056BF8E
 ZwDeleteKey: 8061B252
 ZwDeleteObjectAuditAlarm: 805EB640
 ZwDeleteValueKey: 8061B422
 ZwDeviceIoControlFile: 8056E5B4
 ZwDisplayString: 80609C02
 ZwDuplicateObject: 805B3A38
 ZwDuplicateToken: 805E3A48
 ZwEnumerateBootEntries: 8060D676
 ZwEnumerateKey: 8061B602
 ZwEnumerateSystemEnvironmentValuesEx: 8060D668
 ZwEnumerateValueKey: 8061B86C
 ZwExtendSection: 805A9304
 ZwFilterToken: 805E3BF4
 ZwFindAtom: 8060CB9C
 ZwFlushBuffersFile: 8056C05A
 ZwFlushInstructionCache: 805AC022
 ZwFlushKey: 8061BAD6
 ZwFlushVirtualMemory: 805A1C92
 ZwFlushWriteBuffer: 805ABFC4
 ZwFreeUserPhysicalPages: 805ABB34
 ZwFreeVirtualMemory: 805A85DA
 ZwFsControlFile: 8056E5E8
 ZwGetContextThread: 805C8E56
 ZwGetDevicePowerState: 805BE6D0
 ZwGetPlugPlayEvent: 8058E714
 ZwGetWriteWatch: 8051D9E2
 ZwImpersonateAnonymousToken: 805EF73C
 ZwImpersonateClientOfPort: 8059A654
 ZwImpersonateThread: 805CDCCA
 ZwInitializeRegistry: 80618EF8
 ZwInitiatePowerAction: 805BE4A8
 ZwIsProcessInJob: 805CB6F2
 ZwIsSystemResumeAutomatic: 805BE6BC
 ZwListenPort: 8059A860
 ZwLoadDriver: 80579714
 ZwLoadKey: 8061CFDA
 ZwLoadKey2: 8061CBE6
 ZwLockFile: 8056E61C
 ZwLockProductActivationKeys: 8060A164
 ZwLockRegistryKey: 8061AC86
 ZwLockVirtualMemory: 805AC12A
 ZwMakePermanentObject: 805B52D8
 ZwMakeTemporaryObject: 805B1EC8
 ZwMapUserPhysicalPages: 805AAA8C
 ZwMapUserPhysicalPagesScatter: 805AB064
 ZwMapViewOfSection: 805A765A
 ZwModifyBootEntry: 805BE6AE
 ZwNotifyChangeDirectoryFile: 8056F24C
 ZwNotifyChangeKey: 8061CFA4
 ZwNotifyChangeMultipleKeys: 8061BBD8
 ZwOpenDirectoryObject: 805B3F2A
 ZwOpenEvent: 80605D58
 ZwOpenEventPair: 8060DFC4
 ZwOpenFile: 8056F50C
 ZwOpenIoCompletion: 8056DEA4
 ZwOpenJobObject: 805CBC7C
 ZwOpenKey: 8061C194
 ZwOpenMutant: 8060E3BC
 ZwOpenObjectAuditAlarm: 805EB102
 ZwOpenProcess: 805C1492
 ZwOpenProcessToken: 805E43E2
 ZwOpenProcessTokenEx: 805E4046
 ZwOpenSection: 8059F8E2
 ZwOpenSemaphore: 8060BD88
 ZwOpenSymbolicLinkObject: 805B9964
 ZwOpenThread: 805C171E
 ZwOpenThreadToken: 805E4400
 ZwOpenThreadTokenEx: 805E41B6
 ZwOpenTimer: 8060DCD6
 ZwPlugPlayControl: 8063CA22
 ZwPowerInformation: 805BF53E
 ZwPrivilegeCheck: 805EE7EE
 ZwPrivilegeObjectAuditAlarm: 805EA414
 ZwPrivilegedServiceAuditAlarm: 805EA600
 ZwProtectVirtualMemory: 805ADBF2
 ZwPulseEvent: 80605E10
 ZwQueryAttributesFile: 8056C240
 ZwQueryBootEntryOrder: 8060D676
 ZwQueryBootOptions: 8060D676
 ZwQueryDebugFilterState: 8053C12E
 ZwQueryDefaultLocale: 8060799C
 ZwQueryDefaultUILanguage: 806085FC
 ZwQueryDirectoryFile: 8056F1E6
 ZwQueryDirectoryObject: 805B3FCA
 ZwQueryEaFile: 8056F53C
 ZwQueryEvent: 80605ED8
 ZwQueryFullAttributesFile: 8056C394
 ZwQueryInformationAtom: 8060CE10
 ZwQueryInformationFile: 8056FDB8
 ZwQueryInformationJobObject: 805CC14E
 ZwQueryInformationPort: 8059A8BE
 ZwQueryInformationProcess: 805C2DF8
 ZwQueryInformationThread: 805C19C4
 ZwQueryInformationToken: 805E44E0
 ZwQueryInstallUILanguage: 80607D9A
 ZwQueryIntervalProfile: 8060EB86
 ZwQueryIoCompletion: 8056DF4C
 ZwQueryKey: 8061C4D6
 ZwQueryMultipleValueKey: 80619F04
 ZwQueryMutant: 8060E464
 ZwQueryObject: 805BB236
 ZwQueryOpenSubKeys: 8061A5B0
 ZwQueryPerformanceCounter: 8060EC14
 ZwQueryQuotaInformationFile: 80570C64
 ZwQuerySection: 805ADDB4
 ZwQuerySecurityObject: 805B5C00
 ZwQuerySemaphore: 8060BE40
 ZwQuerySymbolicLinkObject: 805B9A04
 ZwQuerySystemEnvironmentValue: 8060D692
 ZwQuerySystemEnvironmentValueEx: 8060D65A
 ZwQuerySystemInformation: 8060867C
 ZwQuerySystemTime: 8060A518
 ZwQueryTimer: 8060DD8E
 ZwQueryTimerResolution: 80609DD0
 ZwQueryValueKey: 80618FDA
 ZwQueryVirtualMemory: 805AE43A
 ZwQueryVolumeInformationFile: 80571154
 ZwQueueApcThread: 805C8BA2
 ZwRaiseException: 80540F60
 ZwRaiseHardError: 8060BAB2
 ZwReadFile: 8057191C
 ZwReadFileScatter: 80571EAA
 ZwReadRequestData: 8059B346
 ZwReadVirtualMemory: 805A98F0
 ZwRegisterThreadTerminatePort: 805C84D0
 ZwReleaseMutant: 8060E59C
 ZwReleaseSemaphore: 8060BF70
 ZwRemoveIoCompletion: 8056E244
 ZwRemoveProcessDebug: 8063A900
 ZwRenameKey: 8061A7D8
 ZwReplaceKey: 8061CE8A
 ZwReplyPort: 8059A9C6
 ZwReplyWaitReceivePort: 8059B98E
 ZwReplyWaitReceivePortEx: 8059B396
 ZwReplyWaitReplyPort: 8059ACB0
 ZwRequestDeviceWakeup: 805BE640
 ZwRequestPort: 80597F24
 ZwRequestWaitReplyPort: 80598250
 ZwRequestWakeupLatency: 805BE44E
 ZwResetEvent: 80605FEA
 ZwResetWriteWatch: 8051DEC2
 ZwRestoreKey: 8061C796
 ZwResumeProcess: 805CAFAE
 ZwResumeThread: 805CAE90
 ZwSaveKey: 8061C892
 ZwSaveKeyEx: 8061C978
 ZwSaveMergedKeys: 8061CAA0
 ZwSecureConnectPort: 8059923E
 ZwSetBootEntryOrder: 8060D676
 ZwSetBootOptions: 8060D676
 ZwSetContextThread: 805C9066
 ZwSetDebugFilterState: 8063D5B8
 ZwSetDefaultHardErrorPort: 8060B95C
 ZwSetDefaultLocale: 80607AEC
 ZwSetDefaultUILanguage: 8060835E
 ZwSetEaFile: 8056FA58
 ZwSetEvent: 806060AA
 ZwSetEventBoostPriority: 80606174
 ZwSetHighEventPair: 8060E280
 ZwSetHighWaitLowEventPair: 8060E1B0
 ZwSetInformationDebugObject: 8063A2CA
 ZwSetInformationFile: 805703F6
 ZwSetInformationJobObject: 805CCE5E
 ZwSetInformationKey: 80619AD0
 ZwSetInformationObject: 805BA67A
 ZwSetInformationProcess: 805C3F50
 ZwSetInformationThread: 805C1F10
 ZwSetInformationToken: 805F0B6A
 ZwSetIntervalProfile: 8060E6E8
 ZwSetIoCompletion: 8056E1E2
 ZwSetLdtEntries: 805C9DDA
 ZwSetLowEventPair: 8060E21C
 ZwSetLowWaitHighEventPair: 8060E144
 ZwSetQuotaInformationFile: 80570C42
 ZwSetSecurityObject: 805B61AA
 ZwSetSystemEnvironmentValue: 8060D916
 ZwSetSystemEnvironmentValueEx: 8060D65A
 ZwSetSystemInformation: 806069AA
 ZwSetSystemPowerState: 80649B56
 ZwSetSystemTime: 8060B0D8
 ZwSetThreadExecutionState: 805BE362
 ZwSetTimer: 8053524A
 ZwSetTimerResolution: 8060A5AA
 ZwSetUuidSeed: 8060C426
 ZwSetValueKey: 80619328
 ZwSetVolumeInformationFile: 80571578
 ZwShutdownSystem: 80609BC6
 ZwSignalAndWaitForSingleObject: 80522C90
 ZwStartProfile: 8060E932
 ZwStopProfile: 8060EADC
 ZwSuspendProcess: 805CAF58
 ZwSuspendThread: 805CADCA
 ZwSystemDebugControl: 8060ED00
 ZwTerminateJobObject: 805CD9C8
 ZwTerminateProcess: A9BCA6B0
SDT entry 101 (ZwTerminateProcess) hooked A9BCA6B0 \SystemRoot\system32\DRIVERS\PSINProc.sys!
 ZwTerminateThread: 805C8914
 ZwTestAlert: 805CB118
 ZwTraceEvent: 80531916
 ZwTranslateFilePath: 8060D684
 ZwUnloadDriver: 805798A8
 ZwUnloadKey: 80619652
 ZwUnloadKeyEx: 80619874
 ZwUnlockFile: 8056E9C8
 ZwUnlockVirtualMemory: 805AC6B8
 ZwUnmapViewOfSection: 805A8470
 ZwVdmControl: 805F1F22
 ZwWaitForDebugEvent: 8063A032
 ZwWaitForMultipleObjects: 805B6360
 ZwWaitForSingleObject: 805B6276
 ZwWaitHighEventPair: 8060E0E0
 ZwWaitLowEventPair: 8060E07C
 ZwWriteFile: 805723BA
 ZwWriteFileGather: 805729CA
 ZwWriteRequestData: 8059B36E
 ZwWriteVirtualMemory: 805A99FA
 ZwYieldExecution: 8050226C
 ZwCreateKeyedEvent: 8060F158
 ZwOpenKeyedEvent: 8060F242
 ZwReleaseKeyedEvent: 8060F2F4
 ZwWaitForKeyedEvent: 8060F580
 ZwQueryPortInformationProcess: 805C1994

Threads with impersonation tokens:
 ProcessID 74C (C:\WINDOWS\system32\svchost.exe) ThreadID 348 token E2DDEAA0 ImpersonationLevel 2
 ProcessID 74C (C:\WINDOWS\system32\svchost.exe) ThreadID 394 token E2E00640 ImpersonationLevel 2

