PC Hunter Free --- Computer Examination Report
Examination Date: 2013-02-09 18:53
OS Information: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Internet Explorer: 6.0.2900.2180

Examination Items:
      Process
      Process Modules
      Process Threads
      Kernel Module
      Notify Routine
      Filter
      DPC Timer
      Worker Thread
      HalDispatchTable
      HalPrivateDispatchTable
      HalAcpiDispatchTable
      System Debug
      Object Hijack
      Direct IO
      GDT
      SSDT
      Shadow SSDT
      FSD
      Keyboard
      Mouclass
      Classpnp
      Atapi
      Acpi
      Scsi
      Kernel Hook
      PTE HOOK
      Object Type
      IDT
      Message Hook
      Process Hook
      KernelCallbackTable
      Port
      Tcpip
      Ndis Handler
      IE Plugin
      IE Shell
      Spi
      Hosts File
      Startup
      Service
      Schedule Task
      File Association
      IFEO
      IME
      Firewall Rule
      Scan MBR Rootkit

==========================================================================================

Process

       System - System - 
       spoolsv.exe - C:\Windows\system32\spoolsv.exe - Microsoft Corporation
       browsemngr.exe - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - 
       nvsvc32.exe - C:\Windows\system32\nvsvc32.exe - NVIDIA Corporation
       AvastSvc.exe - C:\Program Files\AVAST Software\Avast\AvastSvc.exe - AVAST Software
       svchost.exe - C:\Windows\system32\svchost.exe - Microsoft Corporation
       lsass.exe - C:\Windows\system32\lsass.exe - Microsoft Corporation
       hpcmpmgr.exe - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe - Hewlett-Packard Company
       c2c_service.exe - C:\Documents and Settings\All Users\Data aplikac\Skype\Toolbars\Skype C2C Service\c2c_service.exe - Skype Technologies S.A.
       svchost.exe - C:\Windows\system32\svchost.exe - Microsoft Corporation
       services.exe - C:\Windows\system32\services.exe - Microsoft Corporation
       jqs.exe - C:\Program Files\Java\jre7\bin\jqs.exe - Oracle Corporation
       wdfmgr.exe - C:\Windows\system32\wdfmgr.exe - Microsoft Corporation
       PCHunter32.exe - C:\Documents and Settings\win-xp\Plocha\PCHunter32.exe - ????(??)????????
       smss.exe - C:\Windows\system32\smss.exe - Microsoft Corporation
       csrss.exe - C:\Windows\system32\csrss.exe - Microsoft Corporation
       winlogon.exe - C:\Windows\system32\winlogon.exe - Microsoft Corporation
       svchost.exe - C:\Windows\system32\svchost.exe - Microsoft Corporation
       explorer.exe - C:\Windows\explorer.exe - Microsoft Corporation
       svchost.exe - C:\Windows\system32\svchost.exe - Microsoft Corporation
       svchost.exe - C:\Windows\system32\svchost.exe - Microsoft Corporation
       svchost.exe - C:\Windows\system32\svchost.exe - Microsoft Corporation
       AdobeARM.exe - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - Adobe Systems Incorporated
       browsemngr.exe - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - 
       FsUsbExService.Exe - C:\Windows\system32\FsUsbExService.Exe - Teruten
       PDVDServ.exe - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe - Cyberlink Corp.
       RTHDCPL.exe - C:\Windows\RTHDCPL.exe - Realtek Semiconductor Corp.
       hpqgalry.exe - C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe - Hewlett-Packard Co.
       rundll32.exe - C:\Windows\system32\rundll32.exe - Microsoft Corporation
       hpwuSchd2.exe - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe - Hewlett-Packard Company
       DATAMN~1.EXE - C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe - Bandoo Media Inc
       AvastUI.exe - C:\Program Files\AVAST Software\Avast\AvastUI.exe - AVAST Software
       ctfmon.exe - C:\Windows\system32\ctfmon.exe - Microsoft Corporation
       msmsgs.exe - C:\Program Files\Messenger\msmsgs.exe - Microsoft Corporation
       GoogleToolbarNotifier.exe - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - Google Inc.
       NPSAgent.exe - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe - Samsung Electronics Co., Ltd.
       hpqtra08.exe - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - Hewlett-Packard Co.
       wmiprvse.exe - C:\Windows\system32\wbem\wmiprvse.exe - Microsoft Corporation
       Idle - Idle - 

==========================================================================================

Process Modules

      Image File Name[System]Modules
             ntdll.dll - C:\Windows\system32\ntdll.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[spoolsv.exe]Modules
             spoolsv.exe - C:\WINDOWS\system32\spoolsv.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             SPOOLSS.DLL - C:\WINDOWS\system32\SPOOLSS.DLL - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\system32\rasadhlp.dll - Microsoft Corporation
             localspl.dll - C:\WINDOWS\system32\localspl.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             sfc_os.dll - C:\WINDOWS\system32\sfc_os.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             winspool.drv - C:\WINDOWS\system32\winspool.drv - Microsoft Corporation
             netapi32.dll - C:\WINDOWS\system32\netapi32.dll - Microsoft Corporation
             cnbjmon.dll - C:\WINDOWS\system32\cnbjmon.dll - Microsoft Corporation
             hpzsnt10.dll - C:\WINDOWS\system32\hpzsnt10.dll - HP
             pjlmon.dll - C:\WINDOWS\system32\pjlmon.dll - Microsoft Corporation
             tcpmon.dll - C:\WINDOWS\system32\tcpmon.dll - Microsoft Corporation
             usbmon.dll - C:\WINDOWS\system32\usbmon.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             winrnr.dll - C:\WINDOWS\System32\winrnr.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             win32spl.dll - C:\WINDOWS\system32\win32spl.dll - Microsoft Corporation
             NETRAP.dll - C:\WINDOWS\system32\NETRAP.dll - Microsoft Corporation
             NTDSAPI.dll - C:\WINDOWS\system32\NTDSAPI.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             inetpp.dll - C:\WINDOWS\system32\inetpp.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[browsemngr.exe]Modules
             browsemngr.exe - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - 
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             win32c~1.dll - c:\docume~1\alluse~1\dataap~1\wincert\win32c~1.dll - 
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             win32prop.dll - c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll - 
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[nvsvc32.exe]Modules
             nvsvc32.exe - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             POWRPROF.dll - C:\WINDOWS\system32\POWRPROF.dll - Microsoft Corporation
             wtsapi32.dll - C:\WINDOWS\system32\wtsapi32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             nvapi.dll - C:\WINDOWS\system32\nvapi.dll - NVIDIA Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             secur32.dll - C:\WINDOWS\system32\secur32.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[AvastSvc.exe]Modules
             AvastSvc.exe - C:\Program Files\AVAST Software\Avast\AvastSvc.exe - AVAST Software
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             aswCmnBS.dll - C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - AVAST Software
             aswCmnOS.dll - C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - AVAST Software
             aswCmnIS.dll - C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - AVAST Software
             MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             MSVCP90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCP90.dll - Microsoft Corporation
             ashBase.dll - C:\Program Files\AVAST Software\Avast\ashBase.dll - AVAST Software
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             aswEngLdr.dll - C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - AVAST Software
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             dbghelp.dll - C:\WINDOWS\system32\dbghelp.dll - Microsoft Corporation
             Base.dll - C:\Program Files\AVAST Software\Avast\1029\Base.dll - AVAST Software
             ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             aswAux.dll - C:\Program Files\AVAST Software\Avast\aswAux.dll - AVAST Software
             ashTask.dll - C:\Program Files\AVAST Software\Avast\ashTask.dll - AVAST Software
             ashTaskEx.dll - C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - AVAST Software
             aswLog.dll - C:\Program Files\AVAST Software\Avast\aswLog.dll - AVAST Software
             aswSqLt.dll - C:\Program Files\AVAST Software\Avast\aswSqLt.dll - AVAST Software
             aswProperty.dll - C:\Program Files\AVAST Software\Avast\aswProperty.dll - AVAST Software
             Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             AavmRpch.dll - C:\Program Files\AVAST Software\Avast\AavmRpch.dll - AVAST Software
             aswIdle.dll - C:\Program Files\AVAST Software\Avast\aswIdle.dll - AVAST Software
             aswDld.dll - C:\Program Files\AVAST Software\Avast\aswDld.dll - AVAST Software
             aswStrm.dll - C:\Program Files\AVAST Software\Avast\aswStrm.dll - AVAST Software
             wtsapi32.dll - C:\WINDOWS\system32\wtsapi32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             aswEngin.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\aswEngin.dll - AVAST Software
             aswCmnOS.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\aswCmnOS.dll - AVAST Software
             aswCmnIS.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\aswCmnIS.dll - AVAST Software
             aswCmnBS.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\aswCmnBS.dll - AVAST Software
             aswScan.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\aswScan.dll - AVAST Software
             aswRep.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\aswRep.dll - AVAST Software
             aswFiDb.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\aswFiDb.dll - AVAST Software
             algo.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll - 
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             secur32.dll - C:\WINDOWS\system32\secur32.dll - Microsoft Corporation
             FltLib.dll - C:\WINDOWS\system32\FltLib.dll - Microsoft Corporation
             AhResBhv.dll - C:\Program Files\AVAST Software\Avast\AhResBhv.dll - AVAST Software
             AhResJs.dll - C:\Program Files\AVAST Software\Avast\AhResJs.dll - AVAST Software
             AhResMai.dll - C:\Program Files\AVAST Software\Avast\AhResMai.dll - AVAST Software
             AhResMes.dll - C:\Program Files\AVAST Software\Avast\AhResMes.dll - AVAST Software
             AhResNS.dll - C:\Program Files\AVAST Software\Avast\AhResNS.dll - AVAST Software
             AhResP2P.dll - C:\Program Files\AVAST Software\Avast\AhResP2P.dll - AVAST Software
             AhResStd.dll - C:\Program Files\AVAST Software\Avast\AhResStd.dll - AVAST Software
             AhResWS.dll - C:\Program Files\AVAST Software\Avast\AhResWS.dll - AVAST Software
             arPot.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\arPot.dll - AVAST Software
             ashMaiSv.dll - C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - AVAST Software
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             ashWebSv.dll - C:\Program Files\AVAST Software\Avast\ashWebSv.dll - AVAST Software
             winrnr.dll - C:\WINDOWS\System32\winrnr.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\system32\rasadhlp.dll - Microsoft Corporation
             security.dll - C:\WINDOWS\system32\security.dll - Microsoft Corporation
             ashWsFtr.dll - C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - AVAST Software