KPRCB worker routines:
 IdleFunction: 80524C3A \WINDOWS\system32\ntkrnlpa.exe

Scheduler: 157 threads
 Readed 157 threads, total 157
 Thread 82BCA5B0 ProcID 4 ThreadID 8 Priority 0
 Thread 81F9EDA0 ProcID 2C4 ThreadID B98 Priority 1 Win32Thread E19FD6D0
 Thread 81CE6D08 ProcID 2C4 ThreadID B94 Priority 2 Win32Thread E333E350
 Thread 81E604E8 ProcID 250 ThreadID 454 Priority 8
 Thread 81E6A598 ProcID 964 ThreadID FF0 Priority 8
 Thread 81F3D020 ProcID 6E0 ThreadID 924 Waiting
 Thread FF4CF370 ProcID 94 ThreadID AF8 Win32Thread E4808300 Waiting
 Thread FD50EB60 ProcID 74C ThreadID DC Waiting
 Thread 81DCC260 ProcID 3F4 ThreadID 50C Win32Thread E33FFB00 Waiting
 Thread 8203D600 ProcID 74C ThreadID 86C Waiting
 Thread FD47C3D0 ProcID 964 ThreadID F5C Waiting
 Thread 81CA5360 ProcID 74C ThreadID F74 Waiting
 Thread FF683DA0 ProcID 94 ThreadID 558 Waiting
 Thread FD515020 ProcID 358 ThreadID B64 Waiting
 Thread FF5F2020 ProcID 94 ThreadID 2DC Waiting
 Thread 82442928 ProcID 94 ThreadID A28 Win32Thread E136C740 Waiting
 Thread 81FA2848 ProcID 74C ThreadID 348 Waiting
 Thread 821FEDA0 ProcID 74C ThreadID 394 Waiting
 Thread 81C2E510 ProcID 74C ThreadID C10 Win32Thread E2D7C9E0 Waiting
 Thread 82003568 ProcID 5DC ThreadID 6B0 Waiting
 Thread 81F21020 ProcID F4 ThreadID A94 Waiting
 Thread 81C40B20 ProcID F4 ThreadID BAC Waiting
 Thread FF91E258 ProcID 38C ThreadID 770 Win32Thread E1433368 Waiting
 Thread 81C6DDA0 ProcID 964 ThreadID F6C Waiting
 Thread 820DA640 ProcID 964 ThreadID FF4 Waiting
 Thread 81C3A350 ProcID 9A8 ThreadID 874 Waiting
 Thread 81CEF7A8 ProcID 9A8 ThreadID 808 Waiting
 Thread 81D32DA0 ProcID 964 ThreadID 878 Waiting
 Thread 81C2F5D0 ProcID 9A8 ThreadID 310 Waiting
 Thread 81C2EDA0 ProcID 9A8 ThreadID 804 Win32Thread E34EE508 Waiting
 Thread 81C2B978 ProcID 964 ThreadID 870 Waiting
 Thread FEFB4020 ProcID 250 ThreadID 284 Win32Thread E1367008 Waiting
 Thread 81D496C0 ProcID 964 ThreadID A14 Waiting
 Thread 81D47DA0 ProcID 964 ThreadID A20 Waiting
 Thread 81D49440 ProcID 964 ThreadID A18 Waiting
 Thread 81F84B90 ProcID 250 ThreadID 254 Win32Thread E3131828 Waiting
 Thread 82314020 ProcID 608 ThreadID 688 Waiting
 Thread FF65D7D0 ProcID 6E0 ThreadID 248 Waiting
 Thread FD52CCA0 ProcID 724 ThreadID 3E0 Waiting
 Thread FD4DA820 ProcID A6C ThreadID D0 Waiting
 Thread FAAF9DA0 ProcID A6C ThreadID 5B0 Waiting
 Thread 82BC98A0 ProcID 4 ThreadID 18 Waiting
 Thread 82BC9DA0 ProcID 4 ThreadID 10 Waiting
 Thread 82BC93A0 ProcID 4 ThreadID 20 Waiting
 Thread 82BC88A0 ProcID 4 ThreadID 30 Waiting
 Thread 8223D020 ProcID 74C ThreadID 944 Waiting
 Thread 81D48818 ProcID 9A8 ThreadID A58 Win32Thread E3428868 Waiting
 Thread 81E4F6F8 ProcID 964 ThreadID 290 Win32Thread E2D9DCA0 Waiting
 Thread FFA202A8 ProcID 358 ThreadID 8B4 Win32Thread E119A708 Waiting
 Thread FF5F7688 ProcID 9A8 ThreadID A34 Win32Thread E32B32A8 Waiting
 Thread FD527C88 ProcID 358 ThreadID AEC Waiting
 Thread FD53ADA0 ProcID 9A8 ThreadID 8C8 Win32Thread E3632170 Waiting
 Thread FF267DA0 ProcID 358 ThreadID 8CC Win32Thread E15602F8 Waiting
 Thread FABBE498 ProcID 9A8 ThreadID 2CC Win32Thread E2F70AA0 Waiting
 Thread FF63E390 ProcID 358 ThreadID 678 Win32Thread E3599808 Waiting
 Thread 81D1EC08 ProcID 964 ThreadID B50 Waiting
 Thread 81C7E3A0 ProcID 964 ThreadID F64 Waiting
 Thread FFB8B020 ProcID 358 ThreadID ACC Waiting
 Thread FD3BD2C0 ProcID 358 ThreadID 204 Win32Thread E304FCE8 Waiting
 Thread 82119A18 ProcID 5DC ThreadID 5E0 Win32Thread E2321440 Waiting
 Thread 82044950 ProcID 358 ThreadID 380 Win32Thread E2E00EB0 Waiting
 Thread 8209D1B0 ProcID 74C ThreadID 758 Waiting
 Thread 820A3CC8 ProcID 74C ThreadID 3AC Win32Thread E2FBCA30 Waiting
 Thread FF5482E8 ProcID C0 ThreadID 3D8 Waiting
 Thread FED54A78 ProcID C0 ThreadID F48 Waiting
 Thread FF112160 ProcID 724 ThreadID 6A4 Waiting
 Thread 81FF0640 ProcID 724 ThreadID 744 Waiting
 Thread FFBD3020 ProcID 724 ThreadID 4CC Waiting
 Thread FD51C968 ProcID 868 ThreadID B1C Win32Thread E303CEB0 Waiting
 Thread 81CB4B30 ProcID 8B0 ThreadID CCC Waiting
 Thread 81E5E020 ProcID 798 ThreadID 474 Win32Thread E2DD9668 Waiting
 Thread 81E99B20 ProcID 2D4 ThreadID 2E4 Win32Thread E3029EB0 Waiting
 Thread FE9688C0 ProcID C0 ThreadID 528 Waiting
 Thread FF7611E0 ProcID 964 ThreadID 31C Waiting
 Thread 81C49568 ProcID 9A8 ThreadID 694 Waiting
 Thread 81C41620 ProcID 798 ThreadID 75C Waiting
 Thread 81C6C3A0 ProcID 964 ThreadID F98 Waiting
 Thread 81C6B3A0 ProcID 964 ThreadID FB0 Waiting
 Thread 81C6BB20 ProcID 964 ThreadID FA4 Waiting
 Thread 81C6B8A0 ProcID 964 ThreadID FA8 Waiting
 Thread 81C6B020 ProcID 964 ThreadID F9C Waiting
 Thread 81C6A020 ProcID 964 ThreadID FB4 Waiting
 Thread 81C6BDA0 ProcID 964 ThreadID FA0 Waiting
 Thread 81C34020 ProcID 964 ThreadID 4F8 Waiting
 Thread 81C2FDA0 ProcID 964 ThreadID FD8 Waiting
 Thread 81C2F160 ProcID 964 ThreadID 6E8 Waiting
 Thread FF7D72B8 ProcID 964 ThreadID 828 Waiting
 Thread 81C6B620 ProcID 964 ThreadID FAC Waiting
 Thread 81C428A0 ProcID 964 ThreadID A30 Waiting
 Thread 8223C458 ProcID 608 ThreadID FC4 Waiting
 Thread 81DCADA0 ProcID 468 ThreadID 544 Win32Thread E330ABB8 Waiting
 Thread 81DCA020 ProcID 468 ThreadID 524 Win32Thread E330A980 Waiting
 Thread 81F90440 ProcID 790 ThreadID 784 Win32Thread E307C950 Waiting
 Thread FD477300 ProcID 250 ThreadID 330 Win32Thread E2F73370 Waiting
 Thread 82BC8B20 ProcID 4 ThreadID 2C Waiting
 Thread 81C48020 ProcID 608 ThreadID 918 Waiting
 Thread 82BC8020 ProcID 4 ThreadID 24 Waiting
 Thread 821D1358 ProcID 358 ThreadID 4E0 Win32Thread E2F605F8 Waiting
 Thread 82BC78A0 ProcID 4 ThreadID 48 Waiting
 Thread 82BC7620 ProcID 4 ThreadID 4C Waiting
 Thread 81EF8020 ProcID 608 ThreadID 5B4 Waiting
 Thread 82317020 ProcID 614 ThreadID 658 Win32Thread E2F6DEB0 Waiting
 Thread FD31E080 ProcID 614 ThreadID 32C Waiting
 Thread 8205A468 ProcID 964 ThreadID BFC Waiting
 Thread 81E798B0 ProcID 5C4 ThreadID A44 Win32Thread E2FF0D28 Waiting
 Thread FFBDA020 ProcID 964 ThreadID 9C4 Waiting
 Thread 81C6ADA0 ProcID 964 ThreadID FC0 Waiting
 Thread 821FE8A0 ProcID 5C4 ThreadID 39C Win32Thread E2436938 Waiting
 Thread FF931020 ProcID 74C ThreadID 88C Win32Thread E1356DF8 Waiting
 Thread 81CB02A8 ProcID CA8 ThreadID CAC Win32Thread E2F77B78 Waiting
 Thread 81FB06E8 ProcID 990 ThreadID 164 Win32Thread E2F5BB00 Waiting
 Thread 81F4FDA0 ProcID 790 ThreadID 14C Win32Thread E307CE20 Waiting
 Thread 81C40020 ProcID 964 ThreadID 428 Waiting
 Thread 81C6CDA0 ProcID 74C ThreadID F80 Waiting
 Thread 82396578 ProcID 5C4 ThreadID 5E4 Win32Thread E246ED20 Waiting
 Thread 81C42DA0 ProcID 964 ThreadID 124 Waiting
 Thread 81F59020 ProcID 798 ThreadID 79C Win32Thread E30E3A50 Waiting
 Thread 821E4020 ProcID 358 ThreadID 764 Win32Thread E2F52EB0 Waiting
 Thread FD476C40 ProcID 964 ThreadID C48 Waiting
 Thread 81D254E0 ProcID 964 ThreadID B0C Waiting
 Thread 81F81588 ProcID 2B0 ThreadID 2B4 Win32Thread E31252E8 Waiting
 Thread 81F1D528 ProcID 3F4 ThreadID 970 Waiting
 Thread 81F1ABC0 ProcID 3F4 ThreadID 960 Waiting
 Thread 81ECCDA0 ProcID 3F4 ThreadID 94C Waiting
 Thread 82045478 ProcID 614 ThreadID 9FC Waiting
 Thread 82124578 ProcID 5C4 ThreadID 5D4 Win32Thread E197EB28 Waiting
 Thread FD54D020 ProcID 520 ThreadID 53C Waiting
 Thread 81F6DD00 ProcID 5C4 ThreadID C2C Win32Thread E3511B00 Waiting
 Thread 81C2B508 ProcID 964 ThreadID 390 Waiting
 Thread FF7C5950 ProcID 38C ThreadID B48 Waiting
 Thread FF809C68 ProcID 38C ThreadID 668 Waiting
 Thread 821D1B38 ProcID 964 ThreadID BD8 Win32Thread E2471AC0 Waiting
 Thread 81C6EB20 ProcID CA8 ThreadID F30 Waiting
 Thread 81C6E8A0 ProcID CA8 ThreadID F34 Waiting
 Thread 81D28BE0 ProcID 8B0 ThreadID CC4 Waiting
 Thread 81D28730 ProcID 8B0 ThreadID CC8 Waiting
 Thread FD53BDA0 ProcID 358 ThreadID AAC Win32Thread E3090738 Waiting
 Thread 81C24CA0 ProcID 5C4 ThreadID 168 Win32Thread E127FD18 Waiting
 Thread 829B4B60 ProcID 4 ThreadID 114 Waiting
 Thread 81F90BD8 ProcID 7C8 ThreadID 7D0 Win32Thread E306D430 Waiting
 Thread FF7C56D0 ProcID 38C ThreadID 89C Win32Thread E1262850 Waiting
 Thread FF8099E8 ProcID 38C ThreadID 594 Win32Thread E140A4F8 Waiting
 Thread FF7E4658 ProcID 38C ThreadID FE0 Win32Thread E2F57AA8 Waiting
 Thread FFA30DA0 ProcID 38C ThreadID 654 Win32Thread E2DBF118 Waiting
 Thread FF7D61D0 ProcID 38C ThreadID B70 Win32Thread E1447AD0 Waiting
 Thread 82105DA0 ProcID 608 ThreadID 624 Waiting
 Thread 82BC7020 ProcID 4 ThreadID 3C Waiting
 Thread 81F48020 ProcID 2C4 ThreadID 298 Win32Thread E30ABA60 Waiting
 Thread 82326020 ProcID 5C4 ThreadID 5EC Win32Thread E23E12D0 Waiting
 Thread FF5C7508 ProcID 94 ThreadID 83C Win32Thread E3D9A898 Waiting
 Thread FF63D020 ProcID 94 ThreadID C3C Win32Thread E1456C40 Waiting
 Thread 82BC9B20 ProcID 4 ThreadID 14 Waiting
 Thread 82113600 ProcID 5C4 ThreadID 5D0 Win32Thread E309D550 Waiting
 Thread 81EA4020 ProcID 790 ThreadID 208 Win32Thread E309DEB0 Waiting
 Thread 821E9B20 ProcID 358 ThreadID 4A0 Win32Thread E2EACA00 Waiting
 Thread 81F5A020 ProcID 790 ThreadID 794 Win32Thread E3013D78 Waiting
 Thread 805528C0 ProcID 0 ThreadID 0 Idle
Int0: selector 8 type E DPL 0 addr 8053E29C
Int1: selector 8 type E DPL 0 addr 8053E414
Int2: selector 58 type TASK DPL 0 base 8054A0E8 limit 68
Int3: selector 8 type E DPL 3 addr 8053E7E4
Int4: selector 8 type E DPL 3 addr 8053E964
Int5: selector 8 type E DPL 0 addr 8053EAC0
Int6: selector 8 type E DPL 0 addr 8053EC34
Int7: selector 8 type E DPL 0 addr 8053F29C
Int8: selector 50 type TASK DPL 0 base 8054A080 limit 68
Int9: selector 8 type E DPL 0 addr 8053F6C0
IntA: selector 8 type E DPL 0 addr 8053F7E0
IntB: selector 8 type E DPL 0 addr 8053F920
IntC: selector 8 type E DPL 0 addr 8053FB7C
IntD: selector 8 type E DPL 0 addr 8053FE60
IntE: selector 8 type E DPL 0 addr 80540568
IntF: selector 8 type E DPL 0 addr 80540898
Int10: selector 8 type E DPL 0 addr 805409B8
Int11: selector 8 type E DPL 0 addr 80540AF0
Int12: selector A0 type TASK DPL 0 base 82BC2308 limit 68
Int13: selector 8 type E DPL 0 addr 80540C58
Int14: selector 8 type E DPL 0 addr 80540898
Int15: selector 8 type E DPL 0 addr 80540898
Int16: selector 8 type E DPL 0 addr 80540898
Int17: selector 8 type E DPL 0 addr 80540898
Int18: selector 8 type E DPL 0 addr 80540898
Int19: selector 8 type E DPL 0 addr 80540898
Int1A: selector 8 type E DPL 0 addr 80540898
Int1B: selector 8 type E DPL 0 addr 80540898
Int1C: selector 8 type E DPL 0 addr 80540898
Int1D: selector 8 type E DPL 0 addr 80540898
Int1E: selector 8 type E DPL 0 addr 80540898
Int1F: selector 8 type E DPL 0 addr 806D2FD0
Int20: selector 8 type 0 DPL 0 addr 00000000
Int21: selector 8 type 0 DPL 0 addr 00000000
Int22: selector 8 type 0 DPL 0 addr 00000000
Int23: selector 8 type 0 DPL 0 addr 00000000
Int24: selector 8 type 0 DPL 0 addr 00000000
Int25: selector 8 type 0 DPL 0 addr 00000000
Int26: selector 8 type 0 DPL 0 addr 00000000
Int27: selector 8 type 0 DPL 0 addr 00000000
Int28: selector 8 type 0 DPL 0 addr 00000000
Int29: selector 8 type 0 DPL 0 addr 00000000
Int2A: selector 8 type E DPL 3 addr 8053DADE
Int2B: selector 8 type E DPL 3 addr 8053DBE0
Int2C: selector 8 type E DPL 3 addr 8053DD80
Int2D: selector 8 type E DPL 3 addr 8053E6C0
Int2E: selector 8 type E DPL 3 addr 8053D581
Int2F: selector 8 type E DPL 0 addr 80540898
Int30: selector 8 type E DPL 0 addr 8053CC40
Int31: selector 8 type E DPL 0 addr 8053CC4A
Int32: selector 8 type E DPL 0 addr 8053CC54
Int33: selector 8 type E DPL 0 addr 8053CC5E
Int34: selector 8 type E DPL 0 addr 8053CC68
Int35: selector 8 type E DPL 0 addr 8053CC72
Int36: selector 8 type E DPL 0 addr 8053CC7C
Int37: selector 8 type E DPL 0 addr 806D2728
Int38: selector 8 type E DPL 0 addr 8053CC90
Int39: selector 8 type E DPL 0 addr 8053CC9A
Int3A: selector 8 type E DPL 0 addr 8053CCA4
Int3B: selector 8 type E DPL 0 addr 8053CCAE
Int3C: selector 8 type E DPL 0 addr 8053CCB8
Int3D: selector 8 type E DPL 0 addr 806D3B70
Int3E: selector 8 type E DPL 0 addr 8053CCCC
Int3F: selector 8 type E DPL 0 addr 8053CCD6
Int40: selector 8 type E DPL 0 addr 8053CCE0
Int41: selector 8 type E DPL 0 addr 806D39CC
Int42: selector 8 type E DPL 0 addr 8053CCF4
Int43: selector 8 type E DPL 0 addr 8053CCFE
Int44: selector 8 type E DPL 0 addr 8053CD08
Int45: selector 8 type E DPL 0 addr 8053CD12
Int46: selector 8 type E DPL 0 addr 8053CD1C
Int47: selector 8 type E DPL 0 addr 8053CD26
Int48: selector 8 type E DPL 0 addr 8053CD30
Int49: selector 8 type E DPL 0 addr 8053CD3A
Int4A: selector 8 type E DPL 0 addr 8053CD44
Int4B: selector 8 type E DPL 0 addr 8053CD4E
Int4C: selector 8 type E DPL 0 addr 8053CD58
Int4D: selector 8 type E DPL 0 addr 8053CD62
Int4E: selector 8 type E DPL 0 addr 8053CD6C
Int4F: selector 8 type E DPL 0 addr 8053CD76
Int50: selector 8 type E DPL 0 addr 806D2800
Int51: selector 8 type E DPL 0 addr 8053CD8A
Int52: selector 8 type E DPL 0 addr 8053CD94
Int53: selector 8 type E DPL 0 addr 8053CD9E
Int54: selector 8 type E DPL 0 addr 8053CDA8
Int55: selector 8 type E DPL 0 addr 8053CDB2
Int56: selector 8 type E DPL 0 addr 8053CDBC
Int57: selector 8 type E DPL 0 addr 8053CDC6
Int58: selector 8 type E DPL 0 addr 8053CDD0
Int59: selector 8 type E DPL 0 addr 8053CDDA
Int5A: selector 8 type E DPL 0 addr 8053CDE4
Int5B: selector 8 type E DPL 0 addr 8053CDEE
Int5C: selector 8 type E DPL 0 addr 8053CDF8
Int5D: selector 8 type E DPL 0 addr 8053CE02
Int5E: selector 8 type E DPL 0 addr 8053CE0C
Int5F: selector 8 type E DPL 0 addr 8053CE16
Int60: selector 8 type E DPL 0 addr 8053CE20
Int61: selector 8 type E DPL 0 addr 8053CE2A
Int62: selector 8 type E DPL 0 addr 82BCD044
Int63: selector 8 type E DPL 0 addr 827EB8E4
Int64: selector 8 type E DPL 0 addr 8053CE48
Int65: selector 8 type E DPL 0 addr 8053CE52
Int66: selector 8 type E DPL 0 addr 8053CE5C
Int67: selector 8 type E DPL 0 addr 8053CE66
Int68: selector 8 type E DPL 0 addr 8053CE70
Int69: selector 8 type E DPL 0 addr 8053CE7A
Int6A: selector 8 type E DPL 0 addr 8053CE84
Int6B: selector 8 type E DPL 0 addr 8053CE8E
Int6C: selector 8 type E DPL 0 addr 8053CE98
Int6D: selector 8 type E DPL 0 addr 8053CEA2
Int6E: selector 8 type E DPL 0 addr 8053CEAC
Int6F: selector 8 type E DPL 0 addr 8053CEB6
Int70: selector 8 type E DPL 0 addr 8053CEC0
Int71: selector 8 type E DPL 0 addr 8053CECA
Int72: selector 8 type E DPL 0 addr 8053CED4
Int73: selector 8 type E DPL 0 addr 82B482E4
Int74: selector 8 type E DPL 0 addr 8053CEE8
Int75: selector 8 type E DPL 0 addr 8053CEF2
Int76: selector 8 type E DPL 0 addr 8053CEFC
Int77: selector 8 type E DPL 0 addr 8053CF06
Int78: selector 8 type E DPL 0 addr 8053CF10
Int79: selector 8 type E DPL 0 addr 8053CF1A
Int7A: selector 8 type E DPL 0 addr 8053CF24
Int7B: selector 8 type E DPL 0 addr 8053CF2E
Int7C: selector 8 type E DPL 0 addr 8053CF38
Int7D: selector 8 type E DPL 0 addr 8053CF42
Int7E: selector 8 type E DPL 0 addr 8053CF4C
Int7F: selector 8 type E DPL 0 addr 8053CF56
Int80: selector 8 type E DPL 0 addr 8053CF60
Int81: selector 8 type E DPL 0 addr 8053CF6A
Int82: selector 8 type E DPL 0 addr 82BCD8FC
Int83: selector 8 type E DPL 0 addr 829A2DD4
Int84: selector 8 type E DPL 0 addr 827E9994
Int85: selector 8 type E DPL 0 addr 8053CF92
Int86: selector 8 type E DPL 0 addr 8053CF9C
Int87: selector 8 type E DPL 0 addr 8053CFA6
Int88: selector 8 type E DPL 0 addr 8053CFB0
Int89: selector 8 type E DPL 0 addr 8053CFBA
Int8A: selector 8 type E DPL 0 addr 8053CFC4
Int8B: selector 8 type E DPL 0 addr 8053CFCE
Int8C: selector 8 type E DPL 0 addr 8053CFD8
Int8D: selector 8 type E DPL 0 addr 8053CFE2
Int8E: selector 8 type E DPL 0 addr 8053CFEC
Int8F: selector 8 type E DPL 0 addr 8053CFF6
Int90: selector 8 type E DPL 0 addr 8053D000
Int91: selector 8 type E DPL 0 addr 8053D00A
Int92: selector 8 type E DPL 0 addr 8053D014
Int93: selector 8 type E DPL 0 addr 829AD42C
Int94: selector 8 type E DPL 0 addr 827F09CC
Int95: selector 8 type E DPL 0 addr 8053D032
Int96: selector 8 type E DPL 0 addr 8053D03C
Int97: selector 8 type E DPL 0 addr 8053D046
Int98: selector 8 type E DPL 0 addr 8053D050
Int99: selector 8 type E DPL 0 addr 8053D05A
Int9A: selector 8 type E DPL 0 addr 8053D064
Int9B: selector 8 type E DPL 0 addr 8053D06E
Int9C: selector 8 type E DPL 0 addr 8053D078
Int9D: selector 8 type E DPL 0 addr 8053D082
Int9E: selector 8 type E DPL 0 addr 8053D08C
Int9F: selector 8 type E DPL 0 addr 8053D096
IntA0: selector 8 type E DPL 0 addr 8053D0A0
IntA1: selector 8 type E DPL 0 addr 8053D0AA
IntA2: selector 8 type E DPL 0 addr 8053D0B4
IntA3: selector 8 type E DPL 0 addr 829AD69C
IntA4: selector 8 type E DPL 0 addr 829A2B64
IntA5: selector 8 type E DPL 0 addr 8053D0D2
IntA6: selector 8 type E DPL 0 addr 8053D0DC
IntA7: selector 8 type E DPL 0 addr 8053D0E6
IntA8: selector 8 type E DPL 0 addr 8053D0F0
IntA9: selector 8 type E DPL 0 addr 8053D0FA
IntAA: selector 8 type E DPL 0 addr 8053D104
IntAB: selector 8 type E DPL 0 addr 8053D10E
IntAC: selector 8 type E DPL 0 addr 8053D118
IntAD: selector 8 type E DPL 0 addr 8053D122
IntAE: selector 8 type E DPL 0 addr 8053D12C
IntAF: selector 8 type E DPL 0 addr 8053D136
IntB0: selector 8 type E DPL 0 addr 8053D140
IntB1: selector 8 type E DPL 0 addr 82AFCB84
IntB2: selector 8 type E DPL 0 addr 8053D154
IntB3: selector 8 type E DPL 0 addr 8053D15E
IntB4: selector 8 type E DPL 0 addr 827ED9BC
IntB5: selector 8 type E DPL 0 addr 8053D172
IntB6: selector 8 type E DPL 0 addr 8053D17C
IntB7: selector 8 type E DPL 0 addr 8053D186
IntB8: selector 8 type E DPL 0 addr 8053D190
IntB9: selector 8 type E DPL 0 addr 8053D19A
IntBA: selector 8 type E DPL 0 addr 8053D1A4
IntBB: selector 8 type E DPL 0 addr 8053D1AE
IntBC: selector 8 type E DPL 0 addr 8053D1B8
IntBD: selector 8 type E DPL 0 addr 8053D1C2
IntBE: selector 8 type E DPL 0 addr 8053D1CC
IntBF: selector 8 type E DPL 0 addr 8053D1D6
IntC0: selector 8 type E DPL 0 addr 8053D1E0
IntC1: selector 8 type E DPL 0 addr 806D2984
IntC2: selector 8 type E DPL 0 addr 8053D1F4
IntC3: selector 8 type E DPL 0 addr 8053D1FE
IntC4: selector 8 type E DPL 0 addr 8053D208
IntC5: selector 8 type E DPL 0 addr 8053D212
IntC6: selector 8 type E DPL 0 addr 8053D21C
IntC7: selector 8 type E DPL 0 addr 8053D226
IntC8: selector 8 type E DPL 0 addr 8053D230
IntC9: selector 8 type E DPL 0 addr 8053D23A
IntCA: selector 8 type E DPL 0 addr 8053D244
IntCB: selector 8 type E DPL 0 addr 8053D24E
IntCC: selector 8 type E DPL 0 addr 8053D258
IntCD: selector 8 type E DPL 0 addr 8053D262
IntCE: selector 8 type E DPL 0 addr 8053D26C
IntCF: selector 8 type E DPL 0 addr 8053D276
IntD0: selector 8 type E DPL 0 addr 8053D280
IntD1: selector 8 type E DPL 0 addr 806D1D34
IntD2: selector 8 type E DPL 0 addr 8053D294
IntD3: selector 8 type E DPL 0 addr 8053D29E
IntD4: selector 8 type E DPL 0 addr 8053D2A8
IntD5: selector 8 type E DPL 0 addr 8053D2B2
IntD6: selector 8 type E DPL 0 addr 8053D2BC
IntD7: selector 8 type E DPL 0 addr 8053D2C6
IntD8: selector 8 type E DPL 0 addr 8053D2D0
IntD9: selector 8 type E DPL 0 addr 8053D2DA
IntDA: selector 8 type E DPL 0 addr 8053D2E4
IntDB: selector 8 type E DPL 0 addr 8053D2EE
IntDC: selector 8 type E DPL 0 addr 8053D2F8
IntDD: selector 8 type E DPL 0 addr 8053D302
IntDE: selector 8 type E DPL 0 addr 8053D30C
IntDF: selector 8 type E DPL 0 addr 8053D316
IntE0: selector 8 type E DPL 0 addr 8053D320
IntE1: selector 8 type E DPL 0 addr 806D2F0C
IntE2: selector 8 type E DPL 0 addr 8053D334
IntE3: selector 8 type E DPL 0 addr 806D2C70
IntE4: selector 8 type E DPL 0 addr 8053D348
IntE5: selector 8 type E DPL 0 addr 8053D352
IntE6: selector 8 type E DPL 0 addr 8053D35C
IntE7: selector 8 type E DPL 0 addr 8053D366
IntE8: selector 8 type E DPL 0 addr 8053D370
IntE9: selector 8 type E DPL 0 addr 8053D37A
IntEA: selector 8 type E DPL 0 addr 8053D384
IntEB: selector 8 type E DPL 0 addr 8053D38E
IntEC: selector 8 type E DPL 0 addr 8053D398
IntED: selector 8 type E DPL 0 addr 8053D3A2
IntEE: selector 8 type E DPL 0 addr 8053D3A9
IntEF: selector 8 type E DPL 0 addr 8053D3B0
IntF0: selector 8 type E DPL 0 addr 8053D3B7
IntF1: selector 8 type E DPL 0 addr 8053D3BE
IntF2: selector 8 type E DPL 0 addr 8053D3C5
IntF3: selector 8 type E DPL 0 addr 8053D3CC
IntF4: selector 8 type E DPL 0 addr 8053D3D3
IntF5: selector 8 type E DPL 0 addr 8053D3DA
IntF6: selector 8 type E DPL 0 addr 8053D3E1
IntF7: selector 8 type E DPL 0 addr 8053D3E8
IntF8: selector 8 type E DPL 0 addr 8053D3EF
IntF9: selector 8 type E DPL 0 addr 8053D3F6
IntFA: selector 8 type E DPL 0 addr 8053D3FD
IntFB: selector 8 type E DPL 0 addr 8053D404
IntFC: selector 8 type E DPL 0 addr 8053D40B
IntFD: selector 8 type E DPL 0 addr 806D3464
IntFE: selector 8 type E DPL 0 addr 806D3604
IntFF: selector 8 type E DPL 0 addr 8053D420
IDT int62 addr 82BCD044 KINTERRUPT 82BCD008
KInterrupt 62 (82BCD008):
 Size 1E4 type 16
 Flink 82BCD00C
 Blink 82BCD00C
 ServiceRoutine  F81BD67E atapi.sys
 DispatchAddress 80541620 
IDT int63 addr 827EB8E4 KINTERRUPT 827EB8A8
KInterrupt 63 (827EB8A8):
 Size 1E4 type 16
 Flink 827EB8AC
 Blink 827EB8AC
 ServiceRoutine  F7EB7E94 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 DispatchAddress 80541620 
IDT int73 addr 82B482E4 KINTERRUPT 82B482A8
KInterrupt 73 (82B482A8):
 Size 1E4 type 16
 Flink 829B5824
 Blink 827A4994
 ServiceRoutine  F8216046 pcmcia.sys
 DispatchAddress 80541450 
KInterrupt 73 (829B5820):
 Size 1E4 type 16
 Flink 827A4994
 Blink 82B482AC
 ServiceRoutine  F7EEACD0 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
 DispatchAddress 00000000 
KInterrupt 73 (827A4990):
 Size 1E4 type 16
 Flink 82B482AC
 Blink 829B5824
 ServiceRoutine  F7EB7E94 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 DispatchAddress 00000000 
IDT int82 addr 82BCD8FC KINTERRUPT 82BCD8C0
KInterrupt 82 (82BCD8C0):
 Size 1E4 type 16
 Flink 82BCD8C4
 Blink 82BCD8C4
 ServiceRoutine  F81BD67E atapi.sys
 DispatchAddress 80541620 
IDT int83 addr 829A2DD4 KINTERRUPT 829A2D98
KInterrupt 83 (829A2D98):
 Size 1E4 type 16
 Flink 827DF894
 Blink 827EBD9C
 ServiceRoutine  F852A060 \SystemRoot\system32\DRIVERS\ESD7SK.sys
 DispatchAddress 80541450 
KInterrupt 83 (827DF890):
 Size 1E4 type 16
 Flink 827EEB8C
 Blink 829A2D9C
 ServiceRoutine  F7E03470 \SystemRoot\system32\DRIVERS\ESM7SK.sys
 DispatchAddress 00000000 
KInterrupt 83 (827EEB88):
 Size 1E4 type 16
 Flink 827EBD9C
 Blink 827DF894
 ServiceRoutine  F7E16DB0 \SystemRoot\system32\DRIVERS\sdbus.sys
 DispatchAddress 00000000 
KInterrupt 83 (827EBD98):
 Size 1E4 type 16
 Flink 829A2D9C
 Blink 827EEB8C
 ServiceRoutine  F850A4E0 \SystemRoot\system32\DRIVERS\EMS7SK.sys
 DispatchAddress 00000000 
IDT int84 addr 827E9994 KINTERRUPT 827E9958
KInterrupt 84 (827E9958):
 Size 1E4 type 16
 Flink 827E995C
 Blink 827E995C
 ServiceRoutine  F80CDE10 NDIS.sys
 DispatchAddress 80541620 
IDT int93 addr 829AD42C KINTERRUPT 829AD3F0
KInterrupt 93 (829AD3F0):
 Size 1E4 type 16
 Flink 829AD3F4
 Blink 829AD3F4
 ServiceRoutine  F8535495 \SystemRoot\system32\DRIVERS\i8042prt.sys
 DispatchAddress 80541620 
IDT int94 addr 827F09CC KINTERRUPT 827F0990
KInterrupt 94 (827F0990):
 Size 1E4 type 16
 Flink 827E898C
 Blink 827E898C
 ServiceRoutine  F7EB7E94 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 DispatchAddress 80541450 
KInterrupt 94 (827E8988):
 Size 1E4 type 16
 Flink 827F0994
 Blink 827F0994
 ServiceRoutine  F7EB7E94 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 DispatchAddress 00000000 
IDT intA3 addr 829AD69C KINTERRUPT 829AD660
KInterrupt A3 (829AD660):
 Size 1E4 type 16
 Flink 829AD664
 Blink 829AD664
 ServiceRoutine  F853CC90 \SystemRoot\system32\DRIVERS\i8042prt.sys
 DispatchAddress 80541620 
IDT intA4 addr 829A2B64 KINTERRUPT 829A2B28
KInterrupt A4 (829A2B28):
 Size 1E4 type 16
 Flink 827E58DC
 Blink 827E58DC
 ServiceRoutine  F7EC3DFC \SystemRoot\system32\DRIVERS\HDAudBus.sys
 DispatchAddress 80541450 
KInterrupt A4 (827E58D8):
 Size 1E4 type 16
 Flink 829A2B2C
 Blink 829A2B2C
 ServiceRoutine  F80CDE10 NDIS.sys
 DispatchAddress 00000000 
IDT intB1 addr 82AFCB84 KINTERRUPT 82AFCB48
KInterrupt B1 (82AFCB48):
 Size 1E4 type 16
 Flink 82AFCB4C
 Blink 82AFCB4C
 ServiceRoutine  F835131E ACPI.sys
 DispatchAddress 80541620 
IDT intB4 addr 827ED9BC KINTERRUPT 827ED980
KInterrupt B4 (827ED980):
 Size 1E4 type 16
 Flink 827ED984
 Blink 827ED984
 ServiceRoutine  F7EB7E94 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 DispatchAddress 80541620 
ObType Directory:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      00000000 
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Mutant:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      80535492 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Thread:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      805C7B10 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType FilterCommunicationPort:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       F81AC90A fltMgr.sys
 DeleteProcedure:      F81AC190 fltMgr.sys
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Controller:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      00000000 
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Profile:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      8060E69E \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Event:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      00000000 
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Type:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      805B70E4 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Section:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      8059DEF6 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType EventPair:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      00000000 
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType SymbolicLink:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      805B9758 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       805B941A \WINDOWS\system32\ntkrnlpa.exe
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Desktop:
 DumpProcedure:        00000000 
 OpenProcedure:        8060430A \WINDOWS\system32\ntkrnlpa.exe
 CloseProcedure:       806041E8 \WINDOWS\system32\ntkrnlpa.exe
 DeleteProcedure:      806042C0 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 8060424E \WINDOWS\system32\ntkrnlpa.exe
ObType Timer:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      80534FF8 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType File:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       80578C4C \WINDOWS\system32\ntkrnlpa.exe
 DeleteProcedure:      80578F44 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       80578B7E \WINDOWS\system32\ntkrnlpa.exe
 SecurityProcedure:    80579314 \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   80577C28 \WINDOWS\system32\ntkrnlpa.exe
 OkayToCloseProcedure: 00000000 
ObType WindowStation:
 DumpProcedure:        00000000 
 OpenProcedure:        8060430A \WINDOWS\system32\ntkrnlpa.exe
 CloseProcedure:       806041E8 \WINDOWS\system32\ntkrnlpa.exe
 DeleteProcedure:      806042C0 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       8060437E \WINDOWS\system32\ntkrnlpa.exe
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 8060424E \WINDOWS\system32\ntkrnlpa.exe
ObType Driver:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      80578BD6 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType WmiGuid:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       805FAA80 \WINDOWS\system32\ntkrnlpa.exe
 DeleteProcedure:      805FAADE \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805FAFE0 \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType KeyedEvent:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      00000000 
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Device:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      8057912E \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       80577D90 \WINDOWS\system32\ntkrnlpa.exe
 SecurityProcedure:    80579314 \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Token:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      805EEFC8 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType DebugObject:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       8063A440 \WINDOWS\system32\ntkrnlpa.exe
 DeleteProcedure:      805F7022 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType IoCompletion:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      8056E1A0 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Process:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      805C7988 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Adapter:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      00000000 
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Key:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       8062E8B6 \WINDOWS\system32\ntkrnlpa.exe
 DeleteProcedure:      8062E79C \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       80626654 \WINDOWS\system32\ntkrnlpa.exe
 SecurityProcedure:    8062E600 \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   8062D636 \WINDOWS\system32\ntkrnlpa.exe
 OkayToCloseProcedure: 00000000 
ObType Job:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       805CCDB2 \WINDOWS\system32\ntkrnlpa.exe
 DeleteProcedure:      805CC01C \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType WaitablePort:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       8059BD8A \WINDOWS\system32\ntkrnlpa.exe
 DeleteProcedure:      8059BDC2 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Port:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       8059BD8A \WINDOWS\system32\ntkrnlpa.exe
 DeleteProcedure:      8059BDC2 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Callback:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      805F7022 \WINDOWS\system32\ntkrnlpa.exe
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType FilterConnectionPort:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       F81AC1AA fltMgr.sys
 DeleteProcedure:      F81AC1CA fltMgr.sys
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 
ObType Semaphore:
 DumpProcedure:        00000000 
 OpenProcedure:        00000000 
 CloseProcedure:       00000000 
 DeleteProcedure:      00000000 
 ParseProcedure:       00000000 
 SecurityProcedure:    805EEE4E \WINDOWS\system32\ntkrnlpa.exe
 QueryNameProcedure:   00000000 
 OkayToCloseProcedure: 00000000 

Callbacks:
CB: SetSystemState, total 0:
CB: NdisBindUnbind, total 0:
CB: PowerState, total 8:
  806D76F6 (\WINDOWS\system32\hal.dll)
  F8354568 (ACPI.sys)
  F83497A8 (ACPI.sys)
  F80B614D (NDIS.sys)
  F84EA8F8 (\SystemRoot\system32\DRIVERS\intelppm.sys)
  F893A52E (\SystemRoot\system32\DRIVERS\CmBatt.sys)
  F7EE9642 (\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS)
  AA54A511 (\SystemRoot\system32\drivers\RtkHDAud.sys)
CB: TcpConnectionCallback, total 0:
CB: SetSystemTime, total 0:

bugcheck callbacks - 3:
  F80B95EF (NDIS.sys)
  F80B95EF (NDIS.sys)
  806D87C8 (\WINDOWS\system32\hal.dll)

bugcheck reason callbacks - 6:
  F8971AB8 (\SystemRoot\system32\DRIVERS\mssmbios.sys)
  F8971A70 (\SystemRoot\system32\DRIVERS\mssmbios.sys)
  F8971A28 (\SystemRoot\system32\DRIVERS\mssmbios.sys)
  F7EAB176 (\SystemRoot\system32\DRIVERS\USBPORT.SYS)
  F7EAB0D6 (\SystemRoot\system32\DRIVERS\USBPORT.SYS)
  F7EEA53A (\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS)

Process notifiers:
[0] A9BC7AA8 \SystemRoot\system32\DRIVERS\PSINProc.sys

Thread notifiers:
[0] A9BC8018 \SystemRoot\system32\DRIVERS\PSINProc.sys

FS Change notifiers: 2 (actual 2)
DriverObj 82B46A80 addr F8191876 sr.sys
DriverObj 82B78370 addr F81A84B8 fltMgr.sys

LogonSessionTerminatedRoutines: 1
[0] A9DA32F9 \SystemRoot\system32\DRIVERS\mrxsmb.sys

Callouts (16):
 PspW32ProcessCallout: BF8478CE \SystemRoot\System32\win32k.sys
 PspW32ThreadCallout: BF819BA2 \SystemRoot\System32\win32k.sys
 ExGlobalAtomTableCallout: BF819879 \SystemRoot\System32\win32k.sys
 PopEventCallout: BF8B9316 \SystemRoot\System32\win32k.sys
 PopStateCallout: BF93509D \SystemRoot\System32\win32k.sys
 PspW32JobCallout: BF8990C9 \SystemRoot\System32\win32k.sys
 KeGdiFlushUserBatch: BF80C331 \SystemRoot\System32\win32k.sys
 ExDesktopOpenProcedureCallout: BF84A45D \SystemRoot\System32\win32k.sys
 ExDesktopOkToCloseProcedureCallout: BF84BB82 \SystemRoot\System32\win32k.sys
 ExDesktopCloseProcedureCallout: BF84BBC6 \SystemRoot\System32\win32k.sys
 ExDesktopDeleteProcedureCallout: BF91C0AA \SystemRoot\System32\win32k.sys
 ExWindowStationOkToCloseProcedureCallout: BF84B8BD \SystemRoot\System32\win32k.sys
 ExWindowStationCloseProcedureCallout: BF84B9F1 \SystemRoot\System32\win32k.sys
 ExWindowStationDeleteProcedureCallout: BF91C141 \SystemRoot\System32\win32k.sys
 ExWindowStationParseProcedureCallout: BF84A49E \SystemRoot\System32\win32k.sys
 ExWindowStationOpenProcedureCallout: BF84CB30 \SystemRoot\System32\win32k.sys