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             wiaservc.dll - c:\windows\system32\wiaservc.dll - Microsoft Corporation
             CFGMGR32.dll - c:\windows\system32\CFGMGR32.dll - Microsoft Corporation
             setupapi.DLL - c:\windows\system32\setupapi.DLL - Microsoft Corporation
             mscms.dll - c:\windows\system32\mscms.dll - Microsoft Corporation
             WINSPOOL.DRV - c:\windows\system32\WINSPOOL.DRV - Microsoft Corporation
             WINSTA.dll - c:\windows\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             actxprxy.dll - C:\WINDOWS\system32\actxprxy.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[lsass.exe]Modules
             lsass.exe - C:\WINDOWS\system32\lsass.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             LSASRV.dll - C:\WINDOWS\system32\LSASRV.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             SAMSRV.dll - C:\WINDOWS\system32\SAMSRV.dll - Microsoft Corporation
             cryptdll.dll - C:\WINDOWS\system32\cryptdll.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             MPR.dll - C:\WINDOWS\system32\MPR.dll - Microsoft Corporation
             NTDSAPI.dll - C:\WINDOWS\system32\NTDSAPI.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             msprivs.dll - C:\WINDOWS\system32\msprivs.dll - Microsoft Corporation
             kerberos.dll - C:\WINDOWS\system32\kerberos.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             netlogon.dll - C:\WINDOWS\system32\netlogon.dll - Microsoft Corporation
             w32time.dll - C:\WINDOWS\system32\w32time.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             schannel.dll - C:\WINDOWS\system32\schannel.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             wdigest.dll - C:\WINDOWS\system32\wdigest.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             setupapi.dll - C:\WINDOWS\system32\setupapi.dll - Microsoft Corporation
             scecli.dll - C:\WINDOWS\system32\scecli.dll - Microsoft Corporation
             ipsecsvc.dll - C:\WINDOWS\system32\ipsecsvc.dll - Microsoft Corporation
             AUTHZ.dll - C:\WINDOWS\system32\AUTHZ.dll - Microsoft Corporation
             oakley.DLL - C:\WINDOWS\system32\oakley.DLL - Microsoft Corporation
             WINIPSEC.DLL - C:\WINDOWS\system32\WINIPSEC.DLL - Microsoft Corporation
             pstorsvc.dll - C:\WINDOWS\system32\pstorsvc.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             psbase.dll - C:\WINDOWS\system32\psbase.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             dssenh.dll - C:\WINDOWS\system32\dssenh.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[hpcmpmgr.exe]Modules
             hpcmpmgr.exe - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe - Hewlett-Packard Company
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             HPVCR70.dll - C:\Program Files\HP\hpcoretech\HPVCR70.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             Cabinet.dll - C:\WINDOWS\system32\Cabinet.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             MSXML4.dll - C:\WINDOWS\system32\MSXML4.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             mlang.dll - C:\WINDOWS\system32\mlang.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[c2c_service.exe]Modules
             c2c_service.exe - C:\Documents and Settings\All Users\Data aplikac\Skype\Toolbars\Skype C2C Service\c2c_service.exe - Skype Technologies S.A.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             IPHLPAPI.DLL - C:\WINDOWS\system32\IPHLPAPI.DLL - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\System32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\System32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\System32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\System32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\System32\UxTheme.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\System32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\System32\NTMARTA.DLL - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\System32\SAMLIB.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\System32\xpsp2res.dll - Microsoft Corporation
             shsvcs.dll - c:\windows\system32\shsvcs.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\System32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             dhcpcsvc.dll - c:\windows\system32\dhcpcsvc.dll - Microsoft Corporation
             DNSAPI.dll - c:\windows\system32\DNSAPI.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation
             iphlpapi.dll - c:\windows\system32\iphlpapi.dll - Microsoft Corporation
             Secur32.dll - c:\windows\system32\Secur32.dll - Microsoft Corporation
             wzcsvc.dll - c:\windows\system32\wzcsvc.dll - Microsoft Corporation
             rtutils.dll - c:\windows\system32\rtutils.dll - Microsoft Corporation
             WMI.dll - c:\windows\system32\WMI.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             WTSAPI32.dll - c:\windows\system32\WTSAPI32.dll - Microsoft Corporation
             ESENT.dll - c:\windows\system32\ESENT.dll - Microsoft Corporation
             ATL.DLL - c:\windows\system32\ATL.DLL - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\System32\rsaenh.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\System32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\System32\COMRes.dll - Microsoft Corporation
             rastls.dll - C:\WINDOWS\System32\rastls.dll - Microsoft Corporation
             CRYPTUI.dll - C:\WINDOWS\system32\CRYPTUI.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             MPRAPI.dll - C:\WINDOWS\System32\MPRAPI.dll - Microsoft Corporation
             ACTIVEDS.dll - C:\WINDOWS\System32\ACTIVEDS.dll - Microsoft Corporation
             adsldpc.dll - C:\WINDOWS\System32\adsldpc.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\System32\SETUPAPI.dll - Microsoft Corporation
             RASAPI32.dll - C:\WINDOWS\System32\RASAPI32.dll - Microsoft Corporation
             rasman.dll - C:\WINDOWS\System32\rasman.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\System32\TAPI32.dll - Microsoft Corporation
             SCHANNEL.dll - C:\WINDOWS\System32\SCHANNEL.dll - Microsoft Corporation
             WinSCard.dll - C:\WINDOWS\System32\WinSCard.dll - Microsoft Corporation
             raschap.dll - C:\WINDOWS\System32\raschap.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             schedsvc.dll - c:\windows\system32\schedsvc.dll - Microsoft Corporation
             NTDSAPI.dll - c:\windows\system32\NTDSAPI.dll - Microsoft Corporation
             MSIDLE.DLL - C:\WINDOWS\System32\MSIDLE.DLL - Microsoft Corporation
             audiosrv.dll - c:\windows\system32\audiosrv.dll - Microsoft Corporation
             wkssvc.dll - c:\windows\system32\wkssvc.dll - Microsoft Corporation
             cryptsvc.dll - c:\windows\system32\cryptsvc.dll - Microsoft Corporation
             certcli.dll - c:\windows\system32\certcli.dll - Microsoft Corporation
             dmserver.dll - c:\windows\system32\dmserver.dll - Microsoft Corp.
             ersvc.dll - c:\windows\system32\ersvc.dll - Microsoft Corporation
             es.dll - c:\windows\system32\es.dll - Microsoft Corporation
             pchsvc.dll - c:\windows\pchealth\helpctr\binaries\pchsvc.dll - Microsoft Corporation
             hidserv.dll - c:\windows\system32\hidserv.dll - Microsoft Corporation
             HID.DLL - c:\windows\system32\HID.DLL - Microsoft Corporation
             srvsvc.dll - c:\windows\system32\srvsvc.dll - Microsoft Corporation
             HNETCFG.DLL - C:\WINDOWS\System32\HNETCFG.DLL - Microsoft Corporation
             seclogon.dll - c:\windows\system32\seclogon.dll - Microsoft Corporation
             sens.dll - c:\windows\system32\sens.dll - Microsoft Corporation
             winspool.drv - C:\WINDOWS\System32\winspool.drv - Microsoft Corporation
             SXS.DLL - C:\WINDOWS\System32\SXS.DLL - Microsoft Corporation
             srsvc.dll - c:\windows\system32\srsvc.dll - Microsoft Corporation
             POWRPROF.dll - c:\windows\system32\POWRPROF.dll - Microsoft Corporation
             trkwks.dll - c:\windows\system32\trkwks.dll - Microsoft Corporation
             w32time.dll - c:\windows\system32\w32time.dll - Microsoft Corporation
             MSVCP60.dll - c:\windows\system32\MSVCP60.dll - Microsoft Corporation
             browser.dll - c:\windows\system32\browser.dll - Microsoft Corporation
             wmisvc.dll - c:\windows\system32\wbem\wmisvc.dll - Microsoft Corporation
             VSSAPI.DLL - C:\WINDOWS\system32\VSSAPI.DLL - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\System32\mswsock.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             comsvcs.dll - C:\WINDOWS\system32\comsvcs.dll - Microsoft Corporation
             MTXCLU.DLL - C:\WINDOWS\system32\MTXCLU.DLL - Microsoft Corporation
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             colbact.DLL - C:\WINDOWS\system32\colbact.DLL - Microsoft Corporation
             CLUSAPI.DLL - C:\WINDOWS\System32\CLUSAPI.DLL - Microsoft Corporation
             RESUTILS.DLL - C:\WINDOWS\System32\RESUTILS.DLL - Microsoft Corporation
             tapisrv.dll - c:\windows\system32\tapisrv.dll - Microsoft Corporation
             rasmans.dll - c:\windows\system32\rasmans.dll - Microsoft Corporation
             WINIPSEC.DLL - c:\windows\system32\WINIPSEC.DLL - Microsoft Corporation
             netcfgx.dll - c:\windows\system32\netcfgx.dll - Microsoft Corporation
             netman.dll - c:\windows\system32\netman.dll - Microsoft Corporation
             netshell.dll - c:\windows\system32\netshell.dll - Microsoft Corporation
             credui.dll - c:\windows\system32\credui.dll - Microsoft Corporation
             WZCSAPI.DLL - c:\windows\system32\WZCSAPI.DLL - Microsoft Corporation
             RASDLG.dll - C:\WINDOWS\System32\RASDLG.dll - Microsoft Corporation
             upnp.dll - C:\WINDOWS\system32\upnp.dll - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             SSDPAPI.dll - C:\WINDOWS\system32\SSDPAPI.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\System32\rasadhlp.dll - Microsoft Corporation
             rastapi.dll - C:\WINDOWS\System32\rastapi.dll - Microsoft Corporation
             unimdm.tsp - C:\WINDOWS\System32\unimdm.tsp - Microsoft Corporation
             uniplat.dll - C:\WINDOWS\System32\uniplat.dll - Microsoft Corporation
             wbemcomn.dll - C:\WINDOWS\system32\wbem\wbemcomn.dll - Microsoft Corporation
             kmddsp.tsp - C:\WINDOWS\System32\kmddsp.tsp - Microsoft Corporation
             wbemcore.dll - C:\WINDOWS\system32\WBEM\wbemcore.dll - Microsoft Corporation
             esscli.dll - C:\WINDOWS\system32\WBEM\esscli.dll - Microsoft Corporation
             FastProx.dll - C:\WINDOWS\system32\WBEM\FastProx.dll - Microsoft Corporation
             ndptsp.tsp - C:\WINDOWS\System32\ndptsp.tsp - Microsoft Corporation
             ipconf.tsp - C:\WINDOWS\System32\ipconf.tsp - Microsoft Corporation
             h323.tsp - C:\WINDOWS\System32\h323.tsp - Microsoft Corporation
             wmiutils.dll - C:\WINDOWS\system32\wbem\wmiutils.dll - Microsoft Corporation
             hidphone.tsp - C:\WINDOWS\System32\hidphone.tsp - Microsoft Corporation
             repdrvfs.dll - C:\WINDOWS\system32\wbem\repdrvfs.dll - Microsoft Corporation
             rasppp.dll - C:\WINDOWS\System32\rasppp.dll - Microsoft Corporation
             ntlsapi.dll - C:\WINDOWS\System32\ntlsapi.dll - Microsoft Corporation
             kerberos.dll - C:\WINDOWS\system32\kerberos.dll - Microsoft Corporation
             cryptdll.dll - C:\WINDOWS\System32\cryptdll.dll - Microsoft Corporation
             wmiprvsd.dll - C:\WINDOWS\system32\wbem\wmiprvsd.dll - Microsoft Corporation
             NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             wbemess.dll - C:\WINDOWS\system32\wbem\wbemess.dll - Microsoft Corporation
             ncprov.dll - C:\WINDOWS\system32\wbem\ncprov.dll - Microsoft Corporation
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation
             wbemsvc.dll - C:\WINDOWS\system32\wbem\wbemsvc.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[services.exe]Modules
             services.exe - C:\WINDOWS\system32\services.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             SCESRV.dll - C:\WINDOWS\system32\SCESRV.dll - Microsoft Corporation
             AUTHZ.dll - C:\WINDOWS\system32\AUTHZ.dll - Microsoft Corporation
             umpnpmgr.dll - C:\WINDOWS\system32\umpnpmgr.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             secur32.dll - C:\WINDOWS\system32\secur32.dll - Microsoft Corporation
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation
             eventlog.dll - C:\WINDOWS\system32\eventlog.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             wtsapi32.dll - C:\WINDOWS\system32\wtsapi32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[jqs.exe]Modules
             jqs.exe - C:\Program Files\Java\jre7\bin\jqs.exe - Oracle Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             MSVCR100.dll - C:\Program Files\Java\jre7\bin\MSVCR100.dll - Microsoft Corporation
             user32.dll - C:\WINDOWS\system32\user32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             pdh.dll - C:\WINDOWS\system32\pdh.dll - Microsoft Corporation
             comdlg32.dll - C:\WINDOWS\system32\comdlg32.dll - Microsoft Corporation
             ODBC32.dll - C:\WINDOWS\system32\ODBC32.dll - Microsoft Corporation
             odbcbcp.dll - C:\WINDOWS\system32\odbcbcp.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             odbcint.dll - C:\WINDOWS\system32\odbcint.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             netfxperf.dll - C:\WINDOWS\system32\netfxperf.dll - Microsoft Corporation
             mscoree.dll - C:\WINDOWS\system32\mscoree.dll - Microsoft Corporation
             perfcounter.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\perfcounter.dll - Microsoft Corporation
             MSVCR80.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll - Microsoft Corporation
             mscorwks.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - Microsoft Corporation
             CorperfmonExt.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CorperfmonExt.dll - Microsoft Corporation
             aspnet_perf.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll - Microsoft Corporation
             aspnet_isapi.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             MSVCR71.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll - Microsoft Corporation
             query.dll - C:\WINDOWS\System32\query.dll - Microsoft Corporation
             msdtcuiu.DLL - C:\WINDOWS\system32\msdtcuiu.DLL - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             MFC42u.DLL - C:\WINDOWS\system32\MFC42u.DLL - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             MSDTCPRX.dll - C:\WINDOWS\system32\MSDTCPRX.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             MTXCLU.DLL - C:\WINDOWS\system32\MTXCLU.DLL - Microsoft Corporation
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             MPR.dll - C:\WINDOWS\system32\MPR.dll - Microsoft Corporation
             MFC42LOC.DLL - C:\WINDOWS\system32\MFC42LOC.DLL - Microsoft Corporation
             CLUSAPI.DLL - C:\WINDOWS\system32\CLUSAPI.DLL - Microsoft Corporation
             RESUTILS.DLL - C:\WINDOWS\system32\RESUTILS.DLL - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             perfdisk.dll - C:\WINDOWS\system32\perfdisk.dll - Microsoft Corporation
             perfnet.dll - C:\WINDOWS\system32\perfnet.dll - Microsoft Corporation
             perfos.dll - C:\WINDOWS\system32\perfos.dll - Microsoft Corporation
             perfproc.dll - C:\WINDOWS\system32\perfproc.dll - Microsoft Corporation
             pschdprf.dll - C:\WINDOWS\system32\pschdprf.dll - Microsoft Corporation
             TRAFFIC.dll - C:\WINDOWS\system32\TRAFFIC.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             WMI.dll - C:\WINDOWS\system32\WMI.dll - Microsoft Corporation
             rsvpperf.dll - C:\WINDOWS\System32\rsvpperf.dll - Microsoft Corporation
             winspool.drv - C:\WINDOWS\system32\winspool.drv - Microsoft Corporation
             tapiperf.dll - C:\WINDOWS\system32\tapiperf.dll - Microsoft Corporation
             tapi32.dll - C:\WINDOWS\system32\tapi32.dll - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             Perfctrs.dll - C:\WINDOWS\system32\Perfctrs.dll - Microsoft Corporation
             MPRAPI.dll - C:\WINDOWS\system32\MPRAPI.dll - Microsoft Corporation
             ACTIVEDS.dll - C:\WINDOWS\system32\ACTIVEDS.dll - Microsoft Corporation
             adsldpc.dll - C:\WINDOWS\system32\adsldpc.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             perfts.dll - C:\WINDOWS\system32\perfts.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             UTILDLL.dll - C:\WINDOWS\system32\UTILDLL.dll - Microsoft Corporation
             wmiaprpl.dll - C:\WINDOWS\system32\wbem\wmiaprpl.dll - Microsoft Corporation
             loadperf.dll - C:\WINDOWS\system32\loadperf.dll - Microsoft Corporation
             wbemcomn.dll - C:\WINDOWS\system32\wbem\wbemcomn.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[wdfmgr.exe]Modules
             wdfmgr.exe - C:\WINDOWS\system32\wdfmgr.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[PCHunter32.exe]Modules
             PCHunter32.exe - C:\Documents and Settings\win-xp\Plocha\PCHunter32.exe - ????(??)????????
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             snxhk.dll - C:\Program Files\AVAST Software\Avast\snxhk.dll - AVAST Software
             KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             MSIMG32.dll - C:\WINDOWS\system32\MSIMG32.dll - Microsoft Corporation
             COMDLG32.dll - C:\WINDOWS\system32\COMDLG32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             oledlg.dll - C:\WINDOWS\system32\oledlg.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             gdiplus.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll - Microsoft Corporation
             IPHLPAPI.DLL - C:\WINDOWS\system32\IPHLPAPI.DLL - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             OLEACC.dll - C:\WINDOWS\system32\OLEACC.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             IMM32.dll - C:\WINDOWS\system32\IMM32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             RICHED32.DLL - C:\WINDOWS\system32\RICHED32.DLL - Microsoft Corporation
             RICHED20.dll - C:\WINDOWS\system32\RICHED20.dll - Microsoft Corporation
             Psapi.dll - C:\WINDOWS\system32\Psapi.dll - Microsoft Corporation
             appHelp.dll - C:\WINDOWS\system32\appHelp.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             ashShell.dll - C:\Program Files\AVAST Software\Avast\ashShell.dll - AVAST Software
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             wsock32.dll - C:\WINDOWS\system32\wsock32.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             winrnr.dll - C:\WINDOWS\System32\winrnr.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             sensapi.dll - C:\WINDOWS\system32\sensapi.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\system32\rasadhlp.dll - Microsoft Corporation
             RASAPI32.DLL - C:\WINDOWS\system32\RASAPI32.DLL - Microsoft Corporation