115 System Threads
 Thread 82BCA5B0 Tid 00000008 Start 806863A8 N stack F889D000 limit F889A000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC9DA0 Tid 00000010 Start 80534C02 Y stack F88AD000 limit F88AA000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC9B20 Tid 00000014 Start 80534C02 Y stack F88B1000 limit F88AE000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC98A0 Tid 00000018 Start 80534C02 Y stack F88B5000 limit F88B2000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC9620 Tid 0000001C Start 80534C02 Y stack F88B9000 limit F88B6000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC93A0 Tid 00000020 Start 80534C02 Y stack F88BD000 limit F88BA000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC8020 Tid 00000024 Start 80534C02 Y stack F88C1000 limit F88BE000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC8DA0 Tid 00000028 Start 80534C02 Y stack F88C5000 limit F88C2000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC8B20 Tid 0000002C Start 80534C02 Y stack F88C9000 limit F88C6000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC88A0 Tid 00000030 Start 80534C02 Y stack F88CD000 limit F88CA000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC8620 Tid 00000034 Start 80534C02 Y stack F88D1000 limit F88CE000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC83A0 Tid 00000038 Start 80534C02 Y stack F88D5000 limit F88D2000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC7020 Tid 0000003C Start 80534C02 Y stack F88D9000 limit F88D6000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC7DA0 Tid 00000040 Start 80534C02 Y stack F88DD000 limit F88DA000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC7B20 Tid 00000044 Start 80534C02 Y stack F88E1000 limit F88DE000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC78A0 Tid 00000048 Start 80534C02 Y stack F88E5000 limit F88E2000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC7620 Tid 0000004C Start 80534C02 Y stack F88E9000 limit F88E6000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC73A0 Tid 00000050 Start 80534C02 Y stack F88ED000 limit F88EA000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC6020 Tid 00000054 Start 8060B500 N stack F88F1000 limit F88EE000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC5708 Tid 00000058 Start 805095D0 N stack F88F5000 limit F88F2000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC5488 Tid 0000005C Start 80644FEE N stack F88F9000 limit F88F6000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC5208 Tid 00000060 Start 8053C310 N stack F88FD000 limit F88FA000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC2020 Tid 00000064 Start 8053C606 N stack F8901000 limit F88FE000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC2610 Tid 00000068 Start 804ECF2C N stack F8905000 limit F8902000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BC2390 Tid 0000006C Start 804ECF2C N stack F8909000 limit F8906000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82BAECA8 Tid 00000070 Start F8356B10 N stack F890D000 limit F890A000 ACPI.sys
 Thread 82AE9C60 Tid 00000074 Start 8050B968 N stack F8915000 limit F8912000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82B49DA0 Tid 00000078 Start F81DA91E N stack F8919000 limit F8916000 dmio.sys
 Thread 82B77620 Tid 0000007C Start F80BBB85 N stack F891D000 limit F891A000 NDIS.sys
 Thread 82A5A208 Tid 00000084 Start F856B090 N stack F8949000 limit F8946000 \SystemRoot\system32\DRIVERS\redbook.sys
 Thread 82B7E908 Tid 00000098 Start F7CAC54E N stack F8961000 limit F895E000 \SystemRoot\system32\DRIVERS\rdpdr.sys
 Thread 82B7E688 Tid 0000009C Start F7CAC54E N stack F8965000 limit F8962000 \SystemRoot\system32\DRIVERS\rdpdr.sys
 Thread 82B7C020 Tid 000000A0 Start F7CAC54E N stack F8969000 limit F8966000 \SystemRoot\system32\DRIVERS\rdpdr.sys
 Thread 82B7CDA0 Tid 000000A4 Start F7C95DCE N stack F896D000 limit F896A000 \SystemRoot\system32\DRIVERS\rdpdr.sys
 Thread 82B2DCB0 Tid 000000A8 Start F859592D N stack F8077000 limit F8074000 \SystemRoot\system32\DRIVERS\raspptp.sys
 Thread 82B2DA30 Tid 000000AC Start F8596133 N stack F8073000 limit F8070000 \SystemRoot\system32\DRIVERS\raspptp.sys
 Thread 829B4B60 Tid 00000114 Start F7BE27E0 N stack F805B000 limit F8058000 \SystemRoot\system32\drivers\btaudio.sys
 Thread 8298D948 Tid 0000012C Start AA37F0A2 N stack F805F000 limit F805C000 \SystemRoot\system32\drivers\RtkHDAud.sys
 Thread 828533C0 Tid 00000130 Start AA3CB44B N stack F8067000 limit F8064000 \SystemRoot\system32\drivers\RtkHDAud.sys
 Thread 82808DA0 Tid 00000134 Start AA3C6C0E N stack F8063000 limit F8060000 \SystemRoot\system32\drivers\RtkHDAud.sys
 Thread 827DE8B0 Tid 00000138 Start F7EA301E N stack F8925000 limit F8922000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 Thread 827EDDA0 Tid 0000013C Start F7EA301E N stack F7F25000 limit F7F22000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 Thread 827EBB30 Tid 00000140 Start F7EA301E N stack F7F21000 limit F7F1E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 Thread 827A5998 Tid 00000144 Start F7EA301E N stack F7F1D000 limit F7F1A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 Thread 827E8C10 Tid 00000148 Start F7EA301E N stack F7F19000 limit F7F16000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 Thread 824F2DA0 Tid 00000174 Start F892A038 N stack F7F11000 limit F7F0E000 \SystemRoot\system32\DRIVERS\rasacd.sys
 Thread 824CCDA0 Tid 00000184 Start AA0937A5 N stack F8931000 limit F892E000 \SystemRoot\system32\DRIVERS\rdbss.sys
 Thread 824CCB20 Tid 00000188 Start AA0937A5 N stack F8945000 limit F8942000 \SystemRoot\system32\DRIVERS\rdbss.sys
 Thread 824CC8A0 Tid 0000018C Start AA0937A5 N stack F894D000 limit F894A000 \SystemRoot\system32\DRIVERS\rdbss.sys
 Thread 824CC620 Tid 00000190 Start AA07A8B1 N stack F8959000 limit F8956000 \SystemRoot\system32\DRIVERS\rdbss.sys
 Thread 824C94C0 Tid 00000194 Start AA0413EA N stack F7BDA000 limit F7BD7000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C7020 Tid 00000198 Start AA0413EA N stack F7BD6000 limit F7BD3000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C7DA0 Tid 0000019C Start AA0413EA N stack F7BD2000 limit F7BCF000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C7B20 Tid 000001A0 Start AA0413EA N stack F7BCE000 limit F7BCB000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C78A0 Tid 000001A4 Start AA0413EA N stack F7BCA000 limit F7BC7000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C7620 Tid 000001A8 Start AA0413EA N stack F7BC6000 limit F7BC3000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C73A0 Tid 000001AC Start AA0413EA N stack F7BC2000 limit F7BBF000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C6020 Tid 000001B0 Start AA0413EA N stack F7BBE000 limit F7BBB000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C6C80 Tid 000001B4 Start AA0413EA N stack F7BBA000 limit F7BB7000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C6A00 Tid 000001B8 Start AA0413EA N stack F7BB6000 limit F7BB3000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C6780 Tid 000001BC Start AA0413EA N stack F807B000 limit F8078000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C6500 Tid 000001C0 Start AA0413EA N stack F806B000 limit F8068000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C5020 Tid 000001C4 Start AA0413EA N stack F8057000 limit F8054000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C5DA0 Tid 000001C8 Start AA0413EA N stack AA1A3000 limit AA1A0000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C5B20 Tid 000001CC Start AA0413EA N stack AA19F000 limit AA19C000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C58A0 Tid 000001D0 Start AA0413EA N stack AA19B000 limit AA198000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C5620 Tid 000001D4 Start AA0413EA N stack AA197000 limit AA194000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C53A0 Tid 000001D8 Start AA0413EA N stack AA193000 limit AA190000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C4020 Tid 000001DC Start AA0413EA N stack AA18F000 limit AA18C000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C4DA0 Tid 000001E0 Start AA0413EA N stack AA18B000 limit AA188000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C4B20 Tid 000001E4 Start AA0413EA N stack AA187000 limit AA184000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C48A0 Tid 000001E8 Start AA0413EA N stack AA183000 limit AA180000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C4620 Tid 000001EC Start AA0413EA N stack AA17F000 limit AA17C000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C43A0 Tid 000001F0 Start AA0413EA N stack F7F0D000 limit F7F0A000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824C3020 Tid 000001F4 Start AA0413EA N stack F7F09000 limit F7F06000 \SystemRoot\system32\DRIVERS\psinknc.sys
 Thread 824888B8 Tid 0000021C Start A9FC7423 N stack F8935000 limit F8932000 \SystemRoot\system32\DRIVERS\NNSTlsc.sys
 Thread 824885D0 Tid 00000220 Start A9FC7423 N stack F8941000 limit F893E000 \SystemRoot\system32\DRIVERS\NNSTlsc.sys
 Thread 82488350 Tid 00000224 Start A9FC7423 N stack F7F01000 limit F7EFE000 \SystemRoot\system32\DRIVERS\NNSTlsc.sys
 Thread 8246BDA0 Tid 0000029C Start A9FA7878 N stack AA072000 limit AA06F000 \SystemRoot\system32\DRIVERS\NNSStrm.sys
 Thread 8246BB20 Tid 000002A0 Start A9FA7878 N stack AA076000 limit AA073000 \SystemRoot\system32\DRIVERS\NNSStrm.sys
 Thread 8246B8A0 Tid 000002A4 Start A9FA7878 N stack AA06E000 limit AA06B000 \SystemRoot\system32\DRIVERS\NNSStrm.sys
 Thread 8246B620 Tid 000002A8 Start A9FA7878 N stack AA06A000 limit AA067000 \SystemRoot\system32\DRIVERS\NNSStrm.sys
 Thread 8246B3A0 Tid 000002AC Start A9FA7878 N stack AA066000 limit AA063000 \SystemRoot\system32\DRIVERS\NNSStrm.sys
 Thread 82463270 Tid 000002BC Start A9F5D91A N stack AA05A000 limit AA057000 \SystemRoot\system32\DRIVERS\NNSSmtp.sys
 Thread 82463710 Tid 000002C0 Start A9F5D91A N stack AA05E000 limit AA05B000 \SystemRoot\system32\DRIVERS\NNSSmtp.sys
 Thread 8245B7F8 Tid 000002F0 Start A9F32D22 N stack F8971000 limit F896E000 \SystemRoot\system32\DRIVERS\NNSPrv.sys
 Thread 8245B578 Tid 000002F4 Start A9F32D22 N stack AA056000 limit AA053000 \SystemRoot\system32\DRIVERS\NNSPrv.sys
 Thread 8245B2F8 Tid 000002F8 Start A9F32D22 N stack AA027000 limit AA024000 \SystemRoot\system32\DRIVERS\NNSPrv.sys
 Thread 8245B078 Tid 000002FC Start A9F32D22 N stack AA023000 limit AA020000 \SystemRoot\system32\DRIVERS\NNSPrv.sys
 Thread 8244B150 Tid 00000364 Start A9EFA0D1 N stack AA017000 limit AA014000 \SystemRoot\system32\DRIVERS\NNSProt.sys
 Thread 823FB668 Tid 00000378 Start A9EB4078 N stack AA01B000 limit AA018000 \SystemRoot\system32\DRIVERS\NNSPop3.sys
 Thread 823FB9F0 Tid 0000037C Start A9EB4078 N stack AA013000 limit AA010000 \SystemRoot\system32\DRIVERS\NNSPop3.sys
 Thread 82446138 Tid 000003A0 Start A9E95681 N stack AA00F000 limit AA00C000 \SystemRoot\system32\DRIVERS\NNSPicc.sys
 Thread 8244F020 Tid 0000045C Start A9E7ABC1 N stack AA00B000 limit AA008000 \SystemRoot\system32\DRIVERS\NNSIds.sys
 Thread 82376DA0 Tid 00000480 Start A9E667D8 N stack AA007000 limit AA004000 \SystemRoot\system32\DRIVERS\NNSHttp.sys
 Thread 82376020 Tid 00000484 Start A9E667D8 N stack AA003000 limit AA000000 \SystemRoot\system32\DRIVERS\NNSHttp.sys
 Thread 82376B20 Tid 00000488 Start A9E667D8 N stack A9FFF000 limit A9FFC000 \SystemRoot\system32\DRIVERS\NNSHttp.sys
 Thread 823768A0 Tid 0000048C Start A9E667D8 N stack A9FFB000 limit A9FF8000 \SystemRoot\system32\DRIVERS\NNSHttp.sys
 Thread 82376620 Tid 00000490 Start A9E667D8 N stack A9FF7000 limit A9FF4000 \SystemRoot\system32\DRIVERS\NNSHttp.sys
 Thread 823763A0 Tid 00000494 Start A9E667D8 N stack A9FF3000 limit A9FF0000 \SystemRoot\system32\DRIVERS\NNSHttp.sys
 Thread 823753B0 Tid 000004A8 Start A9E1434A N stack A9FEB000 limit A9FE8000 \SystemRoot\System32\Drivers\usbvideo.sys
 Thread 82370020 Tid 000004B4 Start 805F0710 N stack A9FEF000 limit A9FEC000 \WINDOWS\system32\ntkrnlpa.exe
 Thread 82204188 Tid 000000B4 Start A96544D0 N stack A9743000 limit A9740000 \SystemRoot\system32\DRIVERS\mrxdav.sys
 Thread 82032020 Tid 000000B8 Start A96544D0 N stack A9737000 limit A9734000 \SystemRoot\system32\DRIVERS\mrxdav.sys
 Thread 82032DA0 Tid 000000BC Start A96544D0 N stack A9733000 limit A9730000 \SystemRoot\system32\DRIVERS\mrxdav.sys
 Thread 82032B20 Tid 000007C0 Start A9636806 N stack A972F000 limit A972C000 \SystemRoot\system32\DRIVERS\mrxdav.sys
 Thread 82202428 Tid 00000158 Start A9633D10 N stack F8955000 limit F8952000 \SystemRoot\system32\DRIVERS\mrxdav.sys
 Thread 81F43278 Tid 00000534 Start A92A9024 N stack A9483000 limit A9480000 \SystemRoot\system32\DRIVERS\srv.sys
 Thread 81E7DDA0 Tid 000004D0 Start A92A9024 N stack A947F000 limit A947C000 \SystemRoot\system32\DRIVERS\srv.sys
 Thread 81C376B0 Tid 00000A64 Start A8BA4C60 N stack A9FE7000 limit A9FE4000 \SystemRoot\System32\Drivers\HTTP.sys
 Thread 81C37430 Tid 00000ADC Start A8BA4C60 N stack A8D6F000 limit A8D6C000 \SystemRoot\System32\Drivers\HTTP.sys
 Thread 81D2B910 Tid 00000AB8 Start A8BA4C60 N stack A8E33000 limit A8E30000 \SystemRoot\System32\Drivers\HTTP.sys
 Thread 81D2B690 Tid 00000ABC Start A8BA4C60 N stack A8D67000 limit A8D64000 \SystemRoot\System32\Drivers\HTTP.sys
 Thread 81D2B410 Tid 00000B28 Start A8BA22A4 N stack A8D63000 limit A8D60000 \SystemRoot\System32\Drivers\HTTP.sys
KTIMERS[2]: 2
KTIMERS[6]: 1
KTIMERS[7]: 2
 KTIMER 8055B380 DPC 8055B3C0 DefRoutine 80534B2A \WINDOWS\system32\ntkrnlpa.exe
 KTIMER 81F3A6B0 DPC 81F3A708 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[8]: 1
KTIMERS[9]: 1
 KTIMER 80551850 DPC 80551878 DefRoutine 804F3EDC \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[11]: 2
KTIMERS[12]: 5
 KTIMER 82B845B8 DPC 82B845E0 DefRoutine F888DB26 \WINDOWS\system32\DRIVERS\BATTC.SYS
 KTIMER 82AE6228 DPC 82AE6250 DefRoutine F888DB26 \WINDOWS\system32\DRIVERS\BATTC.SYS
KTIMERS[13]: 3
 KTIMER 82322058 DPC 823220B0 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[19]: 1
KTIMERS[22]: 1
KTIMERS[25]: 2
KTIMERS[27]: 1
KTIMERS[28]: 4
 KTIMER A8B904E0 DPC A8B904C0 DefRoutine A8B81AB2 \SystemRoot\System32\Drivers\HTTP.sys
KTIMERS[29]: 1
 KTIMER 82B74F10 DPC 82B74F38 DefRoutine F7DAB529 \SystemRoot\system32\DRIVERS\ks.sys
KTIMERS[40]: 1
KTIMERS[43]: 3
KTIMERS[44]: 2
KTIMERS[45]: 1
 KTIMER A8B90440 DPC A8B90480 DefRoutine A8B83C66 \SystemRoot\System32\Drivers\HTTP.sys
KTIMERS[50]: 1
 KTIMER 81E54790 DPC 81E547E8 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[52]: 1
KTIMERS[54]: 2
KTIMERS[55]: 1
KTIMERS[56]: 2
 KTIMER 81C35218 DPC 81C35270 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[57]: 1
KTIMERS[58]: 2
KTIMERS[59]: 7
 KTIMER 827E1D78 DPC 827E1DA0 DefRoutine F80CE6BC NDIS.sys
 KTIMER A9FBB200 DPC A9FBB1C0 DefRoutine A9FAB4C6 \SystemRoot\system32\DRIVERS\NNSStrm.sys
 KTIMER A9E70140 DPC A9E70100 DefRoutine A9E69D07 \SystemRoot\system32\DRIVERS\NNSHttp.sys
KTIMERS[60]: 8
 KTIMER 82B6E730 DPC 82B6E70C DefRoutine F7EA2674 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 KTIMER 8263FBB0 DPC 8263FBD8 DefRoutine F80CDF1A NDIS.sys
 KTIMER AA084220 DPC AA084260 DefRoutine AA07A385 \SystemRoot\system32\DRIVERS\rdbss.sys
 KTIMER 824ECEB0 DPC 824ECE90 DefRoutine F87953F0 \SystemRoot\system32\DRIVERS\TDI.SYS
KTIMERS[63]: 8
KTIMERS[64]: 2
 KTIMER 80550208 DPC 805501E8 DefRoutine 804E5BC0 \WINDOWS\system32\ntkrnlpa.exe
 KTIMER AA138010 DPC AA137FF0 DefRoutine AA0EF3DD \SystemRoot\system32\DRIVERS\tcpip.sys
KTIMERS[66]: 6
 KTIMER 829962B0 DPC 829962D8 DefRoutine AA54C7CA \SystemRoot\system32\drivers\RtkHDAud.sys
 KTIMER 824EBA10 DPC 824EB9F0 DefRoutine F87953F0 \SystemRoot\system32\DRIVERS\TDI.SYS
 KTIMER 8236EE88 DPC 8236EE68 DefRoutine F87953F0 \SystemRoot\system32\DRIVERS\TDI.SYS
 KTIMER 80550E60 DPC 80550E40 DefRoutine 8053B9FC \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[67]: 3
 KTIMER 824EB600 DPC 824EB5E0 DefRoutine AA0C748A \SystemRoot\system32\DRIVERS\netbt.sys
KTIMERS[69]: 1
KTIMERS[70]: 4
 KTIMER 827E4998 DPC 827E4978 DefRoutine F87953F0 \SystemRoot\system32\DRIVERS\TDI.SYS
 KTIMER 8236E9F0 DPC 8236E9D0 DefRoutine F87953F0 \SystemRoot\system32\DRIVERS\TDI.SYS
KTIMERS[71]: 1
KTIMERS[73]: 1
 KTIMER 82AEC730 DPC 82AEC70C DefRoutine F7EA2674 \SystemRoot\system32\DRIVERS\USBPORT.SYS
KTIMERS[74]: 3
 KTIMER 80551980 DPC 805519C0 DefRoutine 804F3744 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[75]: 3
 KTIMER 82B33730 DPC 82B3370C DefRoutine F7EA2674 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 KTIMER 80559A60 DPC 80559AE0 DefRoutine 80523E2E \WINDOWS\system32\ntkrnlpa.exe
 KTIMER A8B8DE60 DPC A8B8DE88 DefRoutine A8B7D6BC \SystemRoot\System32\Drivers\HTTP.sys
KTIMERS[78]: 2
 KTIMER 81C1C230 DPC 81C1C288 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[79]: 3
KTIMERS[80]: 2
 KTIMER FD53C2C0 DPC FD53C2F0 DefRoutine 8053B420 \WINDOWS\system32\ntkrnlpa.exe
 KTIMER 82B71730 DPC 82B7170C DefRoutine F7EA2674 \SystemRoot\system32\DRIVERS\USBPORT.SYS
KTIMERS[82]: 2
 KTIMER 82ACA730 DPC 82ACA70C DefRoutine F7EA2674 \SystemRoot\system32\DRIVERS\USBPORT.SYS
KTIMERS[83]: 3
KTIMERS[85]: 1
 KTIMER 82B03B40 DPC 82B03B68 DefRoutine F80CDF6F NDIS.sys
KTIMERS[86]: 1
 KTIMER 82AC85F0 DPC 82AC8618 DefRoutine F80CDF6F NDIS.sys
KTIMERS[87]: 6
 KTIMER 82B811A0 DPC 82B811C8 DefRoutine F80CDF6F NDIS.sys
 KTIMER 82B801A0 DPC 82B801C8 DefRoutine F80CDF6F NDIS.sys
 KTIMER 82B7E1A0 DPC 82B7E1C8 DefRoutine F80CDF6F NDIS.sys
KTIMERS[88]: 1
 KTIMER 82B311A0 DPC 82B311C8 DefRoutine F80CDF6F NDIS.sys
KTIMERS[89]: 1
 KTIMER A9D1A6A8 DPC A9D1A678 DefRoutine A9D19108 \SystemRoot\system32\DRIVERS\rspndr.sys
KTIMERS[90]: 4
 KTIMER 82323328 DPC 82323380 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[91]: 3
 KTIMER 82AC61A0 DPC 82AC61C8 DefRoutine F80CDF6F NDIS.sys
 KTIMER 82335298 DPC 823352F0 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[92]: 2
 KTIMER 82AEB1A0 DPC 82AEB1C8 DefRoutine F80D1708 NDIS.sys
KTIMERS[94]: 1
KTIMERS[96]: 1
 KTIMER A9F4BAE0 DPC A9F4BAA0 DefRoutine A9F3A421 \SystemRoot\system32\DRIVERS\NNSPrv.sys
KTIMERS[97]: 5
 KTIMER 81EF3470 DPC 81EF34C8 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
 KTIMER FFA34318 DPC FFA34370 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[99]: 2
 KTIMER 82AEAB40 DPC 82AEAB68 DefRoutine F80CDF6F NDIS.sys
 KTIMER 82B80B40 DPC 82B80B68 DefRoutine F80CDF6F NDIS.sys
KTIMERS[103]: 3
 KTIMER A9F24960 DPC A9F24940 DefRoutine A9F03985 \SystemRoot\system32\DRIVERS\NNSProt.sys
 KTIMER 82B4A148 DPC 82B4A170 DefRoutine F818692E sr.sys
KTIMERS[104]: 4
 KTIMER F7D52280 DPC F7D52320 DefRoutine F7CE2B90 \SystemRoot\system32\DRIVERS\btkrnl.sys
 KTIMER 820A6960 DPC 820A69B8 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[106]: 1
 KTIMER 81F1FF68 DPC 81F1FFC0 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[107]: 9
KTIMERS[110]: 1
 KTIMER 82AFD7C8 DPC 82AFD7F0 DefRoutine F7BE7A86 \SystemRoot\system32\drivers\btaudio.sys
KTIMERS[112]: 1
 KTIMER A9EA26E0 DPC A9EA26C0 DefRoutine A9E98834 \SystemRoot\system32\DRIVERS\NNSPicc.sys
KTIMERS[114]: 1
KTIMERS[115]: 1
KTIMERS[116]: 1
KTIMERS[117]: 1
KTIMERS[118]: 1
 KTIMER A9E8C020 DPC A9E8C000 DefRoutine A9E800C6 \SystemRoot\system32\DRIVERS\NNSIds.sys
KTIMERS[119]: 3
KTIMERS[122]: 1
KTIMERS[123]: 2
KTIMERS[128]: 1
KTIMERS[129]: 2
KTIMERS[130]: 5
 KTIMER 8209D460 DPC 8209D4B8 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[139]: 1
KTIMERS[140]: 1
KTIMERS[141]: 1
KTIMERS[145]: 1
KTIMERS[146]: 1
KTIMERS[149]: 1
KTIMERS[150]: 1
KTIMERS[153]: 1
KTIMERS[155]: 1
 KTIMER 8055A1E0 DPC 8055A220 DefRoutine 80527A68 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[161]: 2
 KTIMER 822814F8 DPC 82281550 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[162]: 1
 KTIMER F8102270 DPC F810224C DefRoutine F80E41B4 Ntfs.sys
KTIMERS[163]: 1
KTIMERS[164]: 1
KTIMERS[165]: 2
 KTIMER 81D9AC60 DPC 81D9AC40 DefRoutine AA0C748A \SystemRoot\system32\DRIVERS\netbt.sys
KTIMERS[166]: 1
KTIMERS[168]: 3
 KTIMER 821EC510 DPC 821EC568 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[171]: 1
KTIMERS[173]: 1
KTIMERS[176]: 1
KTIMERS[181]: 1
KTIMERS[182]: 1
 KTIMER AA1332D0 DPC AA1332B0 DefRoutine F87953F0 \SystemRoot\system32\DRIVERS\TDI.SYS
KTIMERS[185]: 2
KTIMERS[187]: 1
 KTIMER 824D1FB0 DPC 824D1FD8 DefRoutine AA0A5385 \SystemRoot\System32\drivers\afd.sys
KTIMERS[189]: 2
KTIMERS[191]: 1
KTIMERS[192]: 1
KTIMERS[193]: 1
 KTIMER 82372BF8 DPC 82372BD8 DefRoutine AA0C748A \SystemRoot\system32\DRIVERS\netbt.sys
KTIMERS[195]: 1
 KTIMER A8B8DC10 DPC A8B8DC38 DefRoutine A8B761D0 \SystemRoot\System32\Drivers\HTTP.sys
KTIMERS[198]: 1
KTIMERS[201]: 1
 KTIMER 8280C4D8 DPC 8280C4B8 DefRoutine AA0B585A \SystemRoot\System32\drivers\afd.sys
KTIMERS[206]: 1
KTIMERS[211]: 2
 KTIMER FBD2E820 DPC FBD2E800 DefRoutine AA0B585A \SystemRoot\System32\drivers\afd.sys
KTIMERS[214]: 2
KTIMERS[215]: 1
 KTIMER 82B2D9B8 DPC 82B2D9E0 DefRoutine F80CE6BC NDIS.sys
KTIMERS[217]: 5
 KTIMER F81022D0 DPC F81022B0 DefRoutine F80E43D8 Ntfs.sys
KTIMERS[218]: 1
KTIMERS[219]: 4
 KTIMER 827E5828 DPC 827E5850 DefRoutine F80CE6BC NDIS.sys
 KTIMER 80554040 DPC 80554080 DefRoutine 8050AA68 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[220]: 1
KTIMERS[222]: 1
KTIMERS[224]: 2
 KTIMER A92A6B58 DPC A92A6B80 DefRoutine A9293385 \SystemRoot\system32\DRIVERS\srv.sys
KTIMERS[225]: 2
KTIMERS[226]: 1
KTIMERS[227]: 3
KTIMERS[228]: A
 KTIMER 821040E8 DPC 82104140 DefRoutine 80534F48 \WINDOWS\system32\ntkrnlpa.exe
 KTIMER 8055B480 DPC 8055B4C0 DefRoutine 80534A8A \WINDOWS\system32\ntkrnlpa.exe
 KTIMER 8055B400 DPC 8055B440 DefRoutine 80534AB0 \WINDOWS\system32\ntkrnlpa.exe
KTIMERS[229]: 1
KTIMERS[230]: 1
KTIMERS[232]: 1
KTIMERS[234]: 1
KTIMERS[237]: 1
 KTIMER 8228E1A0 DPC 8228E1C8 DefRoutine F819C23C fltMgr.sys
KTIMERS[241]: 1
KTIMERS[244]: 5
 KTIMER 824EBE50 DPC 824EBE78 DefRoutine F87856C4 \SystemRoot\System32\watchdog.sys
 KTIMER 82332708 DPC 82332730 DefRoutine F87856C4 \SystemRoot\System32\watchdog.sys
 KTIMER AA1581C0 DPC AA158200 DefRoutine AA148471 \SystemRoot\system32\DRIVERS\ipsec.sys
 KTIMER AA157D08 DPC AA157D30 DefRoutine AA1483E7 \SystemRoot\system32\DRIVERS\ipsec.sys
 KTIMER AA157D70 DPC AA157D98 DefRoutine AA1483E7 \SystemRoot\system32\DRIVERS\ipsec.sys
KTIMERS[250]: 2

IopNotifyShutdownQueueHead:
 [0] DevObj 8239A700 Drv 82364950 \SystemRoot\System32\Drivers\Cdfs.SYS
 [1] DevObj 824F1648 Drv 824F1F38 \SystemRoot\System32\DRIVERS\RDPCDD.sys
 [2] DevObj 824F1040 Drv 824F3CA0 \SystemRoot\System32\Drivers\mnmdd.SYS
 [3] DevObj 824F4040 Drv 824F4ED0 \SystemRoot\System32\drivers\vga.sys
 [4] DevObj 824F3DE0 Drv 8278B938 \SystemRoot\System32\Drivers\Fs_Rec.SYS
 [5] DevObj 824F3F08 Drv 8278B938 \SystemRoot\System32\Drivers\Fs_Rec.SYS
 [6] DevObj 824F3030 Drv 8278B938 \SystemRoot\System32\Drivers\Fs_Rec.SYS
 [7] DevObj 827AF8B0 Drv 8278B938 \SystemRoot\System32\Drivers\Fs_Rec.SYS
 [8] DevObj 827AF9D8 Drv 8278B938 \SystemRoot\System32\Drivers\Fs_Rec.SYS
 [9] DevObj 827AFB00 Drv 8278B938 \SystemRoot\System32\Drivers\Fs_Rec.SYS
 [10] DevObj 82B83A80 Drv 82A7B2C8 \SystemRoot\system32\DRIVERS\SynTP.sys
 [11] DevObj 82B3F040 Drv 82AF1A78 \SystemRoot\system32\DRIVERS\ialmnt5.sys
 [12] DevObj 82ACD040 Drv 82AF1A78 \SystemRoot\system32\DRIVERS\ialmnt5.sys
 [13] DevObj 82B77420 Drv 82B77538 Mup.sys
 [14] DevObj 82B7ABC0 Drv 82B7AD90 ftdisk.sys
 [15] DevObj 82B7AE88 Drv 82B7A030 MountMgr.sys
 [16] DevObj 82BAE030 Drv 82BE8478 \WINDOWS\system32\ntkrnlpa.exe
 [17] DevObj 82BAF1D8 Drv 82BAF2F0 \WINDOWS\system32\ntkrnlpa.exe

Pnp Notifiers: total 23, readed 23
 Pnp[0] CategoryHardwareProfileChange KSCATEGORY_AUDIO addr A9A7DFCC \SystemRoot\system32\drivers\sysaudio.sys
 Pnp[1] CategoryHardwareProfileChange DEVINTERFACE_HID addr 805BEF4C \WINDOWS\system32\ntkrnlpa.exe
 Pnp[2] CategoryHardwareProfileChange DEVICE_THERMAL_ZONE addr 805BEF4C \WINDOWS\system32\ntkrnlpa.exe
 Pnp[3] CategoryHardwareProfileChange DEVINTERFACE_HID addr BF8A7FD8 \SystemRoot\System32\win32k.sys
 Pnp[4] CategoryHardwareProfileChange DEVICE_SYS_BUTTON addr 805BEF4C \WINDOWS\system32\ntkrnlpa.exe
 Pnp[5] CategoryHardwareProfileChange SYSAUDIO addr A98BE44E \SystemRoot\system32\drivers\wdmaud.sys
 Pnp[6] CategoryHardwareProfileChange SYSAUDIO addr A98BE44E \SystemRoot\system32\drivers\wdmaud.sys
 Pnp[7] CategoryHardwareProfileChange SYSAUDIO addr A98BE44E \SystemRoot\system32\drivers\wdmaud.sys
 Pnp[8] CategoryHardwareProfileChange SYSAUDIO addr A98BE44E \SystemRoot\system32\drivers\wdmaud.sys
 Pnp[9] CategoryHardwareProfileChange SYSAUDIO addr A98BE44E \SystemRoot\system32\drivers\wdmaud.sys
 Pnp[10] CategoryHardwareProfileChange SYSAUDIO addr A98BE44E \SystemRoot\system32\drivers\wdmaud.sys
 Pnp[11] CategoryHardwareProfileChange DEVINTERFACE_MOUSE addr F7DDBFD0 \SystemRoot\system32\DRIVERS\SynTP.sys
 Pnp[12] CategoryHardwareProfileChange DEVINTERFACE_MOUSE addr BF8A7FD8 \SystemRoot\System32\win32k.sys
 Pnp[13] CategoryHardwareProfileChange DEVINTERFACE_CDROM addr BF8A8BF7 \SystemRoot\System32\win32k.sys
 Pnp[14] CategoryHardwareProfileChange PREFERRED_WAVEOUT_DEVICE addr F8568AC0 \SystemRoot\system32\DRIVERS\redbook.sys
 Pnp[15] CategoryHardwareProfileChange DEVINTERFACE_VOLUME addr F848DD8E MountMgr.sys
 Pnp[16] CategoryHardwareProfileChange DEVINTERFACE_KEYBOARD addr F7DDB790 \SystemRoot\system32\DRIVERS\SynTP.sys
 Pnp[17] CategoryHardwareProfileChange DEVINTERFACE_VOLUME addr F849D544 VolSnap.sys
 Pnp[18] CategoryHardwareProfileChange DEVINTERFACE_KEYBOARD addr BF8A7FD8 \SystemRoot\System32\win32k.sys
 Pnp[19] CategoryHardwareProfileChange DEVCLASS_BATTERY addr 805BEF4C \WINDOWS\system32\ntkrnlpa.exe
 Pnp[20] CategoryHardwareProfileChange DEVCLASS_BATTERY addr F8889B5A compbatt.sys
 Pnp[21] CategoryHardwareProfileChange VOLMGR_VOLUME_MANAGER addr F86FE85E PartMgr.sys
 Pnp[22] CategoryHardwareProfileChange ACOUSTIC_ECHO_CANCEL addr A9A7DFCC \SystemRoot\system32\drivers\sysaudio.sys

PlugPlayHandlerTable: 23 items
 PlugPlayHandlerTable[0] 8063BC4A \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[1] 8063BBF0 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[2] 8063BB46 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[3] 8063D0EC \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[4] 8063BA8E \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[6] 8063BCBA \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[7] 8063BD96 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[8] 8063D142 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[9] 8063BDF2 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[10] 8063D228 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[11] 8063BEFA \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[12] 8063C0A8 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[13] 8063C180 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[14] 8063C272 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[15] 8063C3A0 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[16] 8063D3E8 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[17] 8063C432 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[18] 8063C560 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[19] 8063C6B4 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[20] 8063BAEA \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[21] 8063C956 \WINDOWS\system32\ntkrnlpa.exe
 PlugPlayHandlerTable[22] 8063C9B4 \WINDOWS\system32\ntkrnlpa.exe

HAL dispatch table:
HalQuerySystemInformation:     806E7BBA 
HalSetSystemInformation:       806EA436 
HalQueryBusSlots:              805671BA 
HalExamineMBR:                 804ED03E 
HalIoReadPartitionTable:       805668D2 
HalIoSetPartitionInformation:  80565F94 
HalIoWritePartitionTable:      80565612 
HalReferenceHandlerForBus      8056587A 
HalReferenceBusHandler         804ED238 
HalDereferenceBusHandler       804ED2BA 
HalInitPnpDriver               804ED2BA 
HalInitPowerManagement         806E987E 
HalGetDmaAdapter               806EA2CC 
HalGetInterruptTranslator      806D5678 
HalStartMirroring              806E9D50 
HalEndMirroring                805671D6 
HalMirrorPhysicalMemory        804ED25A 
HalEndOfBoot                   804ED268 
HalMirrorVerify                806EA424 
HalGetCachedAcpiTable          804ED268 
HalSetPciErrorHandlerCallback  00000002 

HAL private dispatch table:
HalHandlerForBus:               804ED238 
HalHandlerForConfigSpace:       804ED238 
HalLocateHiberRanges:           806E98B6 
HalRegisterBusHandler:          805671C8 
HalSetWakeEnable:               806E60D0 
HalSetWakeAlarm:                806E608A 
HalPciTranslateBusAddress:      F833712E pci.sys
HalPciAssignSlotResources:      F8336F82 pci.sys
HalHaltSystem:                  806D4E44 
HalFindBusAddressTranslation:   806D9128 
HalResetDisplay:                806D810E 
KdSetupPciDeviceForDebugging:   806EB85E 
KdReleasePciDeviceforDebugging: 806EAD26 
KdGetAcpiTablePhase0:           806ED9A8 
KdCheckPowerButton:             806D4D62 
HalVectorToIDTEntry:            804ED2C0 
KdMapPhysicalMemory64:          806D850C 
KdUnmapVirtualAddress:          806D8664 

Unknown drivers:
 \WINDOWS\system32\BOOTVID.dll
 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
 \SystemRoot\System32\watchdog.sys
 \SystemRoot\System32\ialmdnt5.dll
 \SystemRoot\System32\ialmrnt5.dll
 \SystemRoot\System32\ialmdev5.DLL
 \SystemRoot\System32\ialmdd5.DLL

HAL ACPI dispatch table:
HalAcpiTimerInit:                   806E9DAA 
HalAcpiTimerCarry:                  806D9E14 
HalAcpiMachineStateInit:            806E9DF6 
HalAcpiQueryFlags:                  806E9FA4 
HalAcpiPicStateIntact:              806E76D2 
HalRestoreInterruptControllerState: 806E74D6 
HalPciInterfaceReadConfig:          806D7D80 
HalPciInterfaceWriteConfig:         806D7DE0 
HalSetVectorState:                  806EA576 
HalGetApicVersion:                  806E76DE 
HalSetMaxLegacyPciBusNumber:        806D7E22 
HalIsVectorValid:                   806EA63E 

Driver PCIIde DrvObj 82B79CF0:
 DriverUnload patched by \WINDOWS\system32\DRIVERS\PCIIDEX.SYS, addr F86F96DC
 AddDevice patched by \WINDOWS\system32\DRIVERS\PCIIDEX.SYS, addr F86F77D2
 Handler MJ_INTERNAL_DEVICE_CONTROL patched by \WINDOWS\system32\DRIVERS\PCIIDEX.SYS, addr F86F94F2
 Handler MJ_POWER patched by \WINDOWS\system32\DRIVERS\PCIIDEX.SYS, addr F86F5692
 Handler MJ_SYSTEM_CONTROL patched by \WINDOWS\system32\DRIVERS\PCIIDEX.SYS, addr F86F946E
 Handler MJ_PNP patched by \WINDOWS\system32\DRIVERS\PCIIDEX.SYS, addr F86F943A

Driver Disk DrvObj 82B28F38:
 DriverUnload patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84BC4B4
 AddDevice patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84BDE36
 Handler MJ_CREATE patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84BBBB0
 Handler MJ_CLOSE patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84BBBB0
 Handler MJ_READ patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B5D1F
 Handler MJ_WRITE patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B5D1F
 Handler MJ_FLUSH_BUFFERS patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B62E2
 Handler MJ_DEVICE_CONTROL patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B63BB
 Handler MJ_INTERNAL_DEVICE_CONTROL patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B9F28
 Handler MJ_SHUTDOWN patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B62E2
 Handler MJ_POWER patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B7C82
 Handler MJ_SYSTEM_CONTROL patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84BC99E
 Handler MJ_PNP patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84BBC93
try_resolve_filter_list: cannot find NdisFRegisterFilterDriver
try_if_list: cannot find NdisIfDeregisterInterface
try_if_provider_list: cannot find NdisIfRegisterProvider

Driver usbuhci DrvObj 82B15B38:
 DriverUnload patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7EAA7EE
 AddDevice patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7EAB256
 Handler MJ_CREATE patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A
 Handler MJ_CLOSE patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A
 Handler MJ_DEVICE_CONTROL patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A
 Handler MJ_INTERNAL_DEVICE_CONTROL patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A
 Handler MJ_POWER patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A
 Handler MJ_SYSTEM_CONTROL patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A
 Handler MJ_PNP patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A

Driver usbehci DrvObj 82B3ECA0:
 DriverUnload patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7EAA7EE
 AddDevice patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7EAB256
 Handler MJ_CREATE patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A
 Handler MJ_CLOSE patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A
 Handler MJ_DEVICE_CONTROL patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A
 Handler MJ_INTERNAL_DEVICE_CONTROL patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A
 Handler MJ_POWER patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A
 Handler MJ_SYSTEM_CONTROL patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A
 Handler MJ_PNP patched by \SystemRoot\system32\DRIVERS\USBPORT.SYS, addr F7E9F26A

Driver cdrom DrvObj 82B5B940:
 DriverUnload patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84BC4B4
 StartIo patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B6487
 AddDevice patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84BDE36
 Handler MJ_CREATE patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84BBBB0
 Handler MJ_CLOSE patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84BBBB0
 Handler MJ_READ patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B5D1F
 Handler MJ_WRITE patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B5D1F
 Handler MJ_FLUSH_BUFFERS patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B62E2
 Handler MJ_DEVICE_CONTROL patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B63BB
 Handler MJ_INTERNAL_DEVICE_CONTROL patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B9F28
 Handler MJ_SHUTDOWN patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B62E2
 Handler MJ_POWER patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84B7C82
 Handler MJ_SYSTEM_CONTROL patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84BC99E
 Handler MJ_PNP patched by \WINDOWS\system32\DRIVERS\CLASSPNP.SYS, addr F84BBC93

Driver btaudio DrvObj 82BD1F38:
 DriverUnload patched by \SystemRoot\system32\drivers\portcls.sys, addr F7BA0DEE
 Handler MJ_CREATE patched by \SystemRoot\system32\drivers\portcls.sys, addr F7B9F05D
 Handler MJ_CLOSE patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB466F
 Handler MJ_READ patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DBEEA2
 Handler MJ_WRITE patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB41DC
 Handler MJ_FLUSH_BUFFERS patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DBEF29
 Handler MJ_DEVICE_CONTROL patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB3F70
 Handler MJ_QUERY_SECURITY patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DBF936
 Handler MJ_SET_SECURITY patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DBF968
 Handler MJ_POWER patched by \SystemRoot\system32\drivers\portcls.sys, addr F7BA6E31
 Handler MJ_SYSTEM_CONTROL patched by \SystemRoot\system32\drivers\portcls.sys, addr F7B8FE0F
 Handler MJ_PNP patched by \SystemRoot\system32\drivers\portcls.sys, addr F7B9E7BD

Driver mnmdd DrvObj 824F3CA0:
 DriverUnload patched by \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS, addr F7EF5E70
 Handler MJ_CREATE patched by \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS, addr F7EF6CEA
 Handler MJ_CLOSE patched by \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS, addr F7EF6CEA
 Handler MJ_DEVICE_CONTROL patched by \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS, addr F7EF6CEA
 Handler MJ_SHUTDOWN patched by \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS, addr F7EF6CEA

Driver RDPCDD DrvObj 824F1F38:
 DriverUnload patched by \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS, addr F7EF5E70
 Handler MJ_CREATE patched by \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS, addr F7EF6CEA
 Handler MJ_CLOSE patched by \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS, addr F7EF6CEA
 Handler MJ_DEVICE_CONTROL patched by \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS, addr F7EF6CEA
 Handler MJ_SHUTDOWN patched by \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS, addr F7EF6CEA

Driver usbvideo DrvObj 823A7D70:
 AddDevice patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB88BF
 Handler MJ_CREATE patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB946F
 Handler MJ_CLOSE patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB466F
 Handler MJ_DEVICE_CONTROL patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB3F70
 Handler MJ_POWER patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DC2164
 Handler MJ_SYSTEM_CONTROL patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB64AB
 Handler MJ_PNP patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB6AC6

Driver MRxSmb DrvObj 823742E0:
 FastIOHandler FastIoCheckIfPossible patched by \SystemRoot\system32\DRIVERS\rdbss.sys, addr AA08FE8B
 FastIOHandler FastIoRead patched by \SystemRoot\system32\DRIVERS\rdbss.sys, addr AA08FFB7
 FastIOHandler FastIoWrite patched by \SystemRoot\system32\DRIVERS\rdbss.sys, addr AA090D60
 FastIOHandler FastIoDeviceControl patched by \SystemRoot\system32\DRIVERS\rdbss.sys, addr AA07AB4D
 FastIOHandler AcquireFileForNtCreateSection patched by \SystemRoot\system32\DRIVERS\rdbss.sys, addr AA08A92D
 FastIOHandler ReleaseFileForNtCreateSection patched by \SystemRoot\system32\DRIVERS\rdbss.sys, addr AA08A98D
 FastIOHandler AcquireForCcFlush patched by \SystemRoot\system32\DRIVERS\rdbss.sys, addr AA07C238
 FastIOHandler ReleaseForCcFlush patched by \SystemRoot\system32\DRIVERS\rdbss.sys, addr AA07C238