             rasman.dll - C:\WINDOWS\system32\rasman.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\system32\TAPI32.dll - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             mlang.dll - C:\WINDOWS\system32\mlang.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[smss.exe]Modules
             smss.exe - C:\WINDOWS\System32\smss.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[csrss.exe]Modules
             csrss.exe - C:\WINDOWS\system32\csrss.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             basesrv.dll - C:\WINDOWS\system32\basesrv.dll - Microsoft Corporation
             winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             sxs.dll - C:\WINDOWS\system32\sxs.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[winlogon.exe]Modules
             winlogon.exe - C:\WINDOWS\system32\winlogon.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             AUTHZ.dll - C:\WINDOWS\system32\AUTHZ.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             NDdeApi.dll - C:\WINDOWS\system32\NDdeApi.dll - Microsoft Corporation
             PROFMAP.dll - C:\WINDOWS\system32\PROFMAP.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             REGAPI.dll - C:\WINDOWS\system32\REGAPI.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             MSGINA.dll - C:\WINDOWS\system32\MSGINA.dll - Microsoft Corporation
             ODBC32.dll - C:\WINDOWS\system32\ODBC32.dll - Microsoft Corporation
             comdlg32.dll - C:\WINDOWS\system32\comdlg32.dll - Microsoft Corporation
             odbcint.dll - C:\WINDOWS\system32\odbcint.dll - Microsoft Corporation
             SHSVCS.dll - C:\WINDOWS\system32\SHSVCS.dll - Microsoft Corporation
             sfc.dll - C:\WINDOWS\system32\sfc.dll - Microsoft Corporation
             sfc_os.dll - C:\WINDOWS\system32\sfc_os.dll - Microsoft Corporation
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation
             WINSCARD.DLL - C:\WINDOWS\system32\WINSCARD.DLL - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             sxs.dll - C:\WINDOWS\system32\sxs.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             cscdll.dll - C:\WINDOWS\system32\cscdll.dll - Microsoft Corporation
             WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             MPR.dll - C:\WINDOWS\system32\MPR.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             cscui.dll - C:\WINDOWS\system32\cscui.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             msacm32.drv - C:\WINDOWS\system32\msacm32.drv - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             midimap.dll - C:\WINDOWS\system32\midimap.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             rpcss.dll - c:\windows\system32\rpcss.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation
             Secur32.dll - c:\windows\system32\Secur32.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             termsrv.dll - c:\windows\system32\termsrv.dll - Microsoft Corporation
             ICAAPI.dll - c:\windows\system32\ICAAPI.dll - Microsoft Corporation
             SETUPAPI.dll - c:\windows\system32\SETUPAPI.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             AUTHZ.dll - c:\windows\system32\AUTHZ.dll - Microsoft Corporation
             mstlsapi.dll - c:\windows\system32\mstlsapi.dll - Microsoft Corporation
             ACTIVEDS.dll - c:\windows\system32\ACTIVEDS.dll - Microsoft Corporation
             adsldpc.dll - c:\windows\system32\adsldpc.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             ATL.DLL - c:\windows\system32\ATL.DLL - Microsoft Corporation
             REGAPI.dll - C:\WINDOWS\system32\REGAPI.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[explorer.exe]Modules
             Explorer.EXE - C:\WINDOWS\Explorer.EXE - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             BROWSEUI.dll - C:\WINDOWS\system32\BROWSEUI.dll - Spolenost Microsoft
             SHDOCVW.dll - C:\WINDOWS\system32\SHDOCVW.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             CRYPTUI.dll - C:\WINDOWS\system32\CRYPTUI.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             appHelp.dll - C:\WINDOWS\system32\appHelp.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             ashShell.dll - C:\Program Files\AVAST Software\Avast\ashShell.dll - AVAST Software
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation
             cscui.dll - C:\WINDOWS\System32\cscui.dll - Microsoft Corporation
             CSCDLL.dll - C:\WINDOWS\System32\CSCDLL.dll - Microsoft Corporation
             themeui.dll - C:\WINDOWS\system32\themeui.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             MSIMG32.dll - C:\WINDOWS\system32\MSIMG32.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             msutb.dll - C:\WINDOWS\system32\msutb.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             shimgvw.dll - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation
             gdiplus.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             mlang.dll - C:\WINDOWS\system32\mlang.dll - Microsoft Corporation
             mshtml.dll - C:\WINDOWS\system32\mshtml.dll - Microsoft Corporation
             msls31.dll - C:\WINDOWS\system32\msls31.dll - Microsoft Corporation
             RASAPI32.DLL - C:\WINDOWS\system32\RASAPI32.DLL - Microsoft Corporation
             rasman.dll - C:\WINDOWS\system32\rasman.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\system32\TAPI32.dll - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             sensapi.dll - C:\WINDOWS\system32\sensapi.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             LINKINFO.dll - C:\WINDOWS\system32\LINKINFO.dll - Microsoft Corporation
             ntshrui.dll - C:\WINDOWS\system32\ntshrui.dll - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             NETSHELL.dll - C:\WINDOWS\system32\NETSHELL.dll - Microsoft Corporation
             credui.dll - C:\WINDOWS\system32\credui.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             shdoclc.dll - C:\WINDOWS\system32\shdoclc.dll - Microsoft Corporation
             msimtf.dll - C:\WINDOWS\system32\msimtf.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             webcheck.dll - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             stobject.dll - C:\WINDOWS\system32\stobject.dll - Microsoft Corporation
             BatMeter.dll - C:\WINDOWS\system32\BatMeter.dll - Microsoft Corporation
             POWRPROF.dll - C:\WINDOWS\system32\POWRPROF.dll - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             msacm32.drv - C:\WINDOWS\system32\msacm32.drv - Microsoft Corporation
             midimap.dll - C:\WINDOWS\system32\midimap.dll - Microsoft Corporation
             MPR.dll - C:\WINDOWS\system32\MPR.dll - Microsoft Corporation
             drprov.dll - C:\WINDOWS\System32\drprov.dll - Microsoft Corporation
             ntlanman.dll - C:\WINDOWS\System32\ntlanman.dll - Microsoft Corporation
             NETUI0.dll - C:\WINDOWS\System32\NETUI0.dll - Microsoft Corporation
             NETUI1.dll - C:\WINDOWS\System32\NETUI1.dll - Microsoft Corporation
             NETRAP.dll - C:\WINDOWS\System32\NETRAP.dll - Microsoft Corporation
             davclnt.dll - C:\WINDOWS\System32\davclnt.dll - Microsoft Corporation
             WZCSAPI.DLL - C:\WINDOWS\system32\WZCSAPI.DLL - Microsoft Corporation
             wzcdlg.dll - C:\WINDOWS\system32\wzcdlg.dll - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             PDFShell.dll - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll - Adobe Systems, Inc.
             MSVCR80.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             rpcss.dll - c:\windows\system32\rpcss.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation
             Secur32.dll - c:\windows\system32\Secur32.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             winrnr.dll - C:\WINDOWS\System32\winrnr.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\system32\rasadhlp.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             dnsrslvr.dll - c:\windows\system32\dnsrslvr.dll - Microsoft Corporation
             DNSAPI.dll - c:\windows\system32\DNSAPI.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation
             iphlpapi.dll - c:\windows\system32\iphlpapi.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             lmhsvc.dll - c:\windows\system32\lmhsvc.dll - Microsoft Corporation
             iphlpapi.dll - c:\windows\system32\iphlpapi.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation
             webclnt.dll - c:\windows\system32\webclnt.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             wsock32.dll - C:\WINDOWS\system32\wsock32.dll - Microsoft Corporation
             regsvc.dll - c:\windows\system32\regsvc.dll - Microsoft Corporation
             ssdpsrv.dll - c:\windows\system32\ssdpsrv.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[AdobeARM.exe]Modules
             AdobeARM.exe - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - Adobe Systems Incorporated
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             SensApi.dll - C:\WINDOWS\system32\SensApi.dll - Microsoft Corporation
             COMDLG32.dll - C:\WINDOWS\system32\COMDLG32.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             mlang.dll - C:\WINDOWS\system32\mlang.dll - Microsoft Corporation
             wsock32.dll - C:\WINDOWS\system32\wsock32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             netapi32.dll - C:\WINDOWS\system32\netapi32.dll - Microsoft Corporation
             schannel.dll - C:\WINDOWS\system32\schannel.dll - Microsoft Corporation
             RASAPI32.DLL - C:\WINDOWS\system32\RASAPI32.DLL - Microsoft Corporation
             rasman.dll - C:\WINDOWS\system32\rasman.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\system32\TAPI32.dll - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\system32\rasadhlp.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             winrnr.dll - C:\WINDOWS\System32\winrnr.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             dssenh.dll - C:\WINDOWS\system32\dssenh.dll - Microsoft Corporation
             cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[browsemngr.exe]Modules
             browsemngr.exe - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - 
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             win32c~1.dll - c:\docume~1\alluse~1\dataap~1\wincert\win32c~1.dll - 
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             win32prop.dll - c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll - 
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation
             secur32.dll - C:\WINDOWS\system32\secur32.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[FsUsbExService.Exe]Modules
             FsUsbExService.Exe - C:\WINDOWS\system32\FsUsbExService.Exe - Teruten
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             comdlg32.dll - C:\WINDOWS\system32\comdlg32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             oledlg.dll - C:\WINDOWS\system32\oledlg.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEPRO32.DLL - C:\WINDOWS\system32\OLEPRO32.DLL - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[PDVDServ.exe]Modules
             PDVDServ.exe - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe - Cyberlink Corp.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             CLRCEngine2.dll - C:\Program Files\CyberLink\Shared Files\CLRCEngine2.dll - CyberLink Corp.
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[RTHDCPL.exe]Modules
             RTHDCPL.EXE - C:\WINDOWS\RTHDCPL.EXE - Realtek Semiconductor Corp.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             DSOUND.DLL - C:\WINDOWS\system32\DSOUND.DLL - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             HHCTRL.OCX - C:\WINDOWS\system32\HHCTRL.OCX - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             SETUPAPI.DLL - C:\WINDOWS\system32\SETUPAPI.DLL - Microsoft Corporation
             MPR.DLL - C:\WINDOWS\system32\MPR.DLL - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             COMDLG32.DLL - C:\WINDOWS\system32\COMDLG32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             HHCTRLui.dll - C:\WINDOWS\system32\mui\0005\HHCTRLui.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             msacm32.drv - C:\WINDOWS\system32\msacm32.drv - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             midimap.dll - C:\WINDOWS\system32\midimap.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             KsUser.dll - C:\WINDOWS\system32\KsUser.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[hpqgalry.exe]Modules
             hpqgalry.exe - C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe - Hewlett-Packard Co.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             snxhk.dll - C:\Program Files\AVAST Software\Avast\snxhk.dll - AVAST Software
             KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             mscoree.dll - C:\WINDOWS\system32\mscoree.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             mscorwks.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - Microsoft Corporation
             MSVCR71.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll - Microsoft Corporation
             fusion.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll - Microsoft Corporation
             mscorlib.dll - c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll - Microsoft Corporation
             mscorlib.dll - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9aa4175d\mscorlib.dll - 
             mscorsn.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             hpqiface.dll - c:\windows\assembly\gac\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll - Hewlett-Packard Co.
             system.windows.forms.dll - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll - Microsoft Corporation
             system.windows.forms.dll - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_c10b5b9f\system.windows.forms.dll - 
             MSCORJIT.DLL - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL - Microsoft Corporation
             system.dll - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll - Microsoft Corporation
             system.dll - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_522428cf\system.dll - 
             hpqutils.dll - c:\windows\assembly\gac\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll - Hewlett-Packard Co.
             hpqfmrsc.dll - c:\windows\assembly\gac\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll - Hewlett-Packard Co.
             hpqgldlg.dll - c:\windows\assembly\gac\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll - Hewlett-Packard Co.
             hpqtray.dll - c:\windows\assembly\gac\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll - Hewlett-Packard Co.
             hpqgskin.dll - c:\windows\assembly\gac\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll - Hewlett-Packard Co.
             system.drawing.dll - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll - Microsoft Corporation
             system.drawing.dll - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_6cb1aad3\system.drawing.dll - 
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             hpqgalry.resources.dll - c:\program files\hp\digital imaging\bin\cs\hpqgalry.resources.dll -  
             gdiplus.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll - Microsoft Corporation
             hpqptfnd.dll - c:\windows\assembly\gac\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll - Hewlett-Packard Co.
             interop.hpqcxm08.dll - c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll -  
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             hpqcxm08.dll - C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll - Hewlett-Packard Co.
             SHFOLDER.dll - C:\WINDOWS\system32\SHFOLDER.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             system.xml.dll - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll - Microsoft Corporation
             system.xml.dll - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_de9d4252\system.xml.dll - 
             lead.dll - c:\windows\assembly\gac\lead\13.0.0.66__9cf889f53ea9b907\lead.dll - LEAD Technologies, Inc.
             lead.wrapper.dll - c:\windows\assembly\gac\lead.wrapper\13.0.0.66__9cf889f53ea9b907\lead.wrapper.dll - LEAD Technologies, Inc.
             ltkrn13n.dll - C:\Program Files\HP\Digital Imaging\bin\ltkrn13n.dll - LEAD Technologies, Inc.
             hpqimgrc.dll - c:\windows\assembly\gac\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll - Hewlett-Packard Co.
             hpqcmctl.dll - c:\windows\assembly\gac\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll - Hewlett-Packard Co.
             hpqtray.resources.dll - c:\windows\assembly\gac\hpqtray.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqtray.resources.dll -  
             lead.windows.forms.dll - c:\windows\assembly\gac\lead.windows.forms\13.0.0.66__9cf889f53ea9b907\lead.windows.forms.dll - LEAD Technologies, Inc.
             lead.drawing.dll - c:\windows\assembly\gac\lead.drawing\13.0.0.66__9cf889f53ea9b907\lead.drawing.dll - LEAD Technologies, Inc.
             hpqfmrsc.resources.dll - c:\windows\assembly\gac\hpqfmrsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqfmrsc.resources.dll -  
             interop.hpqimgr.dll - c:\windows\assembly\gac\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll -  
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             SXS.DLL - C:\WINDOWS\system32\SXS.DLL - Microsoft Corporation
             hpqimgr.dll - C:\Program Files\HP\Digital Imaging\Bin\hpqimgr.dll - Hewlett-Packard Co.
             MFC71.DLL - C:\WINDOWS\system32\MFC71.DLL - Microsoft Corporation
             ATL71.DLL - C:\WINDOWS\system32\ATL71.DLL - Microsoft Corporation
             MSVCP71.dll - C:\WINDOWS\system32\MSVCP71.dll - Microsoft Corporation
             hpqasset.dll - c:\windows\assembly\gac\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll - Hewlett-Packard Co.
             hpqccrsc.dll - c:\windows\assembly\gac\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll - Hewlett-Packard Co.
             accessibility.dll - c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll - Microsoft Corporation
             hpqmirsc.dll - c:\program files\hp\digital imaging\bin\hpqmirsc.dll - Hewlett-Packard Co.
             hpqmirsc.resources.dll - c:\program files\hp\digital imaging\bin\cs\hpqmirsc.resources.dll -  
             hpqietpz.dll - c:\windows\assembly\gac\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll - Hewlett-Packard Co.
             hpqietpz.resources.dll - c:\windows\assembly\gac\hpqietpz.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqietpz.resources.dll - Hewlett-Packard Co.
             hpqcprsc.dll - c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll - Hewlett-Packard Co.
             hpqcprsc.resources.dll - c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcprsc.resources.dll -  
             hpqisrtb.dll - c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll - Hewlett-Packard
             hpqisrtb.resources.dll - c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqisrtb.resources.dll - Hewlett-Packard
             hpqthumb.dll - c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll - Hewlett-Packard Co.