Shadow SDT: BF9A0800, limit 29B
 NtGdiAbortDoc: BF93A873
 NtGdiAbortPath: BF94BF70
 NtGdiAddFontResourceW: BF895386
 NtGdiAddRemoteFontToDC: BF943A88
 NtGdiAddFontMemResourceEx: BF94D592
 NtGdiRemoveMergeFont: BF93AB07
 NtGdiAddRemoteMMInstanceToDC: BF93ABAC
 NtGdiAlphaBlend: BF83D89B
 NtGdiAngleArc: BF94CEAE
 NtGdiAnyLinkedFonts: BF938C72
 NtGdiFontIsLinked: BF94D4A6
 NtGdiArcInternal: BF91116C
 NtGdiBeginPath: BF8FEF1F
 NtGdiBitBlt: BF8098F2
 NtGdiCancelDC: BF94D378
 NtGdiCheckBitmapBits: BF94EB7F
 NtGdiCloseFigure: BF8FD81C
 NtGdiClearBitmapAttributes: BF89C4CD
 NtGdiClearBrushAttributes: BF94D456
 NtGdiColorCorrectPalette: BF94ECB2
 NtGdiCombineRgn: BF820D70
 NtGdiCombineTransform: BF8E52E5
 NtGdiComputeXformCoefficients: BF86EDD0
 NtGdiConsoleTextOut: BF84D979
 NtGdiConvertMetafileRect: BF9123A7
 NtGdiCreateBitmap: BF80E2AD
 NtGdiCreateClientObj: BF8E4F8D
 NtGdiCreateColorSpace: BF94E977
 NtGdiCreateColorTransform: BF94F882
 NtGdiCreateCompatibleBitmap: BF813A59
 NtGdiCreateCompatibleDC: BF80C84E
 NtGdiCreateDIBBrush: BF8D9C95
 NtGdiCreateDIBitmapInternal: BF82E853
 NtGdiCreateDIBSection: BF83323D
 NtGdiCreateEllipticRgn: BF93D1FF
 NtGdiCreateHalftonePalette: BF8BAE48
 NtGdiCreateHatchBrushInternal: BF95090E
 NtGdiCreateMetafileDC: BF8CB250
 NtGdiCreatePaletteInternal: BF8BA4F5
 NtGdiCreatePatternBrushInternal: BF86D689
 NtGdiCreatePen: BF86A3B5
 NtGdiCreateRectRgn: BF83B90F
 NtGdiCreateRoundRectRgn: BF88A1A7
 NtGdiCreateServerMetaFile: BF9122AC
 NtGdiCreateSolidBrush: BF819D41
 NtGdiD3dContextCreate: BF938292
 NtGdiD3dContextDestroy: BF9382A5
 NtGdiD3dContextDestroyAll: BF9382B8
 NtGdiD3dValidateTextureStageState: BF9382CB
 NtGdiD3dDrawPrimitives2: BF9382DE
 NtGdiDdGetDriverState: BF9382F1
 NtGdiDdAddAttachedSurface: BF938167
 NtGdiDdAlphaBlt: BF9383B1
 NtGdiDdAttachSurface: BF9063C5
 NtGdiDdBeginMoCompFrame: BF93835C
 NtGdiDdBlt: BF9063D8
 NtGdiDdCanCreateSurface: BF9061B2
 NtGdiDdCanCreateD3DBuffer: BF938269
 NtGdiDdColorControl: BF93817A
 NtGdiDdCreateDirectDrawObject: BF8F404D
 NtGdiDdCreateSurface: BF8F4060
 NtGdiDdCreateD3DBuffer: BF938253
 NtGdiDdCreateMoComp: BF9061F1
 NtGdiDdCreateSurfaceObject: BF90681C
 NtGdiDdDeleteDirectDrawObject: BF8F42A9
 NtGdiDdDeleteSurfaceObject: BF906399
 NtGdiDdDestroyMoComp: BF9061C5
 NtGdiDdDestroySurface: BF8F4293
 NtGdiDdDestroyD3DBuffer: BF93827C
 NtGdiDdEndMoCompFrame: BF93836F
 NtGdiDdFlip: BF9068C2
 NtGdiDdFlipToGDISurface: BF906FCD
 NtGdiDdGetAvailDriverMemory: BF9063AF
 NtGdiDdGetBltStatus: BF93818D
 NtGdiDdGetDC: BF90611D
 NtGdiDdGetDriverInfo: BF90615C
 NtGdiDdGetDxHandle: BF9381FB
 NtGdiDdGetFlipStatus: BF9381A3
 NtGdiDdGetInternalMoCompInfo: BF938346
 NtGdiDdGetMoCompBuffInfo: BF938330
 NtGdiDdGetMoCompGuids: BF9061DB
 NtGdiDdGetMoCompFormats: BF93831A
 NtGdiDdGetScanLine: BF9070D3
 NtGdiDdLock: BF8C8558
 NtGdiDdLockD3D: BF938227
 NtGdiDdQueryDirectDrawObject: BF8F3FEC
 NtGdiDdQueryMoCompStatus: BF93839B
 NtGdiDdReenableDirectDrawObject: BF8F4027
 NtGdiDdReleaseDC: BF906291
 NtGdiDdRenderMoComp: BF938385
 NtGdiDdResetVisrgn: BF8C839E
 NtGdiDdSetColorKey: BF9068D8
 NtGdiDdSetExclusiveMode: BF9381B9
 NtGdiDdSetGammaRamp: BF938211
 NtGdiDdCreateSurfaceEx: BF938304
 NtGdiDdSetOverlayPosition: BF9381CF
 NtGdiDdUnattachSurface: BF906465
 NtGdiDdUnlock: BF8C834E
 NtGdiDdUnlockD3D: BF93823D
 NtGdiDdUpdateOverlay: BF9068AC
 NtGdiDdWaitForVerticalBlank: BF9381E5
 NtGdiDvpCanCreateVideoPort: BF9383C4
 NtGdiDvpColorControl: BF9383DA
 NtGdiDvpCreateVideoPort: BF9383F0
 NtGdiDvpDestroyVideoPort: BF938406
 NtGdiDvpFlipVideoPort: BF93841C
 NtGdiDvpGetVideoPortBandwidth: BF938432
 NtGdiDvpGetVideoPortField: BF938448
 NtGdiDvpGetVideoPortFlipStatus: BF93845E
 NtGdiDvpGetVideoPortInputFormats: BF938474
 NtGdiDvpGetVideoPortLine: BF93848A
 NtGdiDvpGetVideoPortOutputFormats: BF9384A0
 NtGdiDvpGetVideoPortConnectInfo: BF9384B6
 NtGdiDvpGetVideoSignalStatus: BF9384CC
 NtGdiDvpUpdateVideoPort: BF9384E2
 NtGdiDvpWaitForVideoPortSync: BF9384F8
 NtGdiDvpAcquireNotification: BF93850E
 NtGdiDvpReleaseNotification: BF938524
 NtGdiDxgGenericThunk: BF938154
 NtGdiDeleteClientObj: BF8E50AF
 NtGdiDeleteColorSpace: BF94E96A
 NtGdiDeleteColorTransform: BF94FB3E
 NtGdiDeleteObjectApp: BF8138E6
 NtGdiDescribePixelFormat: BF94E068
 NtGdiGetPerBandInfo: BF8F95A0
 NtGdiDoBanding: BF8FABB4
 NtGdiDoPalette: BF8410E8
 NtGdiDrawEscape: BF94CEF8
 NtGdiEllipse: BF8DC7AC
 NtGdiEnableEudc: BF89A999
 NtGdiEndDoc: BF8FA530
 NtGdiEndPage: BF9039F9
 NtGdiEndPath: BF8FEFBF
 NtGdiEnumFontChunk: BF87E133
 NtGdiEnumFontClose: BF87E0B2
 NtGdiEnumFontOpen: BF87D741
 NtGdiEnumObjects: BF8D9F9D
 NtGdiEqualRgn: BF93D2FA
 NtGdiEudcLoadUnloadLink: BF954119
 NtGdiExcludeClipRect: BF82C92C
 NtGdiExtCreatePen: BF8D20D4
 NtGdiExtCreateRegion: BF83BE03
 NtGdiExtEscape: BF888538
 NtGdiExtFloodFill: BF954F37
 NtGdiExtGetObjectW: BF82BC2F
 NtGdiExtSelectClipRgn: BF80F16D
 NtGdiExtTextOutW: BF82D041
 NtGdiFillPath: BF94C095
 NtGdiFillRgn: BF867997
 NtGdiFlattenPath: BF94BFFA
 NtGdiFlushUserBatch: BF80C331
 NtGdiFlush: BF80A1F5
 NtGdiForceUFIMapping: BF94DF48
 NtGdiFrameRgn: BF88A419
 NtGdiFullscreenControl: BF93FFD7
 NtGdiGetAndSetDCDword: BF8D13A5
 NtGdiGetAppClipBox: BF81647D
 NtGdiGetBitmapBits: BF867E8A
 NtGdiGetBitmapDimension: BF94DE6A
 NtGdiGetBoundsRect: BF88FF68
 NtGdiGetCharABCWidthsW: BF8C9C04
 NtGdiGetCharacterPlacementW: BF94C603
 NtGdiGetCharSet: BF80F7A8
 NtGdiGetCharWidthW: BF8F697C
 NtGdiGetCharWidthInfo: BF86E1D3
 NtGdiGetColorAdjustment: BF94D21A
 NtGdiGetColorSpaceforBitmap: BF9557EC
 NtGdiGetDCDword: BF82BEFC
 NtGdiGetDCforBitmap: BF835BEC
 NtGdiGetDCObject: BF82BD89
 NtGdiGetDCPoint: BF8C300E
 NtGdiGetDeviceCaps: BF94D416
 NtGdiGetDeviceGammaRamp: BF94EF15
 NtGdiGetDeviceCapsAll: BF8D0646
 NtGdiGetDIBitsInternal: BF842ECC
 NtGdiGetETM: BF95674F
 NtGdiGetEudcTimeStampEx: BF951BBB
 NtGdiGetFontData: BF8F8198
 NtGdiGetFontResourceInfoInternalW: BF94D6C0
 NtGdiGetGlyphIndicesW: BF94E34B
 NtGdiGetGlyphIndicesWInternal: BF94E1EE
 NtGdiGetGlyphOutline: BF94D00B
 NtGdiGetKerningPairs: BF94D110
 NtGdiGetLinkedUFIs: BF93A88B
 NtGdiGetMiterLimit: BF8CB2B8
 NtGdiGetMonitorID: BF942F19
 NtGdiGetNearestColor: BF82CA82
 NtGdiGetNearestPaletteIndex: BF950994
 NtGdiGetObjectBitmapHandle: BF94D1A1
 NtGdiGetOutlineTextMetricsInternalW: BF8F61A5
 NtGdiGetPath: BF94C462
 NtGdiGetPixel: BF8783E4
 NtGdiGetRandomRgn: BF80F17D
 NtGdiGetRasterizerCaps: BF8F8CD6
 NtGdiGetRealizationInfo: BF94E3F6
 NtGdiGetRegionData: BF84389C
 NtGdiGetRgnBox: BF8C2F58
 NtGdiGetServerMetaFileBits: BF912506
 NtGdiGetSpoolMessage: BF8B7EB9
 NtGdiGetStats: BF9568CC
 NtGdiGetStockObject: BF81F702
 NtGdiGetStringBitmapW: BF9537AD
 NtGdiGetSystemPaletteUse: BF8D044D
 NtGdiGetTextCharsetInfo: BF82E08D
 NtGdiGetTextExtent: BF862D72
 NtGdiGetTextExtentExW: BF8D9803
 NtGdiGetTextFaceW: BF83868E
 NtGdiGetTextMetricsW: BF82DEEB
 NtGdiGetTransform: BF885F1E
 NtGdiGetUFI: BF94D907
 NtGdiGetEmbUFI: BF94D9D0
 NtGdiGetUFIPathname: BF94DAB0
 NtGdiGetEmbedFonts: BF94D888
 NtGdiChangeGhostFont: BF94D892
 NtGdiAddEmbFontToDC: BF93951D
 NtGdiGetFontUnicodeRanges: BF94E36F
 NtGdiGetWidthTable: BF837846
 NtGdiGradientFill: BF874510
 NtGdiHfontCreate: BF82DBD9
 NtGdiIcmBrushInfo: BF94F4F9
 NtGdiInit: BF84CB1C
 NtGdiInitSpool: BF89C9B7
 NtGdiIntersectClipRect: BF815FA6
 NtGdiInvertRgn: BF8C4926
 NtGdiLineTo: BF8C58E0
 NtGdiMakeFontDir: BF94E0E2
 NtGdiMakeInfoDC: BF955825
 NtGdiMaskBlt: BF82E624
 NtGdiModifyWorldTransform: BF885CFB
 NtGdiMonoBitmap: BF8CB48B
 NtGdiMoveTo: BF94D3A8
 NtGdiOffsetClipRgn: BF8FAA73
 NtGdiOffsetRgn: BF835FB0
 NtGdiOpenDCW: BF843249
 NtGdiPatBlt: BF8C29DA
 NtGdiPolyPatBlt: BF832916
 NtGdiPathToRegion: BF94C16F
 NtGdiPlgBlt: BF947D12
 NtGdiPolyDraw: BF94CA96
 NtGdiPolyPolyDraw: BF869C0C
 NtGdiPolyTextOutW: BF94CB93
 NtGdiPtInRegion: BF94D496
 NtGdiPtVisible: BF93D49C
 NtGdiQueryFonts: BF94D4B6
 NtGdiQueryFontAssocInfo: BF84D037
 NtGdiRectangle: BF8C78AA
 NtGdiRectInRegion: BF8EC617
 NtGdiRectVisible: BF8338F2
 NtGdiRemoveFontResourceW: BF8DB080
 NtGdiRemoveFontMemResourceEx: BF94D6A4
 NtGdiResetDC: BF8EB68E
 NtGdiResizePalette: BF950C08
 NtGdiRestoreDC: BF82EDBD
 NtGdiRoundRect: BF910335
 NtGdiSaveDC: BF82EDCD
 NtGdiScaleViewportExtEx: BF945E92
 NtGdiScaleWindowExtEx: BF94DDF6
 NtGdiSelectBitmap: BF808500
 NtGdiSelectBrush: BF94D388
 NtGdiSelectClipPath: BF8FF0BE
 NtGdiSelectFont: BF820D80
 NtGdiSelectPen: BF94D398
 NtGdiSetBitmapAttributes: BF89C401
 NtGdiSetBitmapBits: BF8C348E
 NtGdiSetBitmapDimension: BF94DED4
 NtGdiSetBoundsRect: BF89036F
 NtGdiSetBrushAttributes: BF94D436
 NtGdiSetBrushOrg: BF8C352C
 NtGdiSetColorAdjustment: BF94D27B
 NtGdiSetColorSpace: BF94EA2C
 NtGdiSetDeviceGammaRamp: BF94F251
 NtGdiSetDIBitsToDeviceInternal: BF82B2DB
 NtGdiSetFontEnumeration: BF8B6F0A
 NtGdiSetFontXform: BF8E5465
 NtGdiSetIcmMode: BF8C5223
 NtGdiSetLinkedUFIs: BF8F929E
 NtGdiSetMagicColors: BF951026
 NtGdiSetMetaRgn: BF8E51E4
 NtGdiSetMiterLimit: BF8E5206
 NtGdiGetDeviceWidth: BF94DDE6
 NtGdiMirrorWindowOrg: BF94DDD6
 NtGdiSetLayout: BF82C834
 NtGdiSetPixel: BF878626
 NtGdiSetPixelFormat: BF957596
 NtGdiSetRectRgn: BF94D486
 NtGdiSetSystemPaletteUse: BF94D426
 NtGdiSetTextJustification: BF956B5C
 NtGdiSetupPublicCFONT: BF898041
 NtGdiSetVirtualResolution: BF8E5008
 NtGdiSetSizeDevice: BF8E54D6
 NtGdiStartDoc: BF9028B6
 NtGdiStartPage: BF90383D
 NtGdiStretchBlt: BF87F607
 NtGdiStretchDIBitsInternal: BF88212F
 NtGdiStrokeAndFillPath: BF8FDC35
 NtGdiStrokePath: BF94C376
 NtGdiSwapBuffers: BF95773E
 NtGdiTransformPoints: BF8D0568
 NtGdiTransparentBlt: BF8B9C70
 NtGdiUnloadPrinterDriver: BF94DFB9
 NtGdiUnmapMemFont: BF94D587
 NtGdiUnrealizeObject: BF94D476
 NtGdiUpdateColors: BF950E92
 NtGdiWidenPath: BF94C257
 NtUserActivateKeyboardLayout: BF87C073
 NtUserAlterWindowStyle: BF876A23
 NtUserAssociateInputContext: BF9167D1
 NtUserAttachThreadInput: BF8F4CEE
 NtUserBeginPaint: BF815B8E
 NtUserBitBltSysBmp: BF8D0473
 NtUserBlockInput: BF91510A
 NtUserBuildHimcList: BF916908
 NtUserBuildHwndList: BF833ED4
 NtUserBuildNameList: BF872430
 NtUserBuildPropList: BF914ECD
 NtUserCallHwnd: BF878D5A
 NtUserCallHwndLock: BF835EF7
 NtUserCallHwndOpt: BF8999E1
 NtUserCallHwndParam: BF8360EA
 NtUserCallHwndParamLock: BF82D4A6
 NtUserCallMsgFilter: BF8D0382
 NtUserCallNextHookEx: BF8F5B2F
 NtUserCallNoParam: BF8010C7
 NtUserCallOneParam: BF80107F
 NtUserCallTwoParam: BF8360AA
 NtUserChangeClipboardChain: BF8CA197
 NtUserChangeDisplaySettings: BF8B54ED
 NtUserCheckImeHotKey: BF86F443
 NtUserCheckMenuItem: BF8D51F1
 NtUserChildWindowFromPointEx: BF892E2B
 NtUserClipCursor: BF8F90BE
 NtUserCloseClipboard: BF8C482B
 NtUserCloseDesktop: BF87210B
 NtUserCloseWindowStation: BF8721CD
 NtUserConsoleControl: BF84C550
 NtUserConvertMemHandle: BF8CF865
 NtUserCopyAcceleratorTable: BF90F96E
 NtUserCountClipboardFormats: BF8D0427
 NtUserCreateAcceleratorTable: BF8BAD6D
 NtUserCreateCaret: BF868DA6
 NtUserCreateDesktop: BF89C0A4
 NtUserCreateInputContext: BF916737
 NtUserCreateLocalMemHandle: BF8CA4F2
 NtUserCreateWindowEx: BF83952B
 NtUserCreateWindowStation: BF89C6F7
 NtUserDdeGetQualityOfService: BF913F57
 NtUserDdeInitialize: BF89A675
 NtUserDdeSetQualityOfService: BF913E87
 NtUserDeferWindowPos: BF86EFD0
 NtUserDefSetText: BF86F964
 NtUserDeleteMenu: BF8691D2
 NtUserDestroyAcceleratorTable: BF8F905D
 NtUserDestroyCursor: BF8368D4
 NtUserDestroyInputContext: BF916787
 NtUserDestroyMenu: BF86869D
 NtUserDestroyWindow: BF844EB0
 NtUserDisableThreadIme: BF916EDD
 NtUserDispatchMessage: BF80EC0F
 NtUserDragDetect: BF914FC8
 NtUserDragObject: BF913400
 NtUserDrawAnimatedRects: BF914127
 NtUserDrawCaption: BF9141EA
 NtUserDrawCaptionTemp: BF8007C7
 NtUserDrawIconEx: BF83E461
 NtUserDrawMenuBarTemp: BF915195
 NtUserEmptyClipboard: BF8CF4F7
 NtUserEnableMenuItem: BF8C3113
 NtUserEnableScrollBar: BF913E02
 NtUserEndDeferWindowPosEx: BF82C3C9
 NtUserEndMenu: BF914293
 NtUserEndPaint: BF815845
 NtUserEnumDisplayDevices: BF879675
 NtUserEnumDisplayMonitors: BF834937
 NtUserEnumDisplaySettings: BF8B8CBB
 NtUserEvent: BF91368D
 NtUserExcludeUpdateRgn: BF8C4B2C
 NtUserFillWindow: BF8D02B9
 NtUserFindExistingCursorIcon: BF81B430
 NtUserFindWindowEx: BF8701F2
 NtUserFlashWindowEx: BF9172EA
 NtUserGetAltTabInfo: BF8CD59A
 NtUserGetAncestor: BF82C591
 NtUserGetAppImeLevel: BF916CDC
 NtUserGetAsyncKeyState: BF864F60
 NtUserGetAtomName: BF839707
 NtUserGetCaretBlinkTime: BF86F51C
 NtUserGetCaretPos: BF8C35A7
 NtUserGetClassInfo: BF840DA9
 NtUserGetClassName: BF823E29
 NtUserGetClipboardData: BF8CA32D
 NtUserGetClipboardFormatName: BF8EC6DC
 NtUserGetClipboardOwner: BF8CF5ED
 NtUserGetClipboardSequenceNumber: BF8C2D50
 NtUserGetClipboardViewer: BF9142D9
 NtUserGetClipCursor: BF913D6A
 NtUserGetComboBoxInfo: BF9139A0
 NtUserGetControlBrush: BF86E0EA
 NtUserGetControlColor: BF905C9E
 NtUserGetCPD: BF8213B3
 NtUserGetCursorFrameInfo: BF87428E
 NtUserGetCursorInfo: BF913ABD
 NtUserGetDC: BF804366
 NtUserGetDCEx: BF83C3DB
 NtUserGetDoubleClickTime: BF83D43E
 NtUserGetForegroundWindow: BF8209FD
 NtUserGetGuiResources: BF9134C9
 NtUserGetGUIThreadInfo: BF870B96
 NtUserGetIconInfo: BF8404F8
 NtUserGetIconSize: BF840648
 NtUserGetImeHotKey: BF916B9A
 NtUserGetImeInfoEx: BF916A0A
 NtUserGetInternalWindowPos: BF91371E
 NtUserGetKeyboardLayoutList: BF833C28
 NtUserGetKeyboardLayoutName: BF8F469A
 NtUserGetKeyboardState: BF8700AD
 NtUserGetKeyNameText: BF90DA3E
 NtUserGetKeyState: BF820CA8
 NtUserGetListBoxInfo: BF913A69
 NtUserGetMenuBarInfo: BF913BBA
 NtUserGetMenuIndex: BF914010
 NtUserGetMenuItemRect: BF914B44
 NtUserGetMessage: BF819C7B
 NtUserGetMouseMovePointsEx: BF91481F
 NtUserGetObjectInformation: BF819EF3
 NtUserGetOpenClipboardWindow: BF8D03FB
 NtUserGetPriorityClipboardFormat: BF914305
 NtUserGetProcessWindowStation: BF819D5E
 NtUserGetRawInputBuffer: BF917B6A
 NtUserGetRawInputData: BF91746A
 NtUserGetRawInputDeviceInfo: BF917644
 NtUserGetRawInputDeviceList: BF917939
 NtUserGetRegisteredRawInputDevices: BF917B2F
 NtUserGetScrollBarInfo: BF8BF0E0
 NtUserGetSystemMenu: BF83BAE9
 NtUserGetThreadDesktop: BF81A1A9
 NtUserGetThreadState: BF8238C4
 NtUserGetTitleBarInfo: BF83C665
 NtUserGetUpdateRect: BF83D26B
 NtUserGetUpdateRgn: BF8C2DFF
 NtUserGetWindowDC: BF803766
 NtUserGetWindowPlacement: BF8EBE79
 NtUserGetWOWClass: BF90FD1A
 NtUserHardErrorControl: BF91330A
 NtUserHideCaret: BF828C1C
 NtUserHiliteMenuItem: BF91438E
 NtUserImpersonateDdeClientWindow: BF915130
 NtUserInitialize: BF8B09CA
 NtUserInitializeClientPfnArrays: BF8AAF21
 NtUserInitTask: BF9137FD
 NtUserInternalGetWindowText: BF83C761
 NtUserInvalidateRect: BF814EDC
 NtUserInvalidateRgn: BF868643
 NtUserIsClipboardFormatAvailable: BF8C2D16
 NtUserKillTimer: BF80E8BD
 NtUserLoadKeyboardLayoutEx: BF88B684
 NtUserLockWindowStation: BF89C306
 NtUserLockWindowUpdate: BF8D5139
 NtUserLockWorkStation: BF9133E3
 NtUserMapVirtualKeyEx: BF8C6AC6
 NtUserMenuItemFromPoint: BF914C1B
 NtUserMessageCall: BF80EE53
 NtUserMinMaximize: BF91190F
 NtUserMNDragLeave: BF9144DE
 NtUserMNDragOver: BF91442E
 NtUserModifyUserStartupInfoFlags: BF8EB895
 NtUserMoveWindow: BF82EA17
 NtUserNotifyIMEStatus: BF916E78
 NtUserNotifyProcessCreate: BF84CB52
 NtUserNotifyWinEvent: BF8C30BE
 NtUserOpenClipboard: BF8C47A8
 NtUserOpenDesktop: BF8723A5
 NtUserOpenInputDesktop: BF898924
 NtUserOpenWindowStation: BF8EC0C1
 NtUserPaintDesktop: BF87C329
 NtUserPeekMessage: BF803655
 NtUserPostMessage: BF8082C7
 NtUserPostThreadMessage: BF8BAAD2
 NtUserPrintWindow: BF8B700D
 NtUserProcessConnect: BF84A88F
 NtUserQueryInformationThread: BF914CAD
 NtUserQueryInputContext: BF916884
 NtUserQuerySendMessage: BF91505B
 NtUserQueryUserCounters: BF916F81
 NtUserQueryWindow: BF80A0E2
 NtUserRealChildWindowFromPoint: BF913B7C
 NtUserRealInternalGetMessage: BF8983DC
 NtUserRealWaitMessageEx: BF914A84
 NtUserRedrawWindow: BF823A99
 NtUserRegisterClassExWOW: BF81F01E
 NtUserRegisterUserApiHook: BF89CAE3
 NtUserRegisterHotKey: BF8B6552
 NtUserRegisterRawInputDevices: BF917A83
 NtUserRegisterTasklist: BF91394E
 NtUserRegisterWindowMessage: BF80A386
 NtUserRemoveMenu: BF8B6F35
 NtUserRemoveProp: BF8341E7
 NtUserResolveDesktop: BF890F81
 NtUserResolveDesktopForWOW: BF917D7B
 NtUserSBGetParms: BF8BEF87
 NtUserScrollDC: BF84A19F
 NtUserScrollWindowEx: BF8EC7F5
 NtUserSelectPalette: BF82E49E
 NtUserSendInput: BF8C1C1C
 NtUserSetActiveWindow: BF86E35A
 NtUserSetAppImeLevel: BF916C71
 NtUserSetCapture: BF865FB4
 NtUserSetClassLong: BF8BEAFD
 NtUserSetClassWord: BF9144FB
 NtUserSetClipboardData: BF8CF789
 NtUserSetClipboardViewer: BF8CA0AD
 NtUserSetConsoleReserveKeys: BF87CE14
 NtUserSetCursor: BF820F23
 NtUserSetCursorContents: BF914AFD
 NtUserSetCursorIconData: BF84075A
 NtUserSetDbgTag: BF914093
 NtUserSetFocus: BF83CB57
 NtUserSetImeHotKey: BF88B5A4
 NtUserSetImeInfoEx: BF916AEF
 NtUserSetImeOwnerWindow: BF916D46
 NtUserSetInformationProcess: BF84C7B6
 NtUserSetInformationThread: BF87CBDE
 NtUserSetInternalWindowPos: BF913C89
 NtUserSetKeyboardState: BF8C4C0C
 NtUserSetLogonNotifyWindow: BF8A4CDB
 NtUserSetMenu: BF90D904
 NtUserSetMenuContextHelpId: BF9140B6
 NtUserSetMenuDefaultItem: BF8B6ECA
 NtUserSetMenuFlagRtoL: BF9140F3
 NtUserSetObjectInformation: BF913355
 NtUserSetParent: BF86DEA7
 NtUserSetProcessWindowStation: BF872795
 NtUserSetProp: BF828481
 NtUserSetRipFlags: BF914070
 NtUserSetScrollInfo: BF80E5FA
 NtUserSetShellWindowEx: BF8991C2
 NtUserSetSysColors: BF914536
 NtUserSetSystemCursor: BF914AC4
 NtUserSetSystemMenu: BF8F578B
 NtUserSetSystemTimer: BF915022
 NtUserSetThreadDesktop: BF8727ED
 NtUserSetThreadLayoutHandles: BF916DF7
 NtUserSetThreadState: BF86E0AE
 NtUserSetTimer: BF803A00
 NtUserSetWindowFNID: BF86DF52
 NtUserSetWindowLong: BF83437C
 NtUserSetWindowPlacement: BF88AE9A
 NtUserSetWindowPos: BF828228
 NtUserSetWindowRgn: BF83B864
 NtUserSetWindowsHookAW: BF873B18
 NtUserSetWindowsHookEx: BF873006
 NtUserSetWindowStationUser: BF89C1A3
 NtUserSetWindowWord: BF8F42BF
 NtUserSetWinEventHook: BF8EBCE7
 NtUserShowCaret: BF828C7E
 NtUserShowScrollBar: BF8C3CAD
 NtUserShowWindow: BF83383B
 NtUserShowWindowAsync: BF890E74
 NtUserSoundSentry: BF8EB98D
 NtUserSwitchDesktop: BF899461
 NtUserSystemParametersInfo: BF81E59B
 NtUserTestForInteractiveUser: BF90FEA5
 NtUserThunkedMenuInfo: BF8F56EC
 NtUserThunkedMenuItemInfo: BF844386
 NtUserToUnicodeEx: BF9148CF
 NtUserTrackMouseEvent: BF86C930
 NtUserTrackPopupMenuEx: BF9146EC
 NtUserCalcMenuBar: BF83C8CC
 NtUserPaintMenuBar: BF8EDC6E
 NtUserTranslateAccelerator: BF8CFD9F
 NtUserTranslateMessage: BF8646CE
 NtUserUnhookWindowsHookEx: BF873F3E
 NtUserUnhookWinEvent: BF8EBDC2
 NtUserUnloadKeyboardLayout: BF914F9A
 NtUserUnlockWindowStation: BF88EF32
 NtUserUnregisterClass: BF81F9D2
 NtUserUnregisterUserApiHook: BF89BF80
 NtUserUnregisterHotKey: BF9147E2
 NtUserUpdateInputContext: BF916834
 NtUserUpdateInstance: BF9135F8
 NtUserUpdateLayeredWindow: BF867814
 NtUserGetLayeredWindowAttributes: BF9173AC
 NtUserSetLayeredWindowAttributes: BF868779
 NtUserUpdatePerUserSystemParameters: BF8A1CFA
 NtUserUserHandleGrantAccess: BF914CF4
 NtUserValidateHandleSecure: BF8018F1
 NtUserValidateRect: BF8C74A2
 NtUserValidateTimerCallback: BF80A6AD
 NtUserVkKeyScanEx: BF8C25EF
 NtUserWaitForInputIdle: BF90F6E9
 NtUserWaitForMsgAndEvent: BF90E626
 NtUserWaitMessage: BF8036FC
 NtUserWin32PoolAllocationStats: BF91334B
 NtUserWindowFromPoint: BF821281
 NtUserYieldTask: BF90FE3D
 NtUserRemoteConnect: BF898D49
 NtUserRemoteRedrawRectangle: BF9131D2
 NtUserRemoteRedrawScreen: BF91321F
 NtUserRemoteStopScreenUpdates: BF913273
 NtUserCtxDisplayIOCtl: BF9132C0
 NtGdiEngAssociateSurface: BF8FA3D7
 NtGdiEngCreateBitmap: BF8FADCB
 NtGdiEngCreateDeviceSurface: BF8FA3A4
 NtGdiEngCreateDeviceBitmap: BF957AB2
 NtGdiEngCreatePalette: BF8E762D
 NtGdiEngComputeGlyphSet: BF904A32
 NtGdiEngCopyBits: BF95800E
 NtGdiEngDeletePalette: BF8E81B9
 NtGdiEngDeleteSurface: BF8FA32A
 NtGdiEngEraseSurface: BF957C38
 NtGdiEngUnlockSurface: BF8FE5E7
 NtGdiEngLockSurface: BF8FA7CD
 NtGdiEngBitBlt: BF9035C2
 NtGdiEngStretchBlt: BF8FE9C0
 NtGdiEngPlgBlt: BF958406
 NtGdiEngMarkBandingSurface: BF8FAE6D
 NtGdiEngStrokePath: BF8FBC67
 NtGdiEngFillPath: BF9585FD
 NtGdiEngStrokeAndFillPath: BF8FC8FC
 NtGdiEngPaint: BF958768
 NtGdiEngLineTo: BF958884
 NtGdiEngAlphaBlend: BF9589AD
 NtGdiEngGradientFill: BF958B2C
 NtGdiEngTransparentBlt: BF958D05
 NtGdiEngTextOut: BF8FD43C
 NtGdiEngStretchBltROP: BF9581AA
 NtGdiXLATEOBJ_cGetPalette: BF9597D2
 NtGdiXLATEOBJ_iXlate: BF95988E
 NtGdiXLATEOBJ_hGetColorTransform: BF959784
 NtGdiCLIPOBJ_bEnum: BF8FC164
 NtGdiCLIPOBJ_cEnumStart: BF8FC211
 NtGdiCLIPOBJ_ppoGetPath: BF957D29
 NtGdiEngDeletePath: BF957D67
 NtGdiEngCreateClip: BF957DA1
 NtGdiEngDeleteClip: BF957DD3
 NtGdiBRUSHOBJ_ulGetBrushColor: BF8FB7CF
 NtGdiBRUSHOBJ_pvAllocRbrush: BF958E71
 NtGdiBRUSHOBJ_pvGetRbrush: BF958EC2
 NtGdiBRUSHOBJ_hGetColorTransform: BF904AB8
 NtGdiXFORMOBJ_bApplyXform: BF904401
 NtGdiXFORMOBJ_iGetXform: BF8F96D4
 NtGdiFONTOBJ_vGetInfo: BF9045C2
 NtGdiFONTOBJ_pxoGetXform: BF8F963A
 NtGdiFONTOBJ_cGetGlyphs: BF904066
 NtGdiFONTOBJ_pifi: BF8F9845
 NtGdiFONTOBJ_pfdg: BF958FDB
 NtGdiFONTOBJ_pQueryGlyphAttrs: BF9590E2
 NtGdiFONTOBJ_pvTrueTypeFontFile: BF9596B4
 NtGdiFONTOBJ_cGetAllGlyphHandles: BF958F10
 NtGdiSTROBJ_bEnum: BF9591BA
 NtGdiSTROBJ_bEnumPositionsOnly: BF9047F0
 NtGdiSTROBJ_bGetAdvanceWidths: BF8F9958
 NtGdiSTROBJ_vEnumStart: BF90480E
 NtGdiSTROBJ_dwGetCodePage: BF9591D8
 NtGdiPATHOBJ_vGetBounds: BF9592C9
 NtGdiPATHOBJ_bEnum: BF95935A
 NtGdiPATHOBJ_vEnumStart: BF959467
 NtGdiPATHOBJ_vEnumStartClipLines: BF9594C3
 NtGdiPATHOBJ_bEnumClipLines: BF959581
 NtGdiGetDhpdev: BF957A8B
 NtGdiEngCheckAbort: BF957E0D
 NtGdiHT_Get8BPPFormatPalette: BF903EAB
 NtGdiHT_Get8BPPMaskPalette: BF957AF4
 NtGdiUpdateTransform: BF946057
 NtGdiSetPUMPDOBJ: BF8E5D45
 NtGdiBRUSHOBJ_DeleteRbrush: BF959226
 NtGdiUnmapMemFont: BF94D587
 NtGdiDrawStream: BF817D34

Driver PSINFile DrvObj 8211ACA8:
 DriverUnload patched by fltMgr.sys, addr F81ABF08

Driver PSINProc DrvObj 8211B268:
 DriverUnload patched by fltMgr.sys, addr F81ABF08

Driver wdmaud DrvObj 8211E880:
 Handler MJ_POWER patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DAD7C2
 Handler MJ_SYSTEM_CONTROL patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB64AB

Driver sysaudio DrvObj 8211E5F0:
 Handler MJ_CREATE patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB4F46
 Handler MJ_CLOSE patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB466F
 Handler MJ_WRITE patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB41DC
 Handler MJ_DEVICE_CONTROL patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB3F70
 Handler MJ_POWER patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DAD7C2
 Handler MJ_SYSTEM_CONTROL patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB64AB
Cannot read driver C:\Documents and Settings\Intel\Dokumenty\PCHunter_free\PCHunter_free\PCHunter32.sys, error -2

Driver kmixer DrvObj FB3D0030:
 Handler MJ_CREATE patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB4F46
 Handler MJ_CLOSE patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB466F
 Handler MJ_WRITE patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB41DC
 Handler MJ_DEVICE_CONTROL patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DB3F70
 Handler MJ_POWER patched by \SystemRoot\system32\DRIVERS\ks.sys, addr F7DAD7C2
Cannot find OPRGHDLR.SYS for IAT resolving of ACPIEC.sys
IAT dump_atapi.sys WMILIB.SYS.WmiSystemControl patched by \SystemRoot\System32\Drivers\dump_WMILIB.SYS, addr F89AF5C8
IAT dump_atapi.sys WMILIB.SYS.WmiCompleteRequest patched by \SystemRoot\System32\Drivers\dump_WMILIB.SYS, addr F89AF300
dump_atapi.sys has 2 patched IAT entries (total 122)

IPSec status 0
IPSecHandler:     AA148310 \SystemRoot\system32\DRIVERS\ipsec.sys
IPSecQueryStatus: AA1483B2 \SystemRoot\system32\DRIVERS\ipsec.sys
IPSecSendCmplt:   AA14F3A1 \SystemRoot\system32\DRIVERS\ipsec.sys
IPSecNdisStatus:  AA154D80 \SystemRoot\system32\DRIVERS\ipsec.sys
IPSecRcvFWPacket: AA14F6EE \SystemRoot\system32\DRIVERS\ipsec.sys

TDI PnP clients: 8 (readed 8)
[0]: version 2 
 PnPPowerHandler:   00000000 
 BindHandler:       00690070 
 UnBindHandler:     AA1099A0 \SystemRoot\system32\DRIVERS\tcpip.sys
 AddAddressHandler: AA127E93 \SystemRoot\system32\DRIVERS\tcpip.sys
 DelAddressHandler: 00000000 
[1]: version 2 NetBt
 PnPPowerHandler:   AA0E4C6C \SystemRoot\system32\DRIVERS\netbt.sys
 BindHandler:       00000000 
 UnBindHandler:     AA0E4D76 \SystemRoot\system32\DRIVERS\netbt.sys
 AddAddressHandler: AA0EA1DA \SystemRoot\system32\DRIVERS\netbt.sys
 DelAddressHandler: AA0EA253 \SystemRoot\system32\DRIVERS\netbt.sys
[2]: version 2 Netbios
 PnPPowerHandler:   F862B160 \SystemRoot\system32\DRIVERS\netbios.sys
 BindHandler:       00000070 
 UnBindHandler:     00000000 
 AddAddressHandler: 00000000 
 DelAddressHandler: F862A572 \SystemRoot\system32\DRIVERS\netbios.sys
[3]: version 2 AFD
 PnPPowerHandler:   00000000 
 BindHandler:       00000000 
 UnBindHandler:     AA0A9F51 \SystemRoot\System32\drivers\afd.sys
 AddAddressHandler: AA0AD7CC \SystemRoot\System32\drivers\afd.sys
 DelAddressHandler: AA0AD11E \SystemRoot\System32\drivers\afd.sys
[4]: version 2 Responder
 PnPPowerHandler:   A9D177E0 \SystemRoot\system32\DRIVERS\rspndr.sys
 BindHandler:       00000000 
 UnBindHandler:     A9D178CC \SystemRoot\system32\DRIVERS\rspndr.sys
 AddAddressHandler: A9D177E0 \SystemRoot\system32\DRIVERS\rspndr.sys
 DelAddressHandler: A9D177D6 \SystemRoot\system32\DRIVERS\rspndr.sys
[5]: version 827E0002 LanmanWorkStation
 PnPPowerHandler:   A9DC4E9C \SystemRoot\system32\DRIVERS\mrxsmb.sys
 BindHandler:       827E5F1C UNKNOWN
 UnBindHandler:     00000000 
 AddAddressHandler: 00000000 
 DelAddressHandler: A9DA59FF \SystemRoot\system32\DRIVERS\mrxsmb.sys
[6]: version 2 WebClient
 PnPPowerHandler:   A963D996 \SystemRoot\system32\DRIVERS\mrxdav.sys
 BindHandler:       01000010 
 UnBindHandler:     00000000 
 AddAddressHandler: 00000000 
 DelAddressHandler: 00000000 
[7]: version 530002 LanManServer
 PnPPowerHandler:   A92AAFB1 \SystemRoot\system32\DRIVERS\srv.sys
 BindHandler:       00720075 
 UnBindHandler:     00000000 
 AddAddressHandler: 00000000 
 DelAddressHandler: A929F710 \SystemRoot\system32\DRIVERS\srv.sys

check_ndis: 8 protocols, size of protocol 6C

NDIS Protocol[0]: RSPNDR
MajorNdisVersion 5
MinorNdisVersion 1
Flags 0
OpenAdapterCompleteHandler:  A9D0EBF4 \SystemRoot\system32\DRIVERS\rspndr.sys
CloseAdapterCompleteHandler: A9D0EBD0 \SystemRoot\system32\DRIVERS\rspndr.sys
SendCompleteHandler:         A9D0F8CE \SystemRoot\system32\DRIVERS\rspndr.sys
TransferDataCompleteHandler: A9D0ED8E \SystemRoot\system32\DRIVERS\rspndr.sys
ResetCompleteHandler:        00000000 
RequestCompleteHandler:      A9D0ECE4 \SystemRoot\system32\DRIVERS\rspndr.sys
ReceiveHandler:              A9D0EFDE \SystemRoot\system32\DRIVERS\rspndr.sys
ReceiveCompleteHandler:      A9D0EBEC \SystemRoot\system32\DRIVERS\rspndr.sys
StatusHandler:               A9D0F934 \SystemRoot\system32\DRIVERS\rspndr.sys
StatusCompleteHandler:       A9D0EBEC \SystemRoot\system32\DRIVERS\rspndr.sys
ReceivePacketHandler:        A9D0F59E \SystemRoot\system32\DRIVERS\rspndr.sys
BindAdapterHandler:          A9D0E89C \SystemRoot\system32\DRIVERS\rspndr.sys
UnbindAdapterHandler:        A9D0EC3C \SystemRoot\system32\DRIVERS\rspndr.sys
PnPEventHandler:             A9D0EC16 \SystemRoot\system32\DRIVERS\rspndr.sys
UnloadHandler:               00000000 
CoSendCompleteHandler:       00000000 
CoStatusHandler:             00000000 
CoReceivePacketHandler:      00000000 
CoAfRegisterNotifyHandler:   00000000 

NDIS Protocol[1]: NDISUIO
MajorNdisVersion 5
MinorNdisVersion 0
Flags 0
OpenAdapterCompleteHandler:  A9C3668E \SystemRoot\system32\DRIVERS\ndisuio.sys
CloseAdapterCompleteHandler: A9C366B4 \SystemRoot\system32\DRIVERS\ndisuio.sys
SendCompleteHandler:         A9C3818A \SystemRoot\system32\DRIVERS\ndisuio.sys
TransferDataCompleteHandler: A9C37E4A \SystemRoot\system32\DRIVERS\ndisuio.sys
ResetCompleteHandler:        A9C3699E \SystemRoot\system32\DRIVERS\ndisuio.sys
RequestCompleteHandler:      A9C369A6 \SystemRoot\system32\DRIVERS\ndisuio.sys
ReceiveHandler:              A9C37FBC \SystemRoot\system32\DRIVERS\ndisuio.sys
ReceiveCompleteHandler:      A9C36AC6 \SystemRoot\system32\DRIVERS\ndisuio.sys
StatusHandler:               A9C369C8 \SystemRoot\system32\DRIVERS\ndisuio.sys
StatusCompleteHandler:       A9C36AC6 \SystemRoot\system32\DRIVERS\ndisuio.sys
ReceivePacketHandler:        A9C37EB4 \SystemRoot\system32\DRIVERS\ndisuio.sys
BindAdapterHandler:          A9C37378 \SystemRoot\system32\DRIVERS\ndisuio.sys
UnbindAdapterHandler:        A9C37010 \SystemRoot\system32\DRIVERS\ndisuio.sys
PnPEventHandler:             A9C36DBA \SystemRoot\system32\DRIVERS\ndisuio.sys
UnloadHandler:               00000000 
CoSendCompleteHandler:       00000000 
CoStatusHandler:             00000000 
CoReceivePacketHandler:      00000000 
CoAfRegisterNotifyHandler:   00000000 

NDIS Protocol[2]: TCPIP_WANARP
MajorNdisVersion 4
MinorNdisVersion 0
Flags 0
OpenAdapterCompleteHandler:  F865B412 \SystemRoot\system32\DRIVERS\wanarp.sys
CloseAdapterCompleteHandler: F865B006 \SystemRoot\system32\DRIVERS\wanarp.sys
SendCompleteHandler:         F865A7E6 \SystemRoot\system32\DRIVERS\wanarp.sys
TransferDataCompleteHandler: F865A06A \SystemRoot\system32\DRIVERS\wanarp.sys
ResetCompleteHandler:        F865A5B0 \SystemRoot\system32\DRIVERS\wanarp.sys
RequestCompleteHandler:      F86557C6 \SystemRoot\system32\DRIVERS\wanarp.sys
ReceiveHandler:              F865A2DC \SystemRoot\system32\DRIVERS\wanarp.sys
ReceiveCompleteHandler:      F865A052 \SystemRoot\system32\DRIVERS\wanarp.sys
StatusHandler:               F86581DE \SystemRoot\system32\DRIVERS\wanarp.sys
StatusCompleteHandler:       F8657282 \SystemRoot\system32\DRIVERS\wanarp.sys
ReceivePacketHandler:        F865A26C \SystemRoot\system32\DRIVERS\wanarp.sys
BindAdapterHandler:          F8655334 \SystemRoot\system32\DRIVERS\wanarp.sys
UnbindAdapterHandler:        F865B3C8 \SystemRoot\system32\DRIVERS\wanarp.sys
PnPEventHandler:             F8656154 \SystemRoot\system32\DRIVERS\wanarp.sys
UnloadHandler:               F865820C \SystemRoot\system32\DRIVERS\wanarp.sys
CoSendCompleteHandler:       00000000 
CoStatusHandler:             00000000 
CoReceivePacketHandler:      00000000 
CoAfRegisterNotifyHandler:   00000000 

NDIS Protocol[3]: TCPIP
MajorNdisVersion 4
MinorNdisVersion 0
Flags 0
OpenAdapterCompleteHandler:  AA11D3C6 \SystemRoot\system32\DRIVERS\tcpip.sys
CloseAdapterCompleteHandler: AA11D3E5 \SystemRoot\system32\DRIVERS\tcpip.sys
SendCompleteHandler:         AA0F27F0 \SystemRoot\system32\DRIVERS\tcpip.sys
TransferDataCompleteHandler: AA11D404 \SystemRoot\system32\DRIVERS\tcpip.sys
ResetCompleteHandler:        AA11D426 \SystemRoot\system32\DRIVERS\tcpip.sys
RequestCompleteHandler:      AA0F8B80 \SystemRoot\system32\DRIVERS\tcpip.sys
ReceiveHandler:              AA0F46B5 \SystemRoot\system32\DRIVERS\tcpip.sys
ReceiveCompleteHandler:      AA0EF7F3 \SystemRoot\system32\DRIVERS\tcpip.sys
StatusHandler:               AA108A7F \SystemRoot\system32\DRIVERS\tcpip.sys
StatusCompleteHandler:       AA108977 \SystemRoot\system32\DRIVERS\tcpip.sys
ReceivePacketHandler:        AA0EF800 \SystemRoot\system32\DRIVERS\tcpip.sys
BindAdapterHandler:          AA106575 \SystemRoot\system32\DRIVERS\tcpip.sys
UnbindAdapterHandler:        AA11D930 \SystemRoot\system32\DRIVERS\tcpip.sys
PnPEventHandler:             AA103715 \SystemRoot\system32\DRIVERS\tcpip.sys
UnloadHandler:               00000000 
CoSendCompleteHandler:       00000000 
CoStatusHandler:             00000000 
CoReceivePacketHandler:      00000000 
CoAfRegisterNotifyHandler:   00000000 

NDIS Protocol[4]: NDPROXY
MajorNdisVersion 5
MinorNdisVersion 0
Flags C0000000
OpenAdapterCompleteHandler:  F85D6ACE \SystemRoot\System32\Drivers\NDProxy.SYS
CloseAdapterCompleteHandler: F85D6F3E \SystemRoot\System32\Drivers\NDProxy.SYS
SendCompleteHandler:         F85D6320 \SystemRoot\System32\Drivers\NDProxy.SYS
TransferDataCompleteHandler: F85D73E0 \SystemRoot\System32\Drivers\NDProxy.SYS
ResetCompleteHandler:        F85D73E8 \SystemRoot\System32\Drivers\NDProxy.SYS
RequestCompleteHandler:      F85D6F7A \SystemRoot\System32\Drivers\NDProxy.SYS
ReceiveHandler:              00000000 
ReceiveCompleteHandler:      F85D73F0 \SystemRoot\System32\Drivers\NDProxy.SYS
StatusHandler:               00000000 
StatusCompleteHandler:       F85D73F0 \SystemRoot\System32\Drivers\NDProxy.SYS
ReceivePacketHandler:        00000000 
BindAdapterHandler:          F85D665E \SystemRoot\System32\Drivers\NDProxy.SYS
UnbindAdapterHandler:        F85D6B00 \SystemRoot\System32\Drivers\NDProxy.SYS
PnPEventHandler:             F85D7586 \SystemRoot\System32\Drivers\NDProxy.SYS
UnloadHandler:               F85D739E \SystemRoot\System32\Drivers\NDProxy.SYS
CoSendCompleteHandler:       00000000 
CoStatusHandler:             F85D786E \SystemRoot\System32\Drivers\NDProxy.SYS
CoReceivePacketHandler:      F85D73F8 \SystemRoot\System32\Drivers\NDProxy.SYS
CoAfRegisterNotifyHandler:   F85D6F9C \SystemRoot\System32\Drivers\NDProxy.SYS

NDIS Protocol[5]: PSCHED
MajorNdisVersion 5
MinorNdisVersion 0
Flags 0
OpenAdapterCompleteHandler:  F7CB645A \SystemRoot\system32\DRIVERS\psched.sys
CloseAdapterCompleteHandler: F7CB66FC \SystemRoot\system32\DRIVERS\psched.sys
SendCompleteHandler:         F7CBEB62 \SystemRoot\system32\DRIVERS\psched.sys
TransferDataCompleteHandler: F7CBE110 \SystemRoot\system32\DRIVERS\psched.sys
ResetCompleteHandler:        F7CBDD72 \SystemRoot\system32\DRIVERS\psched.sys
RequestCompleteHandler:      F7CBD6FA \SystemRoot\system32\DRIVERS\psched.sys
ReceiveHandler:              F7CBE41C \SystemRoot\system32\DRIVERS\psched.sys
ReceiveCompleteHandler:      F7CBE646 \SystemRoot\system32\DRIVERS\psched.sys
StatusHandler:               F7CBFD18 \SystemRoot\system32\DRIVERS\psched.sys
StatusCompleteHandler:       F7CBFDF8 \SystemRoot\system32\DRIVERS\psched.sys
ReceivePacketHandler:        F7CBE228 \SystemRoot\system32\DRIVERS\psched.sys
BindAdapterHandler:          F7CB7CF2 \SystemRoot\system32\DRIVERS\psched.sys
UnbindAdapterHandler:        F7CB709E \SystemRoot\system32\DRIVERS\psched.sys
PnPEventHandler:             F7CBDE82 \SystemRoot\system32\DRIVERS\psched.sys
UnloadHandler:               F7CB6734 \SystemRoot\system32\DRIVERS\psched.sys
CoSendCompleteHandler:       F7CBEE62 \SystemRoot\system32\DRIVERS\psched.sys
CoStatusHandler:             F7CBDDE4 \SystemRoot\system32\DRIVERS\psched.sys
CoReceivePacketHandler:      F7CBE6B6 \SystemRoot\system32\DRIVERS\psched.sys
CoAfRegisterNotifyHandler:   F7CBDFB6 \SystemRoot\system32\DRIVERS\psched.sys

NDIS Protocol[6]: RASPPPOE
MajorNdisVersion 4
MinorNdisVersion 0
Flags 1
OpenAdapterCompleteHandler:  F858A4C0 \SystemRoot\system32\DRIVERS\raspppoe.sys
CloseAdapterCompleteHandler: F858A55E \SystemRoot\system32\DRIVERS\raspppoe.sys
SendCompleteHandler:         F858A680 \SystemRoot\system32\DRIVERS\raspppoe.sys
TransferDataCompleteHandler: F858A6EC \SystemRoot\system32\DRIVERS\raspppoe.sys
ResetCompleteHandler:        00000000 
RequestCompleteHandler:      F858A4E6 \SystemRoot\system32\DRIVERS\raspppoe.sys
ReceiveHandler:              F858AD5C \SystemRoot\system32\DRIVERS\raspppoe.sys
ReceiveCompleteHandler:      F858A7C4 \SystemRoot\system32\DRIVERS\raspppoe.sys
StatusHandler:               F858A8EC \SystemRoot\system32\DRIVERS\raspppoe.sys
StatusCompleteHandler:       00000000 
ReceivePacketHandler:        F858A6AA \SystemRoot\system32\DRIVERS\raspppoe.sys
BindAdapterHandler:          F858AF12 \SystemRoot\system32\DRIVERS\raspppoe.sys
UnbindAdapterHandler:        F858AFE8 \SystemRoot\system32\DRIVERS\raspppoe.sys
PnPEventHandler:             F858A90C \SystemRoot\system32\DRIVERS\raspppoe.sys
UnloadHandler:               F858A49C \SystemRoot\system32\DRIVERS\raspppoe.sys
CoSendCompleteHandler:       00000000 
CoStatusHandler:             00000000 
CoReceivePacketHandler:      00000000 
CoAfRegisterNotifyHandler:   00000000 

NDIS Protocol[7]: NDISWAN
MajorNdisVersion 5
MinorNdisVersion 0
Flags 0
OpenAdapterCompleteHandler:  F7CC90B8 \SystemRoot\system32\DRIVERS\ndiswan.sys
CloseAdapterCompleteHandler: F7CD3B97 \SystemRoot\system32\DRIVERS\ndiswan.sys
SendCompleteHandler:         F7CD473B \SystemRoot\system32\DRIVERS\ndiswan.sys
TransferDataCompleteHandler: 00000000 
ResetCompleteHandler:        F7CD3BD7 \SystemRoot\system32\DRIVERS\ndiswan.sys
RequestCompleteHandler:      F7CC8354 \SystemRoot\system32\DRIVERS\ndiswan.sys
ReceiveHandler:              F7CD3C65 \SystemRoot\system32\DRIVERS\ndiswan.sys
ReceiveCompleteHandler:      F7CD3BFC \SystemRoot\system32\DRIVERS\ndiswan.sys
StatusHandler:               F7CD3C04 \SystemRoot\system32\DRIVERS\ndiswan.sys
StatusCompleteHandler:       F7CD3BFC \SystemRoot\system32\DRIVERS\ndiswan.sys
ReceivePacketHandler:        00000000 
BindAdapterHandler:          F7CC9122 \SystemRoot\system32\DRIVERS\ndiswan.sys
UnbindAdapterHandler:        F7CD4A5D \SystemRoot\system32\DRIVERS\ndiswan.sys
PnPEventHandler:             F7CC9AA7 \SystemRoot\system32\DRIVERS\ndiswan.sys
UnloadHandler:               F7CC9B06 \SystemRoot\system32\DRIVERS\ndiswan.sys
CoSendCompleteHandler:       F7CD47B0 \SystemRoot\system32\DRIVERS\ndiswan.sys
CoStatusHandler:             F7CD3E02 \SystemRoot\system32\DRIVERS\ndiswan.sys
CoReceivePacketHandler:      F7CD3EE6 \SystemRoot\system32\DRIVERS\ndiswan.sys
CoAfRegisterNotifyHandler:   F7CC8387 \SystemRoot\system32\DRIVERS\ndiswan.sys
check_ndis: 8 minidrivers, size of minidriver 7C, sizeof(ndis50) 7C, sizeof(ndis52) B4

NDIS MiniDriver[0] 82B7F7E0
MajorNdisVersion: 5
MinorNdisVersion: 0
CheckForHangHandler:     00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
HaltHandler              F87B77F8 \SystemRoot\system32\DRIVERS\raspti.sys
HandleInterruptHandler:  00000000 
InitializeHandler:       F87B71FC \SystemRoot\system32\DRIVERS\raspti.sys
ISRHandler:              00000000 
QueryInformationHandler: 00000000 
ReconfigureHandler:      00000000 
ResetHandler:            F87B6D4E \SystemRoot\system32\DRIVERS\raspti.sys
SendHandler:             00000000 
SetInformationHandler:   00000000 
TransferDataHandler:     00000000 
ReturnPacketHandler:     F87B6D56 \SystemRoot\system32\DRIVERS\raspti.sys
SendPacketsHandler:      00000000 
AllocateCompleteHandler: 00000000 
CoCreateVcHandler:       00000000 
CoDeleteVcHandler:       00000000 
CoActivateVcHandler:     F87B6DB0 \SystemRoot\system32\DRIVERS\raspti.sys
CoDeactivateVcHandler:   F87B6DB6 \SystemRoot\system32\DRIVERS\raspti.sys
CoSendPacketsHandler:    F87B780E \SystemRoot\system32\DRIVERS\raspti.sys
CoRequestHandler:        F87B73CA \SystemRoot\system32\DRIVERS\raspti.sys

NDIS MiniDriver[1] 82AC7800
MajorNdisVersion: 5
MinorNdisVersion: 0
CheckForHangHandler:     00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
HaltHandler              F7CB7204 \SystemRoot\system32\DRIVERS\psched.sys
HandleInterruptHandler:  00000000 
InitializeHandler:       F7CB6E82 \SystemRoot\system32\DRIVERS\psched.sys
ISRHandler:              00000000 
QueryInformationHandler: F7CBDB96 \SystemRoot\system32\DRIVERS\psched.sys
ReconfigureHandler:      00000000 
ResetHandler:            F7CB673A \SystemRoot\system32\DRIVERS\psched.sys
SendHandler:             F7CBEE82 \SystemRoot\system32\DRIVERS\psched.sys
SetInformationHandler:   F7CBDC24 \SystemRoot\system32\DRIVERS\psched.sys
TransferDataHandler:     F7CBE0CA \SystemRoot\system32\DRIVERS\psched.sys
ReturnPacketHandler:     F7CBE086 \SystemRoot\system32\DRIVERS\psched.sys
SendPacketsHandler:      00000000 
AllocateCompleteHandler: 00000000 
CoCreateVcHandler:       00000000 
CoDeleteVcHandler:       00000000 
CoActivateVcHandler:     00000000 
CoDeactivateVcHandler:   00000000 
CoSendPacketsHandler:    00000000 
CoRequestHandler:        00000000 

NDIS MiniDriver[2] 82B81A48
MajorNdisVersion: 4
MinorNdisVersion: 0
CheckForHangHandler:     00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
HaltHandler              F859AB8E \SystemRoot\system32\DRIVERS\raspptp.sys
HandleInterruptHandler:  00000000 
InitializeHandler:       F859606F \SystemRoot\system32\DRIVERS\raspptp.sys
ISRHandler:              00000000 
QueryInformationHandler: F85957C6 \SystemRoot\system32\DRIVERS\raspptp.sys
ReconfigureHandler:      00000000 
ResetHandler:            F859ACB1 \SystemRoot\system32\DRIVERS\raspptp.sys
SendHandler:             F859AE15 \SystemRoot\system32\DRIVERS\raspptp.sys
SetInformationHandler:   F859ACBE \SystemRoot\system32\DRIVERS\raspptp.sys
TransferDataHandler:     00000000 
ReturnPacketHandler:     00000000 
SendPacketsHandler:      00000000 
AllocateCompleteHandler: 00000000 

NDIS MiniDriver[3] 82A57B80
MajorNdisVersion: 4
MinorNdisVersion: 0
CheckForHangHandler:     00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
HaltHandler              F8585F24 \SystemRoot\system32\DRIVERS\raspppoe.sys
HandleInterruptHandler:  00000000 
InitializeHandler:       F8585E6E \SystemRoot\system32\DRIVERS\raspppoe.sys
ISRHandler:              00000000 
QueryInformationHandler: F8586AEE \SystemRoot\system32\DRIVERS\raspppoe.sys
ReconfigureHandler:      00000000 
ResetHandler:            F8585FD2 \SystemRoot\system32\DRIVERS\raspppoe.sys
SendHandler:             F8585FE0 \SystemRoot\system32\DRIVERS\raspppoe.sys
SetInformationHandler:   F8586EE0 \SystemRoot\system32\DRIVERS\raspppoe.sys
TransferDataHandler:     00000000 
ReturnPacketHandler:     00000000 
SendPacketsHandler:      00000000 
AllocateCompleteHandler: 00000000 

NDIS MiniDriver[4] 82AC8A88
MajorNdisVersion: 5
MinorNdisVersion: 0
CheckForHangHandler:     00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
HaltHandler              F7CD394A \SystemRoot\system32\DRIVERS\ndiswan.sys
HandleInterruptHandler:  00000000 
InitializeHandler:       F7CC95E5 \SystemRoot\system32\DRIVERS\ndiswan.sys
ISRHandler:              00000000 
QueryInformationHandler: 00000000 
ReconfigureHandler:      F7CD3A4F \SystemRoot\system32\DRIVERS\ndiswan.sys
ResetHandler:            F7CD3A73 \SystemRoot\system32\DRIVERS\ndiswan.sys
SendHandler:             00000000 
SetInformationHandler:   00000000 
TransferDataHandler:     00000000 
ReturnPacketHandler:     F7CD3ABF \SystemRoot\system32\DRIVERS\ndiswan.sys
SendPacketsHandler:      F7CD3AD8 \SystemRoot\system32\DRIVERS\ndiswan.sys
AllocateCompleteHandler: 00000000 
CoCreateVcHandler:       F7CD3B08 \SystemRoot\system32\DRIVERS\ndiswan.sys
CoDeleteVcHandler:       F7CD3B12 \SystemRoot\system32\DRIVERS\ndiswan.sys
CoActivateVcHandler:     F7CD3B1C \SystemRoot\system32\DRIVERS\ndiswan.sys
CoDeactivateVcHandler:   F7CD3B12 \SystemRoot\system32\DRIVERS\ndiswan.sys
CoSendPacketsHandler:    F7CD3B26 \SystemRoot\system32\DRIVERS\ndiswan.sys
CoRequestHandler:        F7CC884A \SystemRoot\system32\DRIVERS\ndiswan.sys

NDIS MiniDriver[5] 82B03010
MajorNdisVersion: 5
MinorNdisVersion: 0
CheckForHangHandler:     00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
HaltHandler              F857A50C \SystemRoot\system32\DRIVERS\rasl2tp.sys
HandleInterruptHandler:  00000000 
InitializeHandler:       F8575A8E \SystemRoot\system32\DRIVERS\rasl2tp.sys
ISRHandler:              00000000 
QueryInformationHandler: 00000000 
ReconfigureHandler:      00000000 
ResetHandler:            F857A2EA \SystemRoot\system32\DRIVERS\rasl2tp.sys
SendHandler:             00000000 
SetInformationHandler:   00000000 
TransferDataHandler:     00000000 
ReturnPacketHandler:     F857A3B0 \SystemRoot\system32\DRIVERS\rasl2tp.sys
SendPacketsHandler:      00000000 
AllocateCompleteHandler: 00000000 
CoCreateVcHandler:       00000000 
CoDeleteVcHandler:       00000000 
CoActivateVcHandler:     F857A2F7 \SystemRoot\system32\DRIVERS\rasl2tp.sys
CoDeactivateVcHandler:   F857A301 \SystemRoot\system32\DRIVERS\rasl2tp.sys
CoSendPacketsHandler:    F857A30B \SystemRoot\system32\DRIVERS\rasl2tp.sys
CoRequestHandler:        F8575305 \SystemRoot\system32\DRIVERS\rasl2tp.sys

NDIS MiniDriver[6] 82AEA7C8
MajorNdisVersion: 5
MinorNdisVersion: 1
CheckForHangHandler:      F7E54940 \SystemRoot\system32\DRIVERS\ar5211.sys
DisableInterruptHandler:  00000000 
EnableInterruptHandler:   00000000 
HaltHandler               F7E56D10 \SystemRoot\system32\DRIVERS\ar5211.sys
HandleInterruptHandler:   F7E5C1E0 \SystemRoot\system32\DRIVERS\ar5211.sys
InitializeHandler:        F7E56490 \SystemRoot\system32\DRIVERS\ar5211.sys
ISRHandler:               F7E5C050 \SystemRoot\system32\DRIVERS\ar5211.sys
QueryInformationHandler:  F7E63F2F \SystemRoot\system32\DRIVERS\ar5211.sys
ReconfigureHandler:       00000000 
ResetHandler:             F7E562C0 \SystemRoot\system32\DRIVERS\ar5211.sys
SendHandler:              00000000 
SetInformationHandler:    F7E61D00 \SystemRoot\system32\DRIVERS\ar5211.sys
TransferDataHandler:      00000000 
ReturnPacketHandler:      F7E54910 \SystemRoot\system32\DRIVERS\ar5211.sys
SendPacketsHandler:       F7E67E20 \SystemRoot\system32\DRIVERS\ar5211.sys
AllocateCompleteHandler:  00000000 
CoCreateVcHandler:        00000000 
CoDeleteVcHandler:        00000000 
CoActivateVcHandler:      00000000 
CoDeactivateVcHandler:    00000000 
CoSendPacketsHandler:     00000000 
CoRequestHandler:         00000000 
CancelSendPacketsHandler: 00000000 
PnPEventNotifyHandler:    F7E54BD0 \SystemRoot\system32\DRIVERS\ar5211.sys
AdapterShutdownHandler:   F7E560B0 \SystemRoot\system32\DRIVERS\ar5211.sys

NDIS MiniDriver[7] 82AEA010
MajorNdisVersion: 5
MinorNdisVersion: 1
CheckForHangHandler:      00000000 
DisableInterruptHandler:  00000000 
EnableInterruptHandler:   00000000 
HaltHandler               F84F78E0 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
HandleInterruptHandler:   F84F8430 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
InitializeHandler:        F84F96E3 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
ISRHandler:               F84F57C0 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
QueryInformationHandler:  F84F79B0 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
ReconfigureHandler:       00000000 
ResetHandler:             F84F7950 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
SendHandler:              00000000 
SetInformationHandler:    F84F8EF0 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
TransferDataHandler:      00000000 
ReturnPacketHandler:      F84F6040 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
SendPacketsHandler:       F84F9650 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
AllocateCompleteHandler:  00000000 
CoCreateVcHandler:        00000000 
CoDeleteVcHandler:        00000000 
CoActivateVcHandler:      00000000 
CoDeactivateVcHandler:    00000000 
CoSendPacketsHandler:     00000000 
CoRequestHandler:         00000000 
CancelSendPacketsHandler: 00000000 
PnPEventNotifyHandler:    00000000 
AdapterShutdownHandler:   F84F8E00 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys

check_ndis: 11 miniports, size of miniport 19C
check_ndis: read 11 miniports, total 11E8

NDIS MiniPort[0] \DEVICE\{90132325-B8B2-4B56-9516-0BDA929E4E00}
MediaType:   CoWan
BusType:     Isa
AdapterType: Internal
Interrupt:   00000000
PacketIndicateHandler:   F80D3704 NDIS.sys
SendCompleteHandler:     F80CABB0 NDIS.sys
SendResourcesHandler:    F80D19B7 NDIS.sys
ResetCompleteHandler:    F80D3022 NDIS.sys
HandleInterruptHandler:  00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
SendPacketsHandler:      F80CD25F NDIS.sys
DeferredSendHandler:     F80CB9A8 NDIS.sys
EthRxIndicateHandler:    F80D8AF6 NDIS.sys
TrRxIndicateHandler:     F80D91F1 NDIS.sys
FddiRxIndicateHandler:   F80D71F7 NDIS.sys
EthRxCompleteHandler:    F80D8971 NDIS.sys
TrRxCompleteHandler:     F80D9A2D NDIS.sys
FddiRxCompleteHandler:   F80D67FC NDIS.sys
StatusHandler:           F80CF9EF NDIS.sys
StatusCompleteHandler:   F80CFC2D NDIS.sys
TDCompleteHandler:       F80CBF55 NDIS.sys
QueryCompleteHandler:    F80CE898 NDIS.sys
SetCompleteHandler:      F80CEC74 NDIS.sys
WanSendCompleteHandler:  F80CC27E NDIS.sys
WanRcvHandler:           F80D2834 NDIS.sys
WanRcvCompleteHandler:   F80D28D4 NDIS.sys
AdapterInstanceName: P
NDIS MiniPort[1] \DEVICE\{F55358EB-9EB3-4DFD-8D00-D892E1B8C4C5}
MediaType:   802_3
BusType:     Internal
AdapterType: Internal
Interrupt:   00000000
PacketIndicateHandler:   00000000 
SendCompleteHandler:     00000000 
SendResourcesHandler:    00000000 
ResetCompleteHandler:    00000000 
HandleInterruptHandler:  00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
SendPacketsHandler:      00000000 
DeferredSendHandler:     00000000 
EthRxIndicateHandler:    00000000 
TrRxIndicateHandler:     00000000 
FddiRxIndicateHandler:   00000000 
EthRxCompleteHandler:    00000000 
TrRxCompleteHandler:     00000000 
FddiRxCompleteHandler:   00000000 
StatusHandler:           00000000 
StatusCompleteHandler:   00000000 
TDCompleteHandler:       00000000 
QueryCompleteHandler:    00000000 
SetCompleteHandler:      00000000 
WanSendCompleteHandler:  00000000 
WanRcvHandler:           00000000 
WanRcvCompleteHandler:   00000000 
AdapterInstanceName: Bluetooth LAN Access Server Driver - Packet Scheduler Miniport
BaseName: {F55358EB-9EB3-4DFD-8D00-D892E1B8C4C5}
SymbolicLinkName: 