------------------------------------------------------------------------------------------

      Image File Name[rundll32.exe]Modules
             RUNDLL32.EXE - C:\WINDOWS\system32\RUNDLL32.EXE - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             NvMcTray.dll - C:\WINDOWS\system32\NvMcTray.dll - NVIDIA Corporation
             nvapi.dll - C:\WINDOWS\system32\nvapi.dll - NVIDIA Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             NVRSCS.DLL - C:\WINDOWS\system32\NVRSCS.DLL - NVIDIA Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[hpwuSchd2.exe]Modules
             HPWuSchd2.exe - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe - Hewlett-Packard Company
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[DATAMN~1.EXE]Modules
             DATAMN~1.EXE - C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE - Bandoo Media Inc
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[AvastUI.exe]Modules
             avastUI.exe - C:\Program Files\AVAST Software\Avast\avastUI.exe - AVAST Software
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             aswUtil.dll - C:\Program Files\AVAST Software\Avast\aswUtil.dll - AVAST Software
             ashBase.dll - C:\Program Files\AVAST Software\Avast\ashBase.dll - AVAST Software
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             aswEngLdr.dll - C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - AVAST Software
             aswCmnOS.dll - C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - AVAST Software
             aswCmnIS.dll - C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - AVAST Software
             MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             MSVCP90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCP90.dll - Microsoft Corporation
             aswCmnBS.dll - C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - AVAST Software
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             ashTask.dll - C:\Program Files\AVAST Software\Avast\ashTask.dll - AVAST Software
             aswAux.dll - C:\Program Files\AVAST Software\Avast\aswAux.dll - AVAST Software
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             aswLog.dll - C:\Program Files\AVAST Software\Avast\aswLog.dll - AVAST Software
             aswSqLt.dll - C:\Program Files\AVAST Software\Avast\aswSqLt.dll - AVAST Software
             aswProperty.dll - C:\Program Files\AVAST Software\Avast\aswProperty.dll - AVAST Software
             AavmRpch.dll - C:\Program Files\AVAST Software\Avast\AavmRpch.dll - AVAST Software
             mfc90u.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             MSIMG32.dll - C:\WINDOWS\system32\MSIMG32.dll - Microsoft Corporation
             COMDLG32.dll - C:\WINDOWS\system32\COMDLG32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             OLEACC.dll - C:\WINDOWS\system32\OLEACC.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             dbghelp.dll - C:\WINDOWS\system32\dbghelp.dll - Microsoft Corporation
             Base.dll - C:\Program Files\AVAST Software\Avast\1029\Base.dll - AVAST Software
             aswAra.dll - C:\Program Files\AVAST Software\Avast\aswAra.dll - AVAST Software
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             imm32.dll - C:\WINDOWS\system32\imm32.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             aswData.dll - C:\Program Files\AVAST Software\Avast\aswData.dll - AVAST Software
             ashTaskEx.dll - C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - AVAST Software
             Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             UILangRes.dll - C:\Program Files\AVAST Software\Avast\1029\UILangRes.dll - AVAST Software
             CommonRes.dll - C:\Program Files\AVAST Software\Avast\CommonRes.dll - AVAST Software
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             DSOUND.dll - C:\WINDOWS\system32\DSOUND.dll - Microsoft Corporation
             SXS.DLL - C:\WINDOWS\system32\SXS.DLL - Microsoft Corporation
             uiExt.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\uiExt.dll - AVAST Software