NDIS MiniPort[2] \DEVICE\{212149EF-B85A-4FED-8188-327C990AB58C}
MediaType:   802_3
BusType:     Isa
AdapterType: Internal
Interrupt:   00000000
PacketIndicateHandler:   F80D7B21 NDIS.sys
SendCompleteHandler:     F80CABB0 NDIS.sys
SendResourcesHandler:    F80D19B7 NDIS.sys
ResetCompleteHandler:    F80D3022 NDIS.sys
HandleInterruptHandler:  00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
SendPacketsHandler:      F80CD25F NDIS.sys
DeferredSendHandler:     F80CB9A8 NDIS.sys
EthRxIndicateHandler:    F80D8AF6 NDIS.sys
TrRxIndicateHandler:     F80D91F1 NDIS.sys
FddiRxIndicateHandler:   F80D71F7 NDIS.sys
EthRxCompleteHandler:    F80D8971 NDIS.sys
TrRxCompleteHandler:     F80D9A2D NDIS.sys
FddiRxCompleteHandler:   F80D67FC NDIS.sys
StatusHandler:           F80CF9EF NDIS.sys
StatusCompleteHandler:   F80CFC2D NDIS.sys
TDCompleteHandler:       F80CBF55 NDIS.sys
QueryCompleteHandler:    F80CE898 NDIS.sys
SetCompleteHandler:      F80CEC74 NDIS.sys
WanSendCompleteHandler:  F80CC27E NDIS.sys
WanRcvHandler:           F80D2834 NDIS.sys
WanRcvCompleteHandler:   F80D28D4 NDIS.sys
AdapterInstanceName: Atheros AR5005G Wireless Network Adapter - Packet Scheduler Miniport
BaseName: {212149EF-B85A-4FED-8188-327C990AB58C}
SymbolicLinkName: \??\Root#MS_PSCHEDMP#0002#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{212149EF-B85A-4FED-8188-327C990AB58C}

NDIS MiniPort[3] \DEVICE\{D6FD3E4A-1AC1-4304-AAF2-37E7D8D1BE4B}
MediaType:   802_3
BusType:     Isa
AdapterType: Internal
Interrupt:   00000000
PacketIndicateHandler:   F80B9A0D NDIS.sys
SendCompleteHandler:     F80CABB0 NDIS.sys
SendResourcesHandler:    F80D19B7 NDIS.sys
ResetCompleteHandler:    F80D3022 NDIS.sys
HandleInterruptHandler:  00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
SendPacketsHandler:      F80CD25F NDIS.sys
DeferredSendHandler:     F80CB9A8 NDIS.sys
EthRxIndicateHandler:    F80D8AF6 NDIS.sys
TrRxIndicateHandler:     F80D91F1 NDIS.sys
FddiRxIndicateHandler:   F80D71F7 NDIS.sys
EthRxCompleteHandler:    F80D8971 NDIS.sys
TrRxCompleteHandler:     F80D9A2D NDIS.sys
FddiRxCompleteHandler:   F80D67FC NDIS.sys
StatusHandler:           F80CF9EF NDIS.sys
StatusCompleteHandler:   F80CFC2D NDIS.sys
TDCompleteHandler:       F80CBF55 NDIS.sys
QueryCompleteHandler:    F80CE898 NDIS.sys
SetCompleteHandler:      F80CEC74 NDIS.sys
WanSendCompleteHandler:  F80CC27E NDIS.sys
WanRcvHandler:           F80D2834 NDIS.sys
WanRcvCompleteHandler:   F80D28D4 NDIS.sys
AdapterInstanceName: Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
BaseName: {D6FD3E4A-1AC1-4304-AAF2-37E7D8D1BE4B}
SymbolicLinkName: \??\Root#MS_PSCHEDMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{D6FD3E4A-1AC1-4304-AAF2-37E7D8D1BE4B}

NDIS MiniPort[4] \DEVICE\{A4A254D3-3B47-45EB-83F7-72D4644B9F21}
MediaType:   802_3
BusType:     Isa
AdapterType: Internal
Interrupt:   00000000
PacketIndicateHandler:   F80D7B21 NDIS.sys
SendCompleteHandler:     F80CABB0 NDIS.sys
SendResourcesHandler:    F80D19B7 NDIS.sys
ResetCompleteHandler:    F80D3022 NDIS.sys
HandleInterruptHandler:  00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
SendPacketsHandler:      F80CD25F NDIS.sys
DeferredSendHandler:     F80CB9A8 NDIS.sys
EthRxIndicateHandler:    F80D8AF6 NDIS.sys
TrRxIndicateHandler:     F80D91F1 NDIS.sys
FddiRxIndicateHandler:   F80D71F7 NDIS.sys
EthRxCompleteHandler:    F80D8971 NDIS.sys
TrRxCompleteHandler:     F80D9A2D NDIS.sys
FddiRxCompleteHandler:   F80D67FC NDIS.sys
StatusHandler:           F80CF9EF NDIS.sys
StatusCompleteHandler:   F80CFC2D NDIS.sys
TDCompleteHandler:       F80CBF55 NDIS.sys
QueryCompleteHandler:    F80CE898 NDIS.sys
SetCompleteHandler:      F80CEC74 NDIS.sys
WanSendCompleteHandler:  F80CC27E NDIS.sys
WanRcvHandler:           F80D2834 NDIS.sys
WanRcvCompleteHandler:   F80D28D4 NDIS.sys
AdapterInstanceName: WAN Miniport (IP) - Packet Scheduler Miniport
BaseName: {A4A254D3-3B47-45EB-83F7-72D4644B9F21}
SymbolicLinkName: \??\Root#MS_PSCHEDMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{A4A254D3-3B47-45EB-83F7-72D4644B9F21}

NDIS MiniPort[5] \DEVICE\{9E5083B1-2363-4161-8841-BF7DF72A3B3C}
MediaType:   Wan
BusType:     Isa
AdapterType: Internal
Interrupt:   00000000
PacketIndicateHandler:   F80B9A0D NDIS.sys
SendCompleteHandler:     F80CABB0 NDIS.sys
SendResourcesHandler:    F80D19B7 NDIS.sys
ResetCompleteHandler:    F80D3022 NDIS.sys
HandleInterruptHandler:  00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
SendPacketsHandler:      F80CD25F NDIS.sys
DeferredSendHandler:     F80B8DA4 NDIS.sys
EthRxIndicateHandler:    F80D8AF6 NDIS.sys
TrRxIndicateHandler:     F80D91F1 NDIS.sys
FddiRxIndicateHandler:   F80D71F7 NDIS.sys
EthRxCompleteHandler:    F80D8971 NDIS.sys
TrRxCompleteHandler:     F80D9A2D NDIS.sys
FddiRxCompleteHandler:   F80D67FC NDIS.sys
StatusHandler:           F80CF9EF NDIS.sys
StatusCompleteHandler:   F80CFC2D NDIS.sys
TDCompleteHandler:       F80CBF55 NDIS.sys
QueryCompleteHandler:    F80CE898 NDIS.sys
SetCompleteHandler:      F80CEC74 NDIS.sys
WanSendCompleteHandler:  F80CC27E NDIS.sys
WanRcvHandler:           F80D2834 NDIS.sys
WanRcvCompleteHandler:   F80D28D4 NDIS.sys
AdapterInstanceName: P
NDIS MiniPort[6] \DEVICE\{874C7A91-B093-4FA3-AAFD-04E50F17156F}
MediaType:   Wan
BusType:     Isa
AdapterType: Internal
Interrupt:   00000000
PacketIndicateHandler:   F80B9A0D NDIS.sys
SendCompleteHandler:     F80CABB0 NDIS.sys
SendResourcesHandler:    F80D19B7 NDIS.sys
ResetCompleteHandler:    F80D3022 NDIS.sys
HandleInterruptHandler:  00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
SendPacketsHandler:      F80CD25F NDIS.sys
DeferredSendHandler:     F80B8DA4 NDIS.sys
EthRxIndicateHandler:    F80D8AF6 NDIS.sys
TrRxIndicateHandler:     F80D91F1 NDIS.sys
FddiRxIndicateHandler:   F80D71F7 NDIS.sys
EthRxCompleteHandler:    F80D8971 NDIS.sys
TrRxCompleteHandler:     F80D9A2D NDIS.sys
FddiRxCompleteHandler:   F80D67FC NDIS.sys
StatusHandler:           F80CF9EF NDIS.sys
StatusCompleteHandler:   F80CFC2D NDIS.sys
TDCompleteHandler:       F80CBF55 NDIS.sys
QueryCompleteHandler:    F80CE898 NDIS.sys
SetCompleteHandler:      F80CEC74 NDIS.sys
WanSendCompleteHandler:  F80CC27E NDIS.sys
WanRcvHandler:           F80D2834 NDIS.sys
WanRcvCompleteHandler:   F80D28D4 NDIS.sys
AdapterInstanceName: WAN Miniport (PPPOE)
BaseName: {874C7A91-B093-4FA3-AAFD-04E50F17156F}
SymbolicLinkName: \??\Root#MS_PPPOEMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{874C7A91-B093-4FA3-AAFD-04E50F17156F}

NDIS MiniPort[7] \DEVICE\NDISWANIP
MediaType:   802_3
BusType:     Isa
AdapterType: Internal
Interrupt:   00000000
PacketIndicateHandler:   F80D7B21 NDIS.sys
SendCompleteHandler:     F80CABB0 NDIS.sys
SendResourcesHandler:    F80D19B7 NDIS.sys
ResetCompleteHandler:    F80D3022 NDIS.sys
HandleInterruptHandler:  00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
SendPacketsHandler:      F80CD25F NDIS.sys
DeferredSendHandler:     F80CD4A5 NDIS.sys
EthRxIndicateHandler:    F80D8AF6 NDIS.sys
TrRxIndicateHandler:     F80D91F1 NDIS.sys
FddiRxIndicateHandler:   F80D71F7 NDIS.sys
EthRxCompleteHandler:    F80D8971 NDIS.sys
TrRxCompleteHandler:     F80D9A2D NDIS.sys
FddiRxCompleteHandler:   F80D67FC NDIS.sys
StatusHandler:           F80CF9EF NDIS.sys
StatusCompleteHandler:   F80CFC2D NDIS.sys
TDCompleteHandler:       F80CBF55 NDIS.sys
QueryCompleteHandler:    F80CE898 NDIS.sys
SetCompleteHandler:      F80CEC74 NDIS.sys
WanSendCompleteHandler:  F80CC27E NDIS.sys
WanRcvHandler:           F80D2834 NDIS.sys
WanRcvCompleteHandler:   F80D28D4 NDIS.sys
AdapterInstanceName: WAN Miniport (IP)
BaseName: NDISWANIP
SymbolicLinkName: \??\Root#MS_NDISWANIP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\NDISWANIP

NDIS MiniPort[8] \DEVICE\{3D431CCA-D3F2-4CE9-8FFB-2D6AB0BBD245}
MediaType:   CoWan
BusType:     Isa
AdapterType: Internal
Interrupt:   00000000
PacketIndicateHandler:   F80D3704 NDIS.sys
SendCompleteHandler:     F80CABB0 NDIS.sys
SendResourcesHandler:    F80D19B7 NDIS.sys
ResetCompleteHandler:    F80D3022 NDIS.sys
HandleInterruptHandler:  00000000 
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
SendPacketsHandler:      F80CD25F NDIS.sys
DeferredSendHandler:     F80CB9A8 NDIS.sys
EthRxIndicateHandler:    F80D8AF6 NDIS.sys
TrRxIndicateHandler:     F80D91F1 NDIS.sys
FddiRxIndicateHandler:   F80D71F7 NDIS.sys
EthRxCompleteHandler:    F80D8971 NDIS.sys
TrRxCompleteHandler:     F80D9A2D NDIS.sys
FddiRxCompleteHandler:   F80D67FC NDIS.sys
StatusHandler:           F80CF9EF NDIS.sys
StatusCompleteHandler:   F80CFC2D NDIS.sys
TDCompleteHandler:       F80CBF55 NDIS.sys
QueryCompleteHandler:    F80CE898 NDIS.sys
SetCompleteHandler:      F80CEC74 NDIS.sys
WanSendCompleteHandler:  F80CC27E NDIS.sys
WanRcvHandler:           F80D2834 NDIS.sys
WanRcvCompleteHandler:   F80D28D4 NDIS.sys
AdapterInstanceName: WAN Miniport (L2TP)
BaseName: {3D431CCA-D3F2-4CE9-8FFB-2D6AB0BBD245}
SymbolicLinkName: \??\Root#MS_L2TPMINIPORT#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{3D431CCA-D3F2-4CE9-8FFB-2D6AB0BBD245}

NDIS MiniPort[9] \DEVICE\{EB9F8BBF-6991-492F-BCBE-7EA0C04DDD52}
MediaType:   802_3
BusType:     Pci
AdapterType: Pci
Interrupt:   8278C09C
PacketIndicateHandler:   F80D7B21 NDIS.sys
SendCompleteHandler:     F80CBBD4 NDIS.sys
SendResourcesHandler:    F80D19B7 NDIS.sys
ResetCompleteHandler:    F80D3022 NDIS.sys
HandleInterruptHandler:  F7E5C1E0 \SystemRoot\system32\DRIVERS\ar5211.sys
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
SendPacketsHandler:      F80CC32D NDIS.sys
DeferredSendHandler:     F80CD4A5 NDIS.sys
EthRxIndicateHandler:    F80D8AF6 NDIS.sys
TrRxIndicateHandler:     F80D91F1 NDIS.sys
FddiRxIndicateHandler:   F80D71F7 NDIS.sys
EthRxCompleteHandler:    F80D8971 NDIS.sys
TrRxCompleteHandler:     F80D9A2D NDIS.sys
FddiRxCompleteHandler:   F80D67FC NDIS.sys
StatusHandler:           F80CF9EF NDIS.sys
StatusCompleteHandler:   F80CFC2D NDIS.sys
TDCompleteHandler:       F80CBF55 NDIS.sys
QueryCompleteHandler:    F80CE898 NDIS.sys
SetCompleteHandler:      F80CEC74 NDIS.sys
WanSendCompleteHandler:  F80CC27E NDIS.sys
WanRcvHandler:           F80D2834 NDIS.sys
WanRcvCompleteHandler:   F80D28D4 NDIS.sys
AdapterInstanceName: Atheros AR5005G Wireless Network Adapter
BaseName: {EB9F8BBF-6991-492F-BCBE-7EA0C04DDD52}
SymbolicLinkName: \??\PCI#VEN_168C&DEV_001A&SUBSYS_04181468&REV_01#4&6b16d5b&0&10F0#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{EB9F8BBF-6991-492F-BCBE-7EA0C04DDD52}
NDIS_MINIPORT_INTERRUPT: 8278C09C
 InterruptObject 827E58D8
 MiniportIsr: F7E5C050 \SystemRoot\system32\DRIVERS\ar5211.sys
 MiniportDpc: F7E5C1E0 \SystemRoot\system32\DRIVERS\ar5211.sys

NDIS MiniPort[10] \DEVICE\{58CBC6B8-F8AA-46AE-8090-1424181581F0}
MediaType:   802_3
BusType:     Pci
AdapterType: Pci
Interrupt:   8263FB28
PacketIndicateHandler:   F80B9A0D NDIS.sys
SendCompleteHandler:     F80CABB0 NDIS.sys
SendResourcesHandler:    F80D19B7 NDIS.sys
ResetCompleteHandler:    F80D3022 NDIS.sys
HandleInterruptHandler:  F84F8430 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
DisableInterruptHandler: 00000000 
EnableInterruptHandler:  00000000 
SendPacketsHandler:      F80CD25F NDIS.sys
DeferredSendHandler:     F80CD4A5 NDIS.sys
EthRxIndicateHandler:    F80D8AF6 NDIS.sys
TrRxIndicateHandler:     F80D91F1 NDIS.sys
FddiRxIndicateHandler:   F80D71F7 NDIS.sys
EthRxCompleteHandler:    F80D8971 NDIS.sys
TrRxCompleteHandler:     F80D9A2D NDIS.sys
FddiRxCompleteHandler:   F80D67FC NDIS.sys
StatusHandler:           F80CF9EF NDIS.sys
StatusCompleteHandler:   F80CFC2D NDIS.sys
TDCompleteHandler:       F80CBF55 NDIS.sys
QueryCompleteHandler:    F80CE898 NDIS.sys
SetCompleteHandler:      F80CEC74 NDIS.sys
WanSendCompleteHandler:  F80CC27E NDIS.sys
WanRcvHandler:           F80D2834 NDIS.sys
WanRcvCompleteHandler:   F80D28D4 NDIS.sys
AdapterInstanceName: Broadcom 440x 10/100 Integrated Controller
BaseName: {58CBC6B8-F8AA-46AE-8090-1424181581F0}
SymbolicLinkName: \??\PCI#VEN_14E4&DEV_170C&SUBSYS_00901025&REV_02#4&6b16d5b&0&08F0#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{58CBC6B8-F8AA-46AE-8090-1424181581F0}
NDIS_MINIPORT_INTERRUPT: 8263FB28
 InterruptObject 827E9958
 MiniportIsr: F84F57C0 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
 MiniportDpc: F84F8430 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys

check_ndis: 18 open_blocks, size of open_block B8
check_ndis: read 18 open_blocks, total D40
OpenBlock [0] 81FC86C8
RootName: \DEVICE\{EB9F8BBF-6991-492F-BCBE-7EA0C04DDD52}
BindName: \DEVICE\{212149EF-B85A-4FED-8188-327C990AB58C}
Flags:    1
SendHandler:                 F80B587B NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         A9D0F8CE \SystemRoot\system32\DRIVERS\rspndr.sys
SendCompleteHandler:         A9D0ED8E \SystemRoot\system32\DRIVERS\rspndr.sys
TransferDataCompleteHandler: A9D0EFDE \SystemRoot\system32\DRIVERS\rspndr.sys
ReceiveHandler:              A9D0EBEC \SystemRoot\system32\DRIVERS\rspndr.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           A9D0ECE4 \SystemRoot\system32\DRIVERS\rspndr.sys
RequestCompleteHandler:      A9D0F59E \SystemRoot\system32\DRIVERS\rspndr.sys
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              00000000 
ResetCompleteHandler:        A9D0F934 \SystemRoot\system32\DRIVERS\rspndr.sys
StatusHandler:               A9D0EBEC \SystemRoot\system32\DRIVERS\rspndr.sys
StatusCompleteHandler:       00000000 
WSendHandler:                F7CBE0CA \SystemRoot\system32\DRIVERS\psched.sys
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [1] 8209B720
RootName: \DEVICE\{58CBC6B8-F8AA-46AE-8090-1424181581F0}
BindName: \DEVICE\{D6FD3E4A-1AC1-4304-AAF2-37E7D8D1BE4B}
Flags:    1
SendHandler:                 F80CDB40 NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         A9D0F8CE \SystemRoot\system32\DRIVERS\rspndr.sys
SendCompleteHandler:         A9D0ED8E \SystemRoot\system32\DRIVERS\rspndr.sys
TransferDataCompleteHandler: A9D0EFDE \SystemRoot\system32\DRIVERS\rspndr.sys
ReceiveHandler:              A9D0EBEC \SystemRoot\system32\DRIVERS\rspndr.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           A9D0ECE4 \SystemRoot\system32\DRIVERS\rspndr.sys
RequestCompleteHandler:      A9D0F59E \SystemRoot\system32\DRIVERS\rspndr.sys
ReceivePacketHandler:        F80CDA9E NDIS.sys
SendPacketsHandler:          F80CDB1B NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              00000000 
ResetCompleteHandler:        A9D0F934 \SystemRoot\system32\DRIVERS\rspndr.sys
StatusHandler:               A9D0EBEC \SystemRoot\system32\DRIVERS\rspndr.sys
StatusCompleteHandler:       00000000 
WSendHandler:                F7CBE0CA \SystemRoot\system32\DRIVERS\psched.sys
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [2] 8209B458
RootName: \DEVICE\{EB9F8BBF-6991-492F-BCBE-7EA0C04DDD52}
BindName: \DEVICE\{212149EF-B85A-4FED-8188-327C990AB58C}
Flags:    1
SendHandler:                 F80B587B NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         A9C3818A \SystemRoot\system32\DRIVERS\ndisuio.sys
SendCompleteHandler:         A9C37E4A \SystemRoot\system32\DRIVERS\ndisuio.sys
TransferDataCompleteHandler: A9C37FBC \SystemRoot\system32\DRIVERS\ndisuio.sys
ReceiveHandler:              A9C36AC6 \SystemRoot\system32\DRIVERS\ndisuio.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           A9C369A6 \SystemRoot\system32\DRIVERS\ndisuio.sys
RequestCompleteHandler:      A9C37EB4 \SystemRoot\system32\DRIVERS\ndisuio.sys
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              A9C3699E \SystemRoot\system32\DRIVERS\ndisuio.sys
ResetCompleteHandler:        A9C369C8 \SystemRoot\system32\DRIVERS\ndisuio.sys
StatusHandler:               A9C36AC6 \SystemRoot\system32\DRIVERS\ndisuio.sys
StatusCompleteHandler:       00000000 
WSendHandler:                F7CBE0CA \SystemRoot\system32\DRIVERS\psched.sys
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [3] 81FEF7C0
RootName: \DEVICE\{58CBC6B8-F8AA-46AE-8090-1424181581F0}
BindName: \DEVICE\{D6FD3E4A-1AC1-4304-AAF2-37E7D8D1BE4B}
Flags:    1
SendHandler:                 F80CDB40 NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         A9C3818A \SystemRoot\system32\DRIVERS\ndisuio.sys
SendCompleteHandler:         A9C37E4A \SystemRoot\system32\DRIVERS\ndisuio.sys
TransferDataCompleteHandler: A9C37FBC \SystemRoot\system32\DRIVERS\ndisuio.sys
ReceiveHandler:              A9C36AC6 \SystemRoot\system32\DRIVERS\ndisuio.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           A9C369A6 \SystemRoot\system32\DRIVERS\ndisuio.sys
RequestCompleteHandler:      A9C37EB4 \SystemRoot\system32\DRIVERS\ndisuio.sys
ReceivePacketHandler:        F80CDA9E NDIS.sys
SendPacketsHandler:          F80CDB1B NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              A9C3699E \SystemRoot\system32\DRIVERS\ndisuio.sys
ResetCompleteHandler:        A9C369C8 \SystemRoot\system32\DRIVERS\ndisuio.sys
StatusHandler:               A9C36AC6 \SystemRoot\system32\DRIVERS\ndisuio.sys
StatusCompleteHandler:       00000000 
WSendHandler:                F7CBE0CA \SystemRoot\system32\DRIVERS\psched.sys
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [4] 823631D8
RootName: \DEVICE\NDISWANIP
BindName: \DEVICE\{A4A254D3-3B47-45EB-83F7-72D4644B9F21}
Flags:    1
SendHandler:                 F80B587B NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         F865A7E6 \SystemRoot\system32\DRIVERS\wanarp.sys
SendCompleteHandler:         F865A06A \SystemRoot\system32\DRIVERS\wanarp.sys
TransferDataCompleteHandler: F865A2DC \SystemRoot\system32\DRIVERS\wanarp.sys
ReceiveHandler:              F865A052 \SystemRoot\system32\DRIVERS\wanarp.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           F86557C6 \SystemRoot\system32\DRIVERS\wanarp.sys
RequestCompleteHandler:      F865A26C \SystemRoot\system32\DRIVERS\wanarp.sys
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              F865A5B0 \SystemRoot\system32\DRIVERS\wanarp.sys
ResetCompleteHandler:        F86581DE \SystemRoot\system32\DRIVERS\wanarp.sys
StatusHandler:               F8657282 \SystemRoot\system32\DRIVERS\wanarp.sys
StatusCompleteHandler:       00400000 
WSendHandler:                F7CBE0CA \SystemRoot\system32\DRIVERS\psched.sys
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [5] 8236ED10
RootName: \DEVICE\{EB9F8BBF-6991-492F-BCBE-7EA0C04DDD52}
BindName: \DEVICE\{212149EF-B85A-4FED-8188-327C990AB58C}
Flags:    1
SendHandler:                 F80B587B NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         AA0F27F0 \SystemRoot\system32\DRIVERS\tcpip.sys
SendCompleteHandler:         AA11D404 \SystemRoot\system32\DRIVERS\tcpip.sys
TransferDataCompleteHandler: AA0F46B5 \SystemRoot\system32\DRIVERS\tcpip.sys
ReceiveHandler:              AA0EF7F3 \SystemRoot\system32\DRIVERS\tcpip.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           AA0F8B80 \SystemRoot\system32\DRIVERS\tcpip.sys
RequestCompleteHandler:      AA0EF800 \SystemRoot\system32\DRIVERS\tcpip.sys
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              AA11D426 \SystemRoot\system32\DRIVERS\tcpip.sys
ResetCompleteHandler:        AA108A7F \SystemRoot\system32\DRIVERS\tcpip.sys
StatusHandler:               AA108977 \SystemRoot\system32\DRIVERS\tcpip.sys
StatusCompleteHandler:       00000000 
WSendHandler:                F7CBE0CA \SystemRoot\system32\DRIVERS\psched.sys
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000002 

OpenBlock [6] 824EB790
RootName: \DEVICE\{58CBC6B8-F8AA-46AE-8090-1424181581F0}
BindName: \DEVICE\{D6FD3E4A-1AC1-4304-AAF2-37E7D8D1BE4B}
Flags:    1
SendHandler:                 F80CDB40 NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         AA0F27F0 \SystemRoot\system32\DRIVERS\tcpip.sys
SendCompleteHandler:         AA11D404 \SystemRoot\system32\DRIVERS\tcpip.sys
TransferDataCompleteHandler: AA0F46B5 \SystemRoot\system32\DRIVERS\tcpip.sys
ReceiveHandler:              AA0EF7F3 \SystemRoot\system32\DRIVERS\tcpip.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           AA0F8B80 \SystemRoot\system32\DRIVERS\tcpip.sys
RequestCompleteHandler:      AA0EF800 \SystemRoot\system32\DRIVERS\tcpip.sys
ReceivePacketHandler:        F80CDA9E NDIS.sys
SendPacketsHandler:          F80CDB1B NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              AA11D426 \SystemRoot\system32\DRIVERS\tcpip.sys
ResetCompleteHandler:        AA108A7F \SystemRoot\system32\DRIVERS\tcpip.sys
StatusHandler:               AA108977 \SystemRoot\system32\DRIVERS\tcpip.sys
StatusCompleteHandler:       00000000 
WSendHandler:                F7CBE0CA \SystemRoot\system32\DRIVERS\psched.sys
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000002 

OpenBlock [7] 825D7A80
RootName: \DEVICE\{58CBC6B8-F8AA-46AE-8090-1424181581F0}
BindName: \DEVICE\{58CBC6B8-F8AA-46AE-8090-1424181581F0}
Flags:    1
SendHandler:                 F80CDB40 NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         F7CBEB62 \SystemRoot\system32\DRIVERS\psched.sys
SendCompleteHandler:         F7CBE110 \SystemRoot\system32\DRIVERS\psched.sys
TransferDataCompleteHandler: F7CBE41C \SystemRoot\system32\DRIVERS\psched.sys
ReceiveHandler:              F7CBE646 \SystemRoot\system32\DRIVERS\psched.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           F7CBD6FA \SystemRoot\system32\DRIVERS\psched.sys
RequestCompleteHandler:      F7CBE228 \SystemRoot\system32\DRIVERS\psched.sys
ReceivePacketHandler:        F80CDA9E NDIS.sys
SendPacketsHandler:          F80CDB1B NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              F7CBDD72 \SystemRoot\system32\DRIVERS\psched.sys
ResetCompleteHandler:        F7CBFD18 \SystemRoot\system32\DRIVERS\psched.sys
StatusHandler:               F7CBFDF8 \SystemRoot\system32\DRIVERS\psched.sys
StatusCompleteHandler:       00000000 
WSendHandler:                00000000 
WTransferDataHandler:        F84F9650 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000002 

OpenBlock [8] 8298C480
RootName: \DEVICE\{EB9F8BBF-6991-492F-BCBE-7EA0C04DDD52}
BindName: \DEVICE\{EB9F8BBF-6991-492F-BCBE-7EA0C04DDD52}
Flags:    1
SendHandler:                 F80CBD44 NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         F7CBEB62 \SystemRoot\system32\DRIVERS\psched.sys
SendCompleteHandler:         F7CBE110 \SystemRoot\system32\DRIVERS\psched.sys
TransferDataCompleteHandler: F7CBE41C \SystemRoot\system32\DRIVERS\psched.sys
ReceiveHandler:              F7CBE646 \SystemRoot\system32\DRIVERS\psched.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           F7CBD6FA \SystemRoot\system32\DRIVERS\psched.sys
RequestCompleteHandler:      F7CBE228 \SystemRoot\system32\DRIVERS\psched.sys
ReceivePacketHandler:        F80CC32D NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA998 NDIS.sys
RequestHandler:              F7CBDD72 \SystemRoot\system32\DRIVERS\psched.sys
ResetCompleteHandler:        F7CBFD18 \SystemRoot\system32\DRIVERS\psched.sys
StatusHandler:               F7CBFDF8 \SystemRoot\system32\DRIVERS\psched.sys
StatusCompleteHandler:       00000000 
WSendHandler:                00000000 
WTransferDataHandler:        F7E67E20 \SystemRoot\system32\DRIVERS\ar5211.sys
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000002 

OpenBlock [9] 829B4570
RootName: \DEVICE\{90132325-B8B2-4B56-9516-0BDA929E4E00}
BindName: \DEVICE\{90132325-B8B2-4B56-9516-0BDA929E4E00}
Flags:    2
SendHandler:                 F80B587B NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         F85D6320 \SystemRoot\System32\Drivers\NDProxy.SYS
SendCompleteHandler:         F85D73E0 \SystemRoot\System32\Drivers\NDProxy.SYS
TransferDataCompleteHandler: 00000000 
ReceiveHandler:              F85D73F0 \SystemRoot\System32\Drivers\NDProxy.SYS
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           F85D6F7A \SystemRoot\System32\Drivers\NDProxy.SYS
RequestCompleteHandler:      00000000 
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              F85D73E8 \SystemRoot\System32\Drivers\NDProxy.SYS
ResetCompleteHandler:        00000000 
StatusHandler:               F85D73F0 \SystemRoot\System32\Drivers\NDProxy.SYS
StatusCompleteHandler:       00420000 
WSendHandler:                00000000 
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [10] 82B2B198
RootName: \DEVICE\{90132325-B8B2-4B56-9516-0BDA929E4E00}
BindName: \DEVICE\{90132325-B8B2-4B56-9516-0BDA929E4E00}
Flags:    2
SendHandler:                 F80B587B NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         F85D6320 \SystemRoot\System32\Drivers\NDProxy.SYS
SendCompleteHandler:         F85D73E0 \SystemRoot\System32\Drivers\NDProxy.SYS
TransferDataCompleteHandler: 00000000 
ReceiveHandler:              F85D73F0 \SystemRoot\System32\Drivers\NDProxy.SYS
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           F85D6F7A \SystemRoot\System32\Drivers\NDProxy.SYS
RequestCompleteHandler:      00000000 
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              F85D73E8 \SystemRoot\System32\Drivers\NDProxy.SYS
ResetCompleteHandler:        00000000 
StatusHandler:               F85D73F0 \SystemRoot\System32\Drivers\NDProxy.SYS
StatusCompleteHandler:       00040000 
WSendHandler:                00000000 
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [11] 82B2AD50
RootName: \DEVICE\{90132325-B8B2-4B56-9516-0BDA929E4E00}
BindName: \DEVICE\{90132325-B8B2-4B56-9516-0BDA929E4E00}
Flags:    2
SendHandler:                 F80B587B NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         F7CD473B \SystemRoot\system32\DRIVERS\ndiswan.sys
SendCompleteHandler:         00000000 
TransferDataCompleteHandler: F7CD3C65 \SystemRoot\system32\DRIVERS\ndiswan.sys
ReceiveHandler:              F7CD3BFC \SystemRoot\system32\DRIVERS\ndiswan.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           F7CC8354 \SystemRoot\system32\DRIVERS\ndiswan.sys
RequestCompleteHandler:      00000000 
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              F7CD3BD7 \SystemRoot\system32\DRIVERS\ndiswan.sys
ResetCompleteHandler:        F7CD3C04 \SystemRoot\system32\DRIVERS\ndiswan.sys
StatusHandler:               F7CD3BFC \SystemRoot\system32\DRIVERS\ndiswan.sys
StatusCompleteHandler:       00040000 
WSendHandler:                00000000 
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [12] 82B79008
RootName: \DEVICE\{9E5083B1-2363-4161-8841-BF7DF72A3B3C}
BindName: \DEVICE\{9E5083B1-2363-4161-8841-BF7DF72A3B3C}
Flags:    1
SendHandler:                 F80CC133 NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         F7CD473B \SystemRoot\system32\DRIVERS\ndiswan.sys
SendCompleteHandler:         00000000 
TransferDataCompleteHandler: F7CD3C65 \SystemRoot\system32\DRIVERS\ndiswan.sys
ReceiveHandler:              F7CD3BFC \SystemRoot\system32\DRIVERS\ndiswan.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           F7CC8354 \SystemRoot\system32\DRIVERS\ndiswan.sys
RequestCompleteHandler:      00000000 
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              F7CD3BD7 \SystemRoot\system32\DRIVERS\ndiswan.sys
ResetCompleteHandler:        F7CD3C04 \SystemRoot\system32\DRIVERS\ndiswan.sys
StatusHandler:               F7CD3BFC \SystemRoot\system32\DRIVERS\ndiswan.sys
StatusCompleteHandler:       00000000 
WSendHandler:                00000000 
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [13] 82B48130
RootName: \DEVICE\{874C7A91-B093-4FA3-AAFD-04E50F17156F}
BindName: \DEVICE\{874C7A91-B093-4FA3-AAFD-04E50F17156F}
Flags:    1
SendHandler:                 F80CC133 NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         F7CD473B \SystemRoot\system32\DRIVERS\ndiswan.sys
SendCompleteHandler:         00000000 
TransferDataCompleteHandler: F7CD3C65 \SystemRoot\system32\DRIVERS\ndiswan.sys
ReceiveHandler:              F7CD3BFC \SystemRoot\system32\DRIVERS\ndiswan.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           F7CC8354 \SystemRoot\system32\DRIVERS\ndiswan.sys
RequestCompleteHandler:      00000000 
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              F7CD3BD7 \SystemRoot\system32\DRIVERS\ndiswan.sys
ResetCompleteHandler:        F7CD3C04 \SystemRoot\system32\DRIVERS\ndiswan.sys
StatusHandler:               F7CD3BFC \SystemRoot\system32\DRIVERS\ndiswan.sys
StatusCompleteHandler:       00000000 
WSendHandler:                00000000 
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [14] 82B2C530
RootName: \DEVICE\{3D431CCA-D3F2-4CE9-8FFB-2D6AB0BBD245}
BindName: \DEVICE\{3D431CCA-D3F2-4CE9-8FFB-2D6AB0BBD245}
Flags:    2
SendHandler:                 F80B587B NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         F85D6320 \SystemRoot\System32\Drivers\NDProxy.SYS
SendCompleteHandler:         F85D73E0 \SystemRoot\System32\Drivers\NDProxy.SYS
TransferDataCompleteHandler: 00000000 
ReceiveHandler:              F85D73F0 \SystemRoot\System32\Drivers\NDProxy.SYS
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           F85D6F7A \SystemRoot\System32\Drivers\NDProxy.SYS
RequestCompleteHandler:      00000000 
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              F85D73E8 \SystemRoot\System32\Drivers\NDProxy.SYS
ResetCompleteHandler:        00000000 
StatusHandler:               F85D73F0 \SystemRoot\System32\Drivers\NDProxy.SYS
StatusCompleteHandler:       00420000 
WSendHandler:                00000000 
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [15] 82B2D118
RootName: \DEVICE\{3D431CCA-D3F2-4CE9-8FFB-2D6AB0BBD245}
BindName: \DEVICE\{3D431CCA-D3F2-4CE9-8FFB-2D6AB0BBD245}
Flags:    2
SendHandler:                 F80B587B NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         F85D6320 \SystemRoot\System32\Drivers\NDProxy.SYS
SendCompleteHandler:         F85D73E0 \SystemRoot\System32\Drivers\NDProxy.SYS
TransferDataCompleteHandler: 00000000 
ReceiveHandler:              F85D73F0 \SystemRoot\System32\Drivers\NDProxy.SYS
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           F85D6F7A \SystemRoot\System32\Drivers\NDProxy.SYS
RequestCompleteHandler:      00000000 
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              F85D73E8 \SystemRoot\System32\Drivers\NDProxy.SYS
ResetCompleteHandler:        00000000 
StatusHandler:               F85D73F0 \SystemRoot\System32\Drivers\NDProxy.SYS
StatusCompleteHandler:       00040000 
WSendHandler:                00000000 
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [16] 82AC2BA8
RootName: \DEVICE\NDISWANIP
BindName: \DEVICE\NDISWANIP
Flags:    2
SendHandler:                 F80B587B NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         F7CBEB62 \SystemRoot\system32\DRIVERS\psched.sys
SendCompleteHandler:         F7CBE110 \SystemRoot\system32\DRIVERS\psched.sys
TransferDataCompleteHandler: F7CBE41C \SystemRoot\system32\DRIVERS\psched.sys
ReceiveHandler:              F7CBE646 \SystemRoot\system32\DRIVERS\psched.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           F7CBD6FA \SystemRoot\system32\DRIVERS\psched.sys
RequestCompleteHandler:      F7CBE228 \SystemRoot\system32\DRIVERS\psched.sys
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              F7CBDD72 \SystemRoot\system32\DRIVERS\psched.sys
ResetCompleteHandler:        F7CBFD18 \SystemRoot\system32\DRIVERS\psched.sys
StatusHandler:               F7CBFDF8 \SystemRoot\system32\DRIVERS\psched.sys
StatusCompleteHandler:       00040000 
WSendHandler:                00000000 
WTransferDataHandler:        F7CD3AD8 \SystemRoot\system32\DRIVERS\ndiswan.sys
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 

OpenBlock [17] 82B2F480
RootName: \DEVICE\{3D431CCA-D3F2-4CE9-8FFB-2D6AB0BBD245}
BindName: \DEVICE\{3D431CCA-D3F2-4CE9-8FFB-2D6AB0BBD245}
Flags:    2
SendHandler:                 F80B587B NDIS.sys
WanSendHandler:              F80CBFE6 NDIS.sys
TransferDataHandler:         F7CD473B \SystemRoot\system32\DRIVERS\ndiswan.sys
SendCompleteHandler:         00000000 
TransferDataCompleteHandler: F7CD3C65 \SystemRoot\system32\DRIVERS\ndiswan.sys
ReceiveHandler:              F7CD3BFC \SystemRoot\system32\DRIVERS\ndiswan.sys
ReceiveCompleteHandler:      00000000 
WanReceiveHandler:           F7CC8354 \SystemRoot\system32\DRIVERS\ndiswan.sys
RequestCompleteHandler:      00000000 
ReceivePacketHandler:        F80CD25F NDIS.sys
SendPacketsHandler:          F80CDB65 NDIS.sys
ResetHandler:                F80CA8C7 NDIS.sys
RequestHandler:              F7CD3BD7 \SystemRoot\system32\DRIVERS\ndiswan.sys
ResetCompleteHandler:        F7CD3C04 \SystemRoot\system32\DRIVERS\ndiswan.sys
StatusHandler:               F7CD3BFC \SystemRoot\system32\DRIVERS\ndiswan.sys
StatusCompleteHandler:       00040000 
WSendHandler:                00000000 
WTransferDataHandler:        00000000 
WSendPacketsHandler:         00000000 
CancelSendPacketsHandler:    00000000 


rdbss registered devs count: 1
 [0] DevObj 823A5030 DrvObj 823742E0 - \SystemRoot\system32\DRIVERS\mrxsmb.sys
ks count: 0
FltMgr: index 0
 FRAME[0] 8228E000
  FILTER 81FFAA70
   INSTANCE 81FFA808
   INSTANCE 81FFA540
   INSTANCE 8228CB90
  FILTER 81FFDE40
   INSTANCE 820ACDF8
   INSTANCE 820ACB58
   INSTANCE 820AC2F8

 INSTANCE 81FFA540:
  IRP_MJ_ACQUIRE_FOR_SECTION_SYNCHRONIZATION: 81FFA684
   PreOperation:            A9BC794A \SystemRoot\system32\DRIVERS\PSINProc.sys
   PostOperation:           A9BC7A40 \SystemRoot\system32\DRIVERS\PSINProc.sys

 INSTANCE 81FFA808:
  IRP_MJ_ACQUIRE_FOR_SECTION_SYNCHRONIZATION: 81FFA94C
   PreOperation:            A9BC794A \SystemRoot\system32\DRIVERS\PSINProc.sys
   PostOperation:           A9BC7A40 \SystemRoot\system32\DRIVERS\PSINProc.sys

 INSTANCE 820AC2F8:
  IRP_MJ_NETWORK_QUERY_OPEN: 820AC4B4
   PreOperation:            A9BE373A \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           00000000 
  IRP_MJ_CREATE: 820AC43C
   PreOperation:            A9BE27C4 \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           A9BE292E \SystemRoot\system32\DRIVERS\PSINFile.sys
  IRP_MJ_WRITE: 820AC46C
   PreOperation:            A9BE3634 \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           A9BE371C \SystemRoot\system32\DRIVERS\PSINFile.sys
  IRP_MJ_SET_INFORMATION: 820AC484
   PreOperation:            A9BE3746 \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           A9BE37CE \SystemRoot\system32\DRIVERS\PSINFile.sys
  IRP_MJ_DEVICE_CONTROL: 820AC49C
   PreOperation:            A9BE310E \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           00000000 
  IRP_MJ_CLEANUP: 820AC454
   PreOperation:            A9BE29B2 \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           A9BE2B0A \SystemRoot\system32\DRIVERS\PSINFile.sys

 INSTANCE 820ACB58:
  IRP_MJ_NETWORK_QUERY_OPEN: 820ACD14
   PreOperation:            A9BE373A \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           00000000 
  IRP_MJ_CREATE: 820ACC9C
   PreOperation:            A9BE27C4 \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           A9BE292E \SystemRoot\system32\DRIVERS\PSINFile.sys
  IRP_MJ_WRITE: 820ACCCC
   PreOperation:            A9BE3634 \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           A9BE371C \SystemRoot\system32\DRIVERS\PSINFile.sys
  IRP_MJ_SET_INFORMATION: 820ACCE4
   PreOperation:            A9BE3746 \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           A9BE37CE \SystemRoot\system32\DRIVERS\PSINFile.sys
  IRP_MJ_DEVICE_CONTROL: 820ACCFC
   PreOperation:            A9BE310E \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           00000000 
  IRP_MJ_CLEANUP: 820ACCB4
   PreOperation:            A9BE29B2 \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           A9BE2B0A \SystemRoot\system32\DRIVERS\PSINFile.sys

 INSTANCE 820ACDF8:
  IRP_MJ_NETWORK_QUERY_OPEN: 820ACFB4
   PreOperation:            A9BE373A \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           00000000 
  IRP_MJ_CREATE: 820ACF3C
   PreOperation:            A9BE27C4 \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           A9BE292E \SystemRoot\system32\DRIVERS\PSINFile.sys
  IRP_MJ_WRITE: 820ACF6C
   PreOperation:            A9BE3634 \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           A9BE371C \SystemRoot\system32\DRIVERS\PSINFile.sys
  IRP_MJ_SET_INFORMATION: 820ACF84
   PreOperation:            A9BE3746 \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           A9BE37CE \SystemRoot\system32\DRIVERS\PSINFile.sys
  IRP_MJ_DEVICE_CONTROL: 820ACF9C
   PreOperation:            A9BE310E \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           00000000 
  IRP_MJ_CLEANUP: 820ACF54
   PreOperation:            A9BE29B2 \SystemRoot\system32\DRIVERS\PSINFile.sys
   PostOperation:           A9BE2B0A \SystemRoot\system32\DRIVERS\PSINFile.sys

 INSTANCE 8228CB90:
  IRP_MJ_ACQUIRE_FOR_SECTION_SYNCHRONIZATION: 8228CCD4
   PreOperation:            A9BC794A \SystemRoot\system32\DRIVERS\PSINProc.sys
   PostOperation:           A9BC7A40 \SystemRoot\system32\DRIVERS\PSINProc.sys

UsbProvider[0]: 82B3ED9C
 Size 64 Unload 00000000 
 [0] OpenEndpoint: F872E9D6 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [1] PokeEndpoint: F872DB70 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [2] QueryEndpointRequirements: F872DCFE \SystemRoot\system32\DRIVERS\usbuhci.sys
 [3] CloseEndpoint: F872DB68 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [4] StartController: F872DA7A \SystemRoot\system32\DRIVERS\usbuhci.sys
 [5] StopController: F872D9A8 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [6] SuspendController: F872E77A \SystemRoot\system32\DRIVERS\usbuhci.sys
 [7] ResumeController: F872E84C \SystemRoot\system32\DRIVERS\usbuhci.sys
 [8] InterruptService: F8730FCC \SystemRoot\system32\DRIVERS\usbuhci.sys
 [9] InterruptDpc: F87310E4 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [10] SubmitTransfer: F872E134 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [11] IsochTransfer: F8730A2E \SystemRoot\system32\DRIVERS\usbuhci.sys
 [12] AbortTransfer: F872E1BE \SystemRoot\system32\DRIVERS\usbuhci.sys
 [13] GetEndpointState: F872E016 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [14] SetEndpointState: F872DFC2 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [15] PollEndpoint: F872DDCE \SystemRoot\system32\DRIVERS\usbuhci.sys
 [16] CheckController: F872E9AA \SystemRoot\system32\DRIVERS\usbuhci.sys
 [17] Get32BitFrameNumber: F872E05C \SystemRoot\system32\DRIVERS\usbuhci.sys
 [18] InterruptNextSOF: F87312CE \SystemRoot\system32\DRIVERS\usbuhci.sys
 [19] EnableInterrupts: F873123E \SystemRoot\system32\DRIVERS\usbuhci.sys
 [20] DisableInterrupts: F8731174 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [21] PollController: F872E0DC \SystemRoot\system32\DRIVERS\usbuhci.sys
 [22] SetEndpointDataToggle: F872E2C6 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [23] GetEndpointStatus: F872DF8C \SystemRoot\system32\DRIVERS\usbuhci.sys
 [24] SetEndpointStatus: F872DF08 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [26] RHGetRootHubData: F872ECF2 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [27] RHGetStatus: F872ED4E \SystemRoot\system32\DRIVERS\usbuhci.sys
 [28] RHGetPortStatus: F872EE20 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [29] RHGetHubStatus: F872ED66 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [30] RHSetFeaturePortReset: F872F216 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [31] RHSetFeaturePortPower: F872EE16 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [32] RHSetFeaturePortEnable: F872EDFA \SystemRoot\system32\DRIVERS\usbuhci.sys
 [33] RHSetFeaturePortSuspend: F872F292 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [34] RHClearFeaturePortEnable: F872EDDE \SystemRoot\system32\DRIVERS\usbuhci.sys
 [35] RHSetFeaturePortPower2: F872EE16 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [36] RHClearFeaturePortSuspend: F872F3B8 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [37] RHClearFeaturePortEnableChange: F872F4EC \SystemRoot\system32\DRIVERS\usbuhci.sys
 [38] RHClearFeaturePortConnectChange: F872F48E \SystemRoot\system32\DRIVERS\usbuhci.sys
 [39] RHClearFeaturePortResetChange: F872F542 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [40] RHClearFeaturePortSuspendChange: F872F564 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [41] RHClearFeaturePortOvercurrentChange: F872F586 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [42] RHDisableIrq: F87312C6 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [43] RHDisableIrq2: F87312C6 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [44] StartSendOnePacket: F872E32C \SystemRoot\system32\DRIVERS\usbuhci.sys
 [45] EndSendOnePacket: F872EBDC \SystemRoot\system32\DRIVERS\usbuhci.sys
 [46] PassThru: F872E290 \SystemRoot\system32\DRIVERS\usbuhci.sys
 [47] SVC_DbgPrint: F7EB7B24 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [48] SVC_TestDebugBreak: F7EB7B34 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [49] SVC_AssertFailure: F7EB7B2C \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [50] SVC_GetMiniportRegistryKeyValue: F7EBC0F2 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [51] SVC_InvalidateRootHub: F7EAEB98 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [52] SVC_InvalidateEndpoint: F7EA78CA \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [53] SVC_CompleteTransfer: F7EA545A \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [54] SVC_CompleteIsoTransfer: F7EA1E2E \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [55] SVC_LogEntry: F7EB7B3C \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [56] SVC_MapHwPhysicalToVirtual: F7EB86DC \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [57] SVC_RequestAsyncCallback: F7EB5CAC \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [58] SVC_ReadWriteConfigSpace: F7E9DB24 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [59] SVC_Wait: F7E9D9D8 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [60] SVC_InvalidateController: F7E9F48A \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [61] SVC_BugCheck: F7E9DADA \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [62] SVC_NotifyDoubleBuffer: F7EA48B2 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [64] FlushInterrupts: F8731204 \SystemRoot\system32\DRIVERS\usbuhci.sys

UsbProvider[1]: 82B3E7D4
 Size C8 Unload F874342E \SystemRoot\system32\DRIVERS\usbehci.sys
 [0] OpenEndpoint: F8742D82 \SystemRoot\system32\DRIVERS\usbehci.sys
 [1] PokeEndpoint: F8742E86 \SystemRoot\system32\DRIVERS\usbehci.sys
 [2] QueryEndpointRequirements: F8742F16 \SystemRoot\system32\DRIVERS\usbehci.sys
 [3] CloseEndpoint: F8742E40 \SystemRoot\system32\DRIVERS\usbehci.sys
 [4] StartController: F87434F0 \SystemRoot\system32\DRIVERS\usbehci.sys
 [5] StopController: F8742B68 \SystemRoot\system32\DRIVERS\usbehci.sys
 [6] SuspendController: F8742BF0 \SystemRoot\system32\DRIVERS\usbehci.sys
 [7] ResumeController: F8742CDA \SystemRoot\system32\DRIVERS\usbehci.sys
 [8] InterruptService: F8741D9E \SystemRoot\system32\DRIVERS\usbehci.sys
 [9] InterruptDpc: F8741B90 \SystemRoot\system32\DRIVERS\usbehci.sys
 [10] SubmitTransfer: F87431A8 \SystemRoot\system32\DRIVERS\usbehci.sys
 [11] IsochTransfer: F873E69A \SystemRoot\system32\DRIVERS\usbehci.sys
 [12] AbortTransfer: F874321C \SystemRoot\system32\DRIVERS\usbehci.sys
 [13] GetEndpointState: F87430F0 \SystemRoot\system32\DRIVERS\usbehci.sys
 [14] SetEndpointState: F8743094 \SystemRoot\system32\DRIVERS\usbehci.sys
 [15] PollEndpoint: F8742FA0 \SystemRoot\system32\DRIVERS\usbehci.sys
 [16] CheckController: F8743398 \SystemRoot\system32\DRIVERS\usbehci.sys
 [17] Get32BitFrameNumber: F8741D26 \SystemRoot\system32\DRIVERS\usbehci.sys
 [18] InterruptNextSOF: F8741D0C \SystemRoot\system32\DRIVERS\usbehci.sys
 [19] EnableInterrupts: F8741C7E \SystemRoot\system32\DRIVERS\usbehci.sys
 [20] DisableInterrupts: F8741C36 \SystemRoot\system32\DRIVERS\usbehci.sys
 [21] PollController: F8743136 \SystemRoot\system32\DRIVERS\usbehci.sys
 [22] SetEndpointDataToggle: F8743348 \SystemRoot\system32\DRIVERS\usbehci.sys
 [23] GetEndpointStatus: F874306A \SystemRoot\system32\DRIVERS\usbehci.sys
 [24] SetEndpointStatus: F8743034 \SystemRoot\system32\DRIVERS\usbehci.sys
 [26] RHGetRootHubData: F8741E66 \SystemRoot\system32\DRIVERS\usbehci.sys
 [27] RHGetStatus: F8741EC8 \SystemRoot\system32\DRIVERS\usbehci.sys
 [28] RHGetPortStatus: F8742064 \SystemRoot\system32\DRIVERS\usbehci.sys
 [29] RHGetHubStatus: F87424B8 \SystemRoot\system32\DRIVERS\usbehci.sys
 [30] RHSetFeaturePortReset: F87422AE \SystemRoot\system32\DRIVERS\usbehci.sys
 [31] RHSetFeaturePortPower: F87423A2 \SystemRoot\system32\DRIVERS\usbehci.sys
 [32] RHSetFeaturePortEnable: F87423F8 \SystemRoot\system32\DRIVERS\usbehci.sys
 [33] RHSetFeaturePortSuspend: F8742344 \SystemRoot\system32\DRIVERS\usbehci.sys
 [34] RHClearFeaturePortEnable: F8741EE0 \SystemRoot\system32\DRIVERS\usbehci.sys
 [35] RHSetFeaturePortPower2: F8741F12 \SystemRoot\system32\DRIVERS\usbehci.sys
 [36] RHClearFeaturePortSuspend: F8741FB0 \SystemRoot\system32\DRIVERS\usbehci.sys
 [37] RHClearFeaturePortEnableChange: F874246A \SystemRoot\system32\DRIVERS\usbehci.sys
 [38] RHClearFeaturePortConnectChange: F8742402 \SystemRoot\system32\DRIVERS\usbehci.sys
 [39] RHClearFeaturePortResetChange: F87424CE \SystemRoot\system32\DRIVERS\usbehci.sys
 [40] RHClearFeaturePortSuspendChange: F874200C \SystemRoot\system32\DRIVERS\usbehci.sys
 [41] RHClearFeaturePortOvercurrentChange: F874202E \SystemRoot\system32\DRIVERS\usbehci.sys
 [42] RHDisableIrq: F8741CA0 \SystemRoot\system32\DRIVERS\usbehci.sys
 [43] RHDisableIrq2: F8741CD6 \SystemRoot\system32\DRIVERS\usbehci.sys
 [44] StartSendOnePacket: F873F280 \SystemRoot\system32\DRIVERS\usbehci.sys
 [45] EndSendOnePacket: F873F57C \SystemRoot\system32\DRIVERS\usbehci.sys
 [46] PassThru: F87432F0 \SystemRoot\system32\DRIVERS\usbehci.sys
 [47] SVC_DbgPrint: F7EB7B24 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [48] SVC_TestDebugBreak: F7EB7B34 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [49] SVC_AssertFailure: F7EB7B2C \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [50] SVC_GetMiniportRegistryKeyValue: F7EBC0F2 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [51] SVC_InvalidateRootHub: F7EAEB98 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [52] SVC_InvalidateEndpoint: F7EA78CA \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [53] SVC_CompleteTransfer: F7EA545A \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [54] SVC_CompleteIsoTransfer: F7EA1E2E \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [55] SVC_LogEntry: F7EB7B3C \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [56] SVC_MapHwPhysicalToVirtual: F7EB86DC \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [57] SVC_RequestAsyncCallback: F7EB5CAC \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [58] SVC_ReadWriteConfigSpace: F7E9DB24 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [59] SVC_Wait: F7E9D9D8 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [60] SVC_InvalidateController: F7E9F48A \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [61] SVC_BugCheck: F7E9DADA \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [62] SVC_NotifyDoubleBuffer: F7EA48B2 \SystemRoot\system32\DRIVERS\USBPORT.SYS
 [63] RebalanceEndpoint: F8742EDE \SystemRoot\system32\DRIVERS\usbehci.sys
 [64] FlushInterrupts: F8741C56 \SystemRoot\system32\DRIVERS\usbehci.sys
 [65] ChirpRootPort: F874263C \SystemRoot\system32\DRIVERS\usbehci.sys
 [66] TakePortControl: F8742BBE \SystemRoot\system32\DRIVERS\usbehci.sys
RtlpStartThreadFunc: C:\WINDOWS\system32\kernel32.dll (7C812EF8)
RtlpExitThreadFunc: C:\WINDOWS\system32\kernel32.dll (7C80C280)
LdrpManifestProberRoutine: C:\WINDOWS\system32\kernel32.dll (7C811788)
UnhandledExceptionFilter: C:\Documents and Settings\Intel\Dokumenty\Staen soubory\wincheck32\wincheck32\wincheck32.exe (004D042D)
ConsoleCtrlHandler: C:\WINDOWS\system32\kernel32.dll (7C876A41)
Check took 10578 msecs