------------------------------------------------------------------------------------------

      Image File Name[ctfmon.exe]Modules
             ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             MSUTB.dll - C:\WINDOWS\system32\MSUTB.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[msmsgs.exe]Modules
             msmsgs.exe - C:\Program Files\Messenger\msmsgs.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             comdlg32.dll - C:\WINDOWS\system32\comdlg32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             gdiplus.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll - Microsoft Corporation
             MSIMG32.dll - C:\WINDOWS\system32\MSIMG32.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             cryptdll.dll - C:\WINDOWS\system32\cryptdll.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             XPOB2RES.DLL - C:\WINDOWS\system32\XPOB2RES.DLL - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             SXS.DLL - C:\WINDOWS\system32\SXS.DLL - Microsoft Corporation
             es.dll - C:\WINDOWS\system32\es.dll - Microsoft Corporation
             wtsapi32.dll - C:\WINDOWS\system32\wtsapi32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             credui.dll - C:\WINDOWS\system32\credui.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[GoogleToolbarNotifier.exe]Modules
             GoogleToolbarNotifier.exe - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - Google Inc.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             gtn.dll - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\gtn.dll - Google Inc.
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             IPHLPAPI.DLL - C:\WINDOWS\system32\IPHLPAPI.DLL - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             RASAPI32.dll - C:\WINDOWS\system32\RASAPI32.dll - Microsoft Corporation
             rasman.dll - C:\WINDOWS\system32\rasman.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\system32\TAPI32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             secur32.dll - C:\WINDOWS\system32\secur32.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             swg.dll - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll - Google Inc.
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             SXS.DLL - C:\WINDOWS\system32\SXS.DLL - Microsoft Corporation
             MPRAPI.dll - C:\WINDOWS\system32\MPRAPI.dll - Microsoft Corporation
             ACTIVEDS.dll - C:\WINDOWS\system32\ACTIVEDS.dll - Microsoft Corporation
             adsldpc.dll - C:\WINDOWS\system32\adsldpc.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[NPSAgent.exe]Modules
             NPSAgent.exe - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe - Samsung Electronics Co., Ltd.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             snxhk.dll - C:\Program Files\AVAST Software\Avast\snxhk.dll - AVAST Software
             KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             MFC80U.DLL - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL - Microsoft Corporation
             MSVCR80.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[hpqtra08.exe]Modules
             hpqtra08.exe - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - Hewlett-Packard Co.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             snxhk.dll - C:\Program Files\AVAST Software\Avast\snxhk.dll - AVAST Software
             KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             hpqcxm08.dll - C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll - Hewlett-Packard Co.
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             SHFOLDER.dll - C:\WINDOWS\system32\SHFOLDER.dll - Microsoft Corporation
             WTSAPI32.DLL - C:\WINDOWS\system32\WTSAPI32.DLL - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             hpquio08.dll - C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll - Hewlett-Packard Co.
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             hpqtra08.rsc - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc - Hewlett-Packard Co.
             hpqtao08.dll - C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll - Hewlett-Packard Co.
             hpotra08.dll - C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll - Hewlett-Packard Co.
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             CFGMGR32.dll - C:\WINDOWS\system32\CFGMGR32.dll - Microsoft Corporation
             hpotra08.rsc - C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc - Hewlett-Packard Co.
             hpodio08.dll - C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll - Hewlett-Packard Co.
             SXS.DLL - C:\WINDOWS\system32\SXS.DLL - Microsoft Corporation
             hpotradd.dll - C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll - Hewlett-Packard Co.
             hpoSTD08.dll - C:\Program Files\HP\Digital Imaging\bin\hpoSTD08.dll - Hewlett-Packard Co.
             hpqtap08.dll - C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll - Hewlett-Packard Co.
             MFC42.DLL - C:\WINDOWS\system32\MFC42.DLL - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             MFC42LOC.DLL - C:\WINDOWS\system32\MFC42LOC.DLL - Microsoft Corporation
             hpoSTD08.rsc - C:\Program Files\HP\Digital Imaging\bin\hpoSTD08.rsc - Hewlett-Packard Co.
             hpzidr12.dll - C:\WINDOWS\system32\hpzidr12.dll - HP
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             hpzipr12.dll - C:\WINDOWS\system32\hpzipr12.dll - HP
             hpodvd09.dll - C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll - Hewlett-Packard Co.
             hpoddcomm09.dll - C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll - Hewlett-Packard Co.
             hpocxi08.dll - C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll - Hewlett-Packard Co.
             hpqcob08.dll - C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll - Hewlett-Packard Co.
             hpodev08.dll - C:\Program Files\HP\Digital Imaging\bin\hpodev08.dll - Hewlett-Packard Co.
             hpodeb08.dll - C:\Program Files\HP\Digital Imaging\bin\hpodeb08.dll - Hewlett-Packard Co.
             hposcn08.dll - C:\Program Files\HP\Digital Imaging\bin\hposcn08.dll - Hewlett-Packard Co.
             STI.dll - C:\WINDOWS\system32\STI.dll - Microsoft Corporation
             hpoSCN08.rsc - C:\Program Files\HP\Digital Imaging\bin\hpoSCN08.rsc - Hewlett-Packard Co.

------------------------------------------------------------------------------------------

      Image File Name[wmiprvse.exe]Modules
             wmiprvse.exe - C:\WINDOWS\system32\wbem\wmiprvse.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             snxhk.dll - C:\Program Files\AVAST Software\Avast\snxhk.dll - AVAST Software
             KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             wbemcomn.dll - C:\WINDOWS\system32\wbem\wbemcomn.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             FastProx.dll - C:\WINDOWS\system32\wbem\FastProx.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             NTDSAPI.dll - C:\WINDOWS\system32\NTDSAPI.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             browse~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll - 
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             wbemsvc.dll - C:\WINDOWS\system32\wbem\wbemsvc.dll - Microsoft Corporation
             wmiutils.dll - C:\WINDOWS\system32\wbem\wmiutils.dll - Microsoft Corporation
             wmiprov.dll - C:\WINDOWS\system32\wbem\wmiprov.dll - Microsoft Corporation
             WMI.dll - C:\WINDOWS\system32\WMI.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[Idle]Modules

==========================================================================================

Process Threads

      Image File Name[System]Threads
             8 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             12 - Terminate - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             16 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             20 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             24 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             28 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             32 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             36 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             40 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             44 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             48 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             52 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             56 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             60 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             64 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             68 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             72 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             76 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             80 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             84 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             88 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             92 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             96 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             100 - Wait - sptd.sys - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
             104 - Wait - sptd.sys - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
             108 - Wait - sptd.sys - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
             112 - Wait - ACPI.sys - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
             120 - Wait - dmio.sys - C:\WINDOWS\system32\drivers\dmio.sys - Microsoft Corp., Veritas Software
             124 - Wait - NDIS.sys - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
             132 - Wait - redbook.sys - C:\WINDOWS\system32\DRIVERS\redbook.sys - Microsoft Corporation
             152 - Wait - rdpdr.sys - C:\WINDOWS\system32\DRIVERS\rdpdr.sys - Microsoft Corporation
             156 - Wait - rdpdr.sys - C:\WINDOWS\system32\DRIVERS\rdpdr.sys - Microsoft Corporation
             160 - Wait - rdpdr.sys - C:\WINDOWS\system32\DRIVERS\rdpdr.sys - Microsoft Corporation
             164 - Wait - rdpdr.sys - C:\WINDOWS\system32\DRIVERS\rdpdr.sys - Microsoft Corporation
             168 - Wait - dtsoftbus01.sys - C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys - DT Soft Ltd
             172 - Wait - srv.sys - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
             208 - Wait - raspptp.sys - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
             212 - Wait - raspptp.sys - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
             216 - Wait - raspptp.sys - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
             240 - Wait - srv.sys - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
             292 - Wait - MarvinBus.sys - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys - Pinnacle Systems GmbH
             296 - Wait - MarvinBus.sys - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys - Pinnacle Systems GmbH
             300 - Wait - MarvinBus.sys - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys - Pinnacle Systems GmbH
             304 - Wait - MarvinBus.sys - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys - Pinnacle Systems GmbH
             308 - Wait - MarvinBus.sys - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys - Pinnacle Systems GmbH
             312 - Wait - MarvinBus.sys - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys - Pinnacle Systems GmbH
             316 - Wait - redbook.sys - C:\WINDOWS\system32\DRIVERS\redbook.sys - Microsoft Corporation
             332 - Wait - nv4_mini.sys - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - NVIDIA Corporation
             336 - Wait - USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
             340 - Wait - USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
             344 - Wait - USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
             348 - Wait - USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
             352 - Wait - USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
             356 - Wait - USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
             360 - Wait - RtkHDAud.sys - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
             364 - Wait - RtkHDAud.sys - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
             368 - Wait - RtkHDAud.sys - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
             372 - Wait - RtkHDAud.sys - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
             376 - Wait - RtkHDAud.sys - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
             380 - Wait - RtkHDAud.sys - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
             384 - Wait - RtkHDAud.sys - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
             388 - Wait - RtkHDAud.sys - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
             392 - Wait -  -  - 
             400 - Wait - RtkHDAud.sys - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
             404 - Wait - RtkHDAud.sys - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
             408 - Wait - RtkHDAud.sys - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
             460 - Wait - parport.sys - C:\WINDOWS\system32\DRIVERS\parport.sys - Microsoft Corporation
             468 - Wait - rasacd.sys - C:\WINDOWS\system32\DRIVERS\rasacd.sys - Microsoft Corporation
             652 - Wait - aswTdi.SYS - C:\WINDOWS\System32\Drivers\aswTdi.SYS - AVAST Software
             684 - Wait - rdbss.sys - C:\WINDOWS\system32\DRIVERS\rdbss.sys - Microsoft Corporation
             692 - Wait - rdbss.sys - C:\WINDOWS\system32\DRIVERS\rdbss.sys - Microsoft Corporation
             696 - Wait - rdbss.sys - C:\WINDOWS\system32\DRIVERS\rdbss.sys - Microsoft Corporation
             700 - Terminate - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             704 - Wait - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             708 - Wait - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             712 - Wait - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             716 - Wait - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             720 - Wait - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             724 - Wait - aswSnx.SYS - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
             728 - Wait - aswSnx.SYS - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
             732 - Wait - aswSnx.SYS - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
             736 - Wait - aswSnx.SYS - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
             740 - Wait - aswSnx.SYS - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
             760 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             1448 - Wait - aswMon2.SYS - C:\WINDOWS\System32\Drivers\aswMon2.SYS - AVAST Software
             1452 - Wait - aswMon2.SYS - C:\WINDOWS\System32\Drivers\aswMon2.SYS - AVAST Software
             1456 - Wait - aswMon2.SYS - C:\WINDOWS\System32\Drivers\aswMon2.SYS - AVAST Software
             1460 - Wait - aswMon2.SYS - C:\WINDOWS\System32\Drivers\aswMon2.SYS - AVAST Software
             1464 - Wait - aswMon2.SYS - C:\WINDOWS\System32\Drivers\aswMon2.SYS - AVAST Software
             1468 - Wait - aswMon2.SYS - C:\WINDOWS\System32\Drivers\aswMon2.SYS - AVAST Software
             1472 - Wait - aswMon2.SYS - C:\WINDOWS\System32\Drivers\aswMon2.SYS - AVAST Software
             1756 - Wait - mrxdav.sys - C:\WINDOWS\system32\DRIVERS\mrxdav.sys - Microsoft Corporation
             1760 - Wait - mrxdav.sys - C:\WINDOWS\system32\DRIVERS\mrxdav.sys - Microsoft Corporation
             1764 - Wait - mrxdav.sys - C:\WINDOWS\system32\DRIVERS\mrxdav.sys - Microsoft Corporation
             1768 - Wait - mrxdav.sys - C:\WINDOWS\system32\DRIVERS\mrxdav.sys - Microsoft Corporation
             1776 - Wait - mrxdav.sys - C:\WINDOWS\system32\DRIVERS\mrxdav.sys - Microsoft Corporation
             2044 - Wait - srv.sys - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
             2292 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2296 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2300 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2304 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2308 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2312 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2316 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2336 - Wait - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             2348 - Wait - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             2668 - Wait - rdbss.sys - C:\WINDOWS\system32\DRIVERS\rdbss.sys - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[spoolsv.exe]Threads
             116 - Wait - spoolsv.exe - C:\WINDOWS\system32\spoolsv.exe - Microsoft Corporation
             272 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             424 - Wait - usbmon.dll - C:\WINDOWS\system32\usbmon.dll - Microsoft Corporation
             432 - Wait - localspl.dll - C:\WINDOWS\system32\localspl.dll - Microsoft Corporation
             444 - Wait - localspl.dll - C:\WINDOWS\system32\localspl.dll - Microsoft Corporation
             456 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1696 - Wait - spoolsv.exe - C:\WINDOWS\system32\spoolsv.exe - Microsoft Corporation
             1712 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1716 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1720 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1728 - Wait - spoolsv.exe - C:\WINDOWS\system32\spoolsv.exe - Microsoft Corporation
             3328 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[browsemngr.exe]Threads
             128 - Wait - browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 
             148 - Wait - browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 
             176 - Wait - browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 
             180 - Wait - browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 
             184 - Wait - browsemngr.exe - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - 
             188 - Terminate - browsemngr.exe - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - 
             192 - Wait - browsemngr.exe - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - 
             196 - Wait - browsemngr.exe - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - 
             1880 - Wait - browsemngr.exe - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - 
             1944 - Wait - browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 
             1988 - Wait - browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 
             2004 - Wait - browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 
             2008 - Wait - browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 
             2012 - Wait - browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 
             2016 - Wait - browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 
             2020 - Wait - browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 
             2024 - Wait - browsemngr.dll - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll - 

------------------------------------------------------------------------------------------

      Image File Name[nvsvc32.exe]Threads
             140 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             436 - Wait - nvsvc32.exe - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Corporation
             2032 - Wait - nvsvc32.exe - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Corporation

------------------------------------------------------------------------------------------

      Image File Name[AvastSvc.exe]Threads
             144 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             540 - Terminate - aswEngin.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\aswEngin.dll - AVAST Software
             544 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             1096 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1100 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1144 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1188 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1204 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1208 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1212 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1232 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1236 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1240 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1244 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1248 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1252 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1256 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1280 - Wait - AhResBhv.dll - C:\Program Files\AVAST Software\Avast\AhResBhv.dll - AVAST Software
             1284 - Wait - AhResBhv.dll - C:\Program Files\AVAST Software\Avast\AhResBhv.dll - AVAST Software
             1312 - Wait - AhResBhv.dll - C:\Program Files\AVAST Software\Avast\AhResBhv.dll - AVAST Software
             1420 - Wait - AhResMai.dll - C:\Program Files\AVAST Software\Avast\AhResMai.dll - AVAST Software
             1480 - Wait - AvastSvc.exe - C:\Program Files\AVAST Software\Avast\AvastSvc.exe - AVAST Software
             1628 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             1632 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1644 - Wait - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             1740 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1772 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             1800 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1804 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             1816 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2148 - Wait - AhResStd.dll - C:\Program Files\AVAST Software\Avast\AhResStd.dll - AVAST Software
             2204 - Wait - AhResWS.dll - C:\Program Files\AVAST Software\Avast\AhResWS.dll - AVAST Software
             2208 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2212 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             2216 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             2236 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2244 - Wait - aswLog.dll - C:\Program Files\AVAST Software\Avast\aswLog.dll - AVAST Software
             2340 - Wait - arPot.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\arPot.dll - AVAST Software
             2344 - Wait - arPot.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\arPot.dll - AVAST Software
             2352 - Wait - arPot.dll - C:\Program Files\AVAST Software\Avast\defs\13020900\arPot.dll - AVAST Software
             2440 - Wait - AhResMai.dll - C:\Program Files\AVAST Software\Avast\AhResMai.dll - AVAST Software
             2568 - Wait - ashMaiSv.dll - C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - AVAST Software
             2616 - Wait - AhResWS.dll - C:\Program Files\AVAST Software\Avast\AhResWS.dll - AVAST Software
             2660 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2692 - Wait - ashWsFtr.dll - C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - AVAST Software
             2696 - Wait - ashWsFtr.dll - C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - AVAST Software
             2700 - Wait - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2704 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2708 - Terminate - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2712 - Wait - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2716 - Wait - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2720 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2724 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2728 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2732 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2736 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2740 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2744 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2748 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2752 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2756 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2760 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2764 - Wait - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2768 - Wait - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2772 - Terminate - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2780 - Wait - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2784 - Wait - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2788 - Wait - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2792 - Wait - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2796 - Wait - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2800 - Wait - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2808 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2812 - Terminate - ashServ.dll - C:\Program Files\AVAST Software\Avast\ashServ.dll - AVAST Software
             2820 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3032 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3284 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3356 - Wait - mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             224 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             568 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             604 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             628 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             636 - Wait - wiaservc.dll - c:\windows\system32\wiaservc.dll - Microsoft Corporation
             3260 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[lsass.exe]Threads
             228 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             284 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             288 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             324 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             932 - Wait - LSASRV.dll - C:\WINDOWS\system32\LSASRV.dll - Microsoft Corporation
             936 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             940 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             944 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             948 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             960 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             972 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             976 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             980 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             988 - Wait - LSASRV.dll - C:\WINDOWS\system32\LSASRV.dll - Microsoft Corporation
             996 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1020 - Wait - LSASRV.dll - C:\WINDOWS\system32\LSASRV.dll - Microsoft Corporation
             1328 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2996 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             3268 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3680 - Wait - LSASRV.dll - C:\WINDOWS\system32\LSASRV.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[hpcmpmgr.exe]Threads
             232 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2104 - Wait - hpcmpmgr.exe - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe - Hewlett-Packard Company
             2964 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2972 - Wait - hpcmpmgr.exe - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe - Hewlett-Packard Company

------------------------------------------------------------------------------------------

      Image File Name[c2c_service.exe]Threads
             248 - Wait - c2c_service.exe - C:\Documents and Settings\All Users\Data aplikac\Skype\Toolbars\Skype C2C Service\c2c_service.exe - Skype Technologies S.A.
             484 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             492 - Wait - c2c_service.exe - C:\Documents and Settings\All Users\Data aplikac\Skype\Toolbars\Skype C2C Service\c2c_service.exe - Skype Technologies S.A.
             496 - Wait - c2c_service.exe - C:\Documents and Settings\All Users\Data aplikac\Skype\Toolbars\Skype C2C Service\c2c_service.exe - Skype Technologies S.A.
             500 - Wait - c2c_service.exe - C:\Documents and Settings\All Users\Data aplikac\Skype\Toolbars\Skype C2C Service\c2c_service.exe - Skype Technologies S.A.
             520 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             528 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             252 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             256 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             260 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             448 - Wait - SSDPAPI.dll - C:\WINDOWS\system32\SSDPAPI.dll - Microsoft Corporation
             516 - Terminate - SSDPAPI.dll - C:\WINDOWS\system32\SSDPAPI.dll - Microsoft Corporation
             644 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             672 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             676 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             744 - Wait - w32time.dll - c:\windows\system32\w32time.dll - Microsoft Corporation
             752 - Terminate - es.dll - c:\windows\system32\es.dll - Microsoft Corporation
             808 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1120 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1184 - Wait - svchost.exe - C:\WINDOWS\System32\svchost.exe - Microsoft Corporation
             1192 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1196 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1200 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1228 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1264 - Wait - dhcpcsvc.dll - c:\windows\system32\dhcpcsvc.dll - Microsoft Corporation
             1268 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1300 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1320 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1352 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1356 - Wait - wzcsvc.dll - c:\windows\system32\wzcsvc.dll - Microsoft Corporation
             1360 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1364 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1368 - Wait - shsvcs.dll - c:\windows\system32\shsvcs.dll - Microsoft Corporation
             1376 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1584 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1648 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1672 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1676 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1680 - Wait - schedsvc.dll - c:\windows\system32\schedsvc.dll - Microsoft Corporation
             1684 - Wait - schedsvc.dll - c:\windows\system32\schedsvc.dll - Microsoft Corporation
             1692 - Wait - schedsvc.dll - c:\windows\system32\schedsvc.dll - Microsoft Corporation
             1700 - Wait - schedsvc.dll - c:\windows\system32\schedsvc.dll - Microsoft Corporation
             1708 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1736 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1744 - Wait - schedsvc.dll - c:\windows\system32\schedsvc.dll - Microsoft Corporation
             1748 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1828 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1940 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1956 - Wait - hidserv.dll - c:\windows\system32\hidserv.dll - Microsoft Corporation
             1964 - Wait - hidserv.dll - c:\windows\system32\hidserv.dll - Microsoft Corporation
             1968 - Wait - hidserv.dll - c:\windows\system32\hidserv.dll - Microsoft Corporation
             1996 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2108 - Wait - tapisrv.dll - c:\windows\system32\tapisrv.dll - Microsoft Corporation
             2112 - Wait - tapisrv.dll - c:\windows\system32\tapisrv.dll - Microsoft Corporation
             2116 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2124 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2268 - Wait - ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             2376 - Wait - rastapi.dll - C:\WINDOWS\System32\rastapi.dll - Microsoft Corporation
             2384 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             2388 - Wait - unimdm.tsp - C:\WINDOWS\System32\unimdm.tsp - Microsoft Corporation
             2428 - Wait - uniplat.dll - C:\WINDOWS\System32\uniplat.dll - Microsoft Corporation
             2456 - Wait - kmddsp.tsp - C:\WINDOWS\System32\kmddsp.tsp - Microsoft Corporation
             2464 - Wait - ndptsp.tsp - C:\WINDOWS\System32\ndptsp.tsp - Microsoft Corporation
             2492 - Wait - h323.tsp - C:\WINDOWS\System32\h323.tsp - Microsoft Corporation
             2500 - Wait - hidphone.tsp - C:\WINDOWS\System32\hidphone.tsp - Microsoft Corporation
             2504 - Wait - TAPI32.dll - C:\WINDOWS\System32\TAPI32.dll - Microsoft Corporation
             2612 - Terminate - repdrvfs.dll - C:\WINDOWS\system32\wbem\repdrvfs.dll - Microsoft Corporation
             2620 - Terminate - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             2636 - Wait - rasppp.dll - C:\WINDOWS\System32\rasppp.dll - Microsoft Corporation
             2640 - Terminate - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             2936 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3236 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3252 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3320 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3412 - Wait - ncprov.dll - C:\WINDOWS\system32\wbem\ncprov.dll - Microsoft Corporation
             3416 - Wait - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             3420 - Wait - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             3504 - Wait - SSDPAPI.dll - C:\WINDOWS\system32\SSDPAPI.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[services.exe]Threads
             472 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             920 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             924 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             928 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1036 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1040 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1044 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1048 - Wait - AUTHZ.dll - C:\WINDOWS\system32\AUTHZ.dll - Microsoft Corporation
             1056 - Terminate - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             1080 - Wait - services.exe - C:\WINDOWS\system32\services.exe - Microsoft Corporation
             1124 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1220 - Wait - umpnpmgr.dll - C:\WINDOWS\system32\umpnpmgr.dll - Microsoft Corporation
             1224 - Wait - umpnpmgr.dll - C:\WINDOWS\system32\umpnpmgr.dll - Microsoft Corporation
             1416 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1892 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3424 - Terminate - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             3428 - Wait - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             3432 - Wait - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[jqs.exe]Threads
             504 - Wait - MSVCR100.dll - C:\Program Files\Java\jre7\bin\MSVCR100.dll - Microsoft Corporation
             640 - Terminate - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             756 - Wait - CorperfmonExt.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CorperfmonExt.dll - Microsoft Corporation
             780 - Wait - aspnet_perf.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll - Microsoft Corporation
             784 - Wait - aspnet_perf.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll - Microsoft Corporation
             788 - Wait - aspnet_isapi.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - Microsoft Corporation
             792 - Wait - aspnet_isapi.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - Microsoft Corporation
             1732 - Wait - TRAFFIC.dll - C:\WINDOWS\system32\TRAFFIC.dll - Microsoft Corporation
             1960 - Wait - jqs.exe - C:\Program Files\Java\jre7\bin\jqs.exe - Oracle Corporation
             1992 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2000 - Wait - MSVCR100.dll - C:\Program Files\Java\jre7\bin\MSVCR100.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[wdfmgr.exe]Threads
             624 - Wait - wdfmgr.exe - C:\WINDOWS\system32\wdfmgr.exe - Microsoft Corporation
             656 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             748 - Wait - wdfmgr.exe - C:\WINDOWS\system32\wdfmgr.exe - Microsoft Corporation
             3336 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[PCHunter32.exe]Threads
             688 - Wait - WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             1348 - Run - PCHunter32.exe - C:\Documents and Settings\win-xp\Plocha\PCHunter32.exe - ????(??)????????
             1608 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1752 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1908 - Wait - mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             2180 - Wait - PCHunter32.exe - C:\Documents and Settings\win-xp\Plocha\PCHunter32.exe - ????(??)????????
             2448 - Terminate - PCHunter32.exe - C:\Documents and Settings\win-xp\Plocha\PCHunter32.exe - ????(??)????????
             3316 - Wait - WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[smss.exe]Threads
             768 - Wait - smss.exe - C:\WINDOWS\System32\smss.exe - Microsoft Corporation
             772 - Wait - smss.exe - C:\WINDOWS\System32\smss.exe - Microsoft Corporation
             776 - Wait - smss.exe - C:\WINDOWS\System32\smss.exe - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[csrss.exe]Threads
             820 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             824 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             828 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             832 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             844 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             852 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             856 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             904 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             916 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             1404 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             1540 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             1856 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             2060 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             2064 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             2068 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             2072 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[winlogon.exe]Threads
             840 - Wait - winlogon.exe - C:\WINDOWS\system32\winlogon.exe - Microsoft Corporation
             864 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             872 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             880 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             892 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1000 - Wait - sfc_os.dll - C:\WINDOWS\system32\sfc_os.dll - Microsoft Corporation
             1004 - Wait - sfc_os.dll - C:\WINDOWS\system32\sfc_os.dll - Microsoft Corporation
             1008 - Wait - sfc_os.dll - C:\WINDOWS\system32\sfc_os.dll - Microsoft Corporation
             1024 - Wait - wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             1028 - Wait - WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             1428 - Wait - winlogon.exe - C:\WINDOWS\system32\winlogon.exe - Microsoft Corporation
             1436 - Wait - cscdll.dll - C:\WINDOWS\system32\cscdll.dll - Microsoft Corporation
             1444 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1516 - Terminate - winlogon.exe - C:\WINDOWS\system32\winlogon.exe - Microsoft Corporation
             1548 - Terminate - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll - Microsoft Corporation
             1664 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1912 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             1916 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             1920 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             3312 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             952 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1068 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             1104 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1112 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1116 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1176 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1396 - Wait - termsrv.dll - c:\windows\system32\termsrv.dll - Microsoft Corporation
             1412 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1432 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1484 - Wait - termsrv.dll - c:\windows\system32\termsrv.dll - Microsoft Corporation
             1492 - Wait - termsrv.dll - c:\windows\system32\termsrv.dll - Microsoft Corporation
             1508 - Wait - termsrv.dll - c:\windows\system32\termsrv.dll - Microsoft Corporation
             1512 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             1520 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1536 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1544 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3348 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3488 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[explorer.exe]Threads
             1032 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1060 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1072 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1260 - Wait - SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             1620 - Wait - Explorer.EXE - C:\WINDOWS\Explorer.EXE - Microsoft Corporation
             1652 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1660 - Wait - SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             1848 - Wait - NETSHELL.dll - C:\WINDOWS\system32\NETSHELL.dll - Microsoft Corporation
             2232 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2940 - Wait - stobject.dll - C:\WINDOWS\system32\stobject.dll - Microsoft Corporation
             2944 - Wait - wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             3512 - Wait - WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             1092 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1140 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             1148 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1152 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1156 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1160 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1164 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1168 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1172 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3012 - Wait - rpcss.dll - c:\windows\system32\rpcss.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             1276 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             1288 - Wait - dnsrslvr.dll - c:\windows\system32\dnsrslvr.dll - Microsoft Corporation
             1292 - Wait - dnsrslvr.dll - c:\windows\system32\dnsrslvr.dll - Microsoft Corporation
             1296 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2548 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3784 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             1308 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             1316 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1324 - Wait - lmhsvc.dll - c:\windows\system32\lmhsvc.dll - Microsoft Corporation
             1780 - Wait - webclnt.dll - c:\windows\system32\webclnt.dll - Microsoft Corporation
             1784 - Wait - webclnt.dll - c:\windows\system32\webclnt.dll - Microsoft Corporation
             1788 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             2328 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2364 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             2368 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             2372 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             2412 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2416 - Wait - ssdpsrv.dll - c:\windows\system32\ssdpsrv.dll - Microsoft Corporation
             3500 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3964 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[AdobeARM.exe]Threads
             1596 - Wait - WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             1640 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             2156 - Wait - AdobeARM.exe - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - Adobe Systems Incorporated
             2536 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             2608 - Wait - AdobeARM.exe - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - Adobe Systems Incorporated
             2816 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2872 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             2888 - Wait - WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             2892 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3004 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3300 - Wait - AdobeARM.exe - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - Adobe Systems Incorporated

------------------------------------------------------------------------------------------

      Image File Name[browsemngr.exe]Threads
             1796 - Wait - browsemngr.exe - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - 
             1808 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1812 - Terminate - browsemngr.exe - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - 
             1868 - Wait - browsemngr.exe - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - 

------------------------------------------------------------------------------------------

      Image File Name[FsUsbExService.Exe]Threads
             1840 - Wait - FsUsbExService.Exe - C:\WINDOWS\system32\FsUsbExService.Exe - Teruten
             1888 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[PDVDServ.exe]Threads
             1948 - Wait - PDVDServ.exe - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe - Cyberlink Corp.
             2252 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2264 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[RTHDCPL.exe]Threads
             2036 - Wait - RTHDCPL.EXE - C:\WINDOWS\RTHDCPL.EXE - Realtek Semiconductor Corp.
             2776 - Wait - wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             2880 - Wait - RTHDCPL.EXE - C:\WINDOWS\RTHDCPL.EXE - Realtek Semiconductor Corp.
             2948 - Wait - RTHDCPL.EXE - C:\WINDOWS\RTHDCPL.EXE - Realtek Semiconductor Corp.

------------------------------------------------------------------------------------------

      Image File Name[hpqgalry.exe]Threads
             2040 - Wait - KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             3080 - Wait - mscoree.dll - C:\WINDOWS\system32\mscoree.dll - Microsoft Corporation
             3112 - Wait - mscorwks.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - Microsoft Corporation
             3116 - Wait - mscorwks.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - Microsoft Corporation
             3120 - Wait - KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             3224 - Wait - MSVCR71.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll - Microsoft Corporation
             3228 - Wait - MSVCR71.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[rundll32.exe]Threads
             2080 - Wait - RUNDLL32.EXE - C:\WINDOWS\system32\RUNDLL32.EXE - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[hpwuSchd2.exe]Threads
             2092 - Wait - HPWuSchd2.exe - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe - Hewlett-Packard Company

------------------------------------------------------------------------------------------

      Image File Name[DATAMN~1.EXE]Threads
             2172 - Wait - DATAMN~1.EXE - C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE - Bandoo Media Inc
             2260 - Wait - DATAMN~1.EXE - C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE - Bandoo Media Inc
             2332 - Wait - DATAMN~1.EXE - C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE - Bandoo Media Inc
             2420 - Terminate - DATAMN~1.EXE - C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE - Bandoo Media Inc
             2424 - Wait - DATAMN~1.EXE - C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE - Bandoo Media Inc

------------------------------------------------------------------------------------------

      Image File Name[AvastUI.exe]Threads
             2188 - Wait - avastUI.exe - C:\Program Files\AVAST Software\Avast\avastUI.exe - AVAST Software
             2804 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2824 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2828 - Wait - aswData.dll - C:\Program Files\AVAST Software\Avast\aswData.dll - AVAST Software
             2832 - Wait - Aavm4h.dll - C:\Program Files\AVAST Software\Avast\Aavm4h.dll - AVAST Software
             2836 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\MSVCR90.dll - Microsoft Corporation
             2840 - Terminate - avastUI.exe - C:\Program Files\AVAST Software\Avast\avastUI.exe - AVAST Software
             2848 - Wait - avastUI.exe - C:\Program Files\AVAST Software\Avast\avastUI.exe - AVAST Software
             2852 - Wait - avastUI.exe - C:\Program Files\AVAST Software\Avast\avastUI.exe - AVAST Software
             2856 - Wait - avastUI.exe - C:\Program Files\AVAST Software\Avast\avastUI.exe - AVAST Software
             2860 - Wait - avastUI.exe - C:\Program Files\AVAST Software\Avast\avastUI.exe - AVAST Software
             2864 - Wait - avastUI.exe - C:\Program Files\AVAST Software\Avast\avastUI.exe - AVAST Software
             3000 - Wait - avastUI.exe - C:\Program Files\AVAST Software\Avast\avastUI.exe - AVAST Software
             3020 - Wait - avastUI.exe - C:\Program Files\AVAST Software\Avast\avastUI.exe - AVAST Software
             3304 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[ctfmon.exe]Threads
             2224 - Wait - ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[msmsgs.exe]Threads
             2288 - Wait - msmsgs.exe - C:\Program Files\Messenger\msmsgs.exe - Microsoft Corporation
             2628 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2876 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[GoogleToolbarNotifier.exe]Threads
             2324 - Wait - GoogleToolbarNotifier.exe - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - Google Inc.
             2680 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2900 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2904 - Wait - swg.dll - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll - Google Inc.
             3024 - Wait - swg.dll - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll - Google Inc.

------------------------------------------------------------------------------------------

      Image File Name[NPSAgent.exe]Threads
             2400 - Wait - NPSAgent.exe - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe - Samsung Electronics Co., Ltd.

------------------------------------------------------------------------------------------

      Image File Name[hpqtra08.exe]Threads
             2480 - Wait - hpqtra08.exe - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - Hewlett-Packard Co.
             2984 - Wait - KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             3128 - Terminate - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             3132 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             3164 - Terminate - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             3172 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             3176 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             3220 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             3364 - Wait - KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[wmiprvse.exe]Threads
             3648 - Wait - wmiprvse.exe - C:\WINDOWS\system32\wbem\wmiprvse.exe - Microsoft Corporation
             3656 - Wait - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             3660 - Wait - KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             3668 - Wait - wmiprvse.exe - C:\WINDOWS\system32\wbem\wmiprvse.exe - Microsoft Corporation
             3672 - Wait - KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[Idle]Threads

==========================================================================================

Kernel Module

       ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       hal.dll - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KDCOM.DLL - C:\WINDOWS\system32\KDCOM.DLL - Microsoft Corporation
       BOOTVID.dll - C:\WINDOWS\system32\BOOTVID.dll - Microsoft Corporation
       sptd.sys - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       ACPI.sys - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       WMILIB.SYS - C:\WINDOWS\system32\DRIVERS\WMILIB.SYS - Microsoft Corporation
       pci.sys - C:\WINDOWS\system32\drivers\pci.sys - Microsoft Corporation
       ohci1394.sys - C:\WINDOWS\system32\drivers\ohci1394.sys - Microsoft Corporation
       1394BUS.SYS - C:\WINDOWS\system32\DRIVERS\1394BUS.SYS - Microsoft Corporation
       isapnp.sys - C:\WINDOWS\system32\drivers\isapnp.sys - Microsoft Corporation
       pciide.sys - C:\WINDOWS\system32\drivers\pciide.sys - Microsoft Corporation
       PCIIDEX.SYS - C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS - Microsoft Corporation
       MountMgr.sys - C:\WINDOWS\system32\drivers\MountMgr.sys - Microsoft Corporation
       ftdisk.sys - C:\WINDOWS\system32\drivers\ftdisk.sys - Microsoft Corporation
       dmload.sys - C:\WINDOWS\system32\drivers\dmload.sys - Microsoft Corp., Veritas Software.
       dmio.sys - C:\WINDOWS\system32\drivers\dmio.sys - Microsoft Corp., Veritas Software
       PartMgr.sys - C:\WINDOWS\system32\drivers\PartMgr.sys - Microsoft Corporation
       VolSnap.sys - C:\WINDOWS\system32\drivers\VolSnap.sys - Microsoft Corporation
       atapi.sys - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       disk.sys - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       CLASSPNP.SYS - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       fltMgr.sys - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       sr.sys - C:\WINDOWS\system32\drivers\sr.sys - Microsoft Corporation
       KSecDD.sys - C:\WINDOWS\system32\drivers\KSecDD.sys - Microsoft Corporation
       Ntfs.sys - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       NDIS.sys - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       Mup.sys - C:\WINDOWS\system32\drivers\Mup.sys - Microsoft Corporation
       processr.sys - C:\WINDOWS\system32\DRIVERS\processr.sys - Microsoft Corporation
       nv4_mini.sys - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - NVIDIA Corporation
       VIDEOPRT.SYS - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       usbohci.sys - C:\WINDOWS\system32\DRIVERS\usbohci.sys - Microsoft Corporation
       USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
       usbehci.sys - C:\WINDOWS\system32\DRIVERS\usbehci.sys - Microsoft Corporation
       imapi.sys - C:\WINDOWS\system32\DRIVERS\imapi.sys - Microsoft Corporation
       cdrom.sys - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       redbook.sys - C:\WINDOWS\system32\DRIVERS\redbook.sys - Microsoft Corporation
       ks.sys - C:\WINDOWS\system32\DRIVERS\ks.sys - Microsoft Corporation
       HDAudBus.sys - C:\WINDOWS\system32\DRIVERS\HDAudBus.sys - Windows (R) Server 2003 DDK provider
       nic1394.sys - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       Rtnicxp.sys - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       a5krkfly.SYS - C:\WINDOWS\System32\Drivers\a5krkfly.SYS - Microsoft Corporation
       SCSIPORT.SYS - C:\WINDOWS\System32\Drivers\SCSIPORT.SYS - Microsoft Corporation
       serial.sys - C:\WINDOWS\system32\DRIVERS\serial.sys - Microsoft Corporation
       serenum.sys - C:\WINDOWS\system32\DRIVERS\serenum.sys - Microsoft Corporation
       parport.sys - C:\WINDOWS\system32\DRIVERS\parport.sys - Microsoft Corporation
       i8042prt.sys - C:\WINDOWS\system32\DRIVERS\i8042prt.sys - Microsoft Corporation
       mouclass.sys - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       audstub.sys - C:\WINDOWS\system32\DRIVERS\audstub.sys - Microsoft Corporation
       rasl2tp.sys - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       ndistapi.sys - C:\WINDOWS\system32\DRIVERS\ndistapi.sys - Microsoft Corporation
       ndiswan.sys - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       raspppoe.sys - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       raspptp.sys - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       TDI.SYS - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       psched.sys - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       msgpc.sys - C:\WINDOWS\system32\DRIVERS\msgpc.sys - Microsoft Corporation
       ptilink.sys - C:\WINDOWS\system32\DRIVERS\ptilink.sys - Parallel Technologies, Inc.
       raspti.sys - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       rdpdr.sys - C:\WINDOWS\system32\DRIVERS\rdpdr.sys - Microsoft Corporation
       termdd.sys - C:\WINDOWS\system32\DRIVERS\termdd.sys - Microsoft Corporation
       kbdclass.sys - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       swenum.sys - C:\WINDOWS\system32\DRIVERS\swenum.sys - Microsoft Corporation
       update.sys - C:\WINDOWS\system32\DRIVERS\update.sys - Microsoft Corporation
       mssmbios.sys - C:\WINDOWS\system32\DRIVERS\mssmbios.sys - Microsoft Corporation
       MarvinBus.sys - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys - Pinnacle Systems GmbH
       dtsoftbus01.sys - C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys - DT Soft Ltd
       NDProxy.SYS - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       usbhub.sys - C:\WINDOWS\system32\DRIVERS\usbhub.sys - Microsoft Corporation
       USBD.SYS - C:\WINDOWS\system32\DRIVERS\USBD.SYS - Microsoft Corporation
       RtkHDAud.sys - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
       portcls.sys - C:\WINDOWS\system32\drivers\portcls.sys - Microsoft Corporation
       drmk.sys - C:\WINDOWS\system32\drivers\drmk.sys - Microsoft Corporation
       Fs_Rec.SYS - C:\WINDOWS\System32\Drivers\Fs_Rec.SYS - Microsoft Corporation
       Null.SYS - C:\WINDOWS\System32\Drivers\Null.SYS - Microsoft Corporation
       Beep.SYS - C:\WINDOWS\System32\Drivers\Beep.SYS - Microsoft Corporation
       HIDPARSE.SYS - C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS - Microsoft Corporation
       vga.sys - C:\WINDOWS\System32\drivers\vga.sys - Microsoft Corporation
       mnmdd.SYS - C:\WINDOWS\System32\Drivers\mnmdd.SYS - Microsoft Corporation
       RDPCDD.sys - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys - Microsoft Corporation
       Msfs.SYS - C:\WINDOWS\System32\Drivers\Msfs.SYS - Microsoft Corporation
       Npfs.SYS - C:\WINDOWS\System32\Drivers\Npfs.SYS - Microsoft Corporation
       rasacd.sys - C:\WINDOWS\system32\DRIVERS\rasacd.sys - Microsoft Corporation
       ipsec.sys - C:\WINDOWS\system32\DRIVERS\ipsec.sys - Microsoft Corporation
       tcpip.sys - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       aswTdi.SYS - C:\WINDOWS\System32\Drivers\aswTdi.SYS - AVAST Software
       wanarp.sys - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       netbt.sys - C:\WINDOWS\system32\DRIVERS\netbt.sys - Microsoft Corporation
       arp1394.sys - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       AswRdr.SYS - C:\WINDOWS\System32\Drivers\AswRdr.SYS - AVAST Software
       afd.sys - C:\WINDOWS\System32\drivers\afd.sys - Microsoft Corporation
       netbios.sys - C:\WINDOWS\system32\DRIVERS\netbios.sys - Microsoft Corporation
       rdbss.sys - C:\WINDOWS\system32\DRIVERS\rdbss.sys - Microsoft Corporation
       mrxsmb.sys - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - Microsoft Corporation
       HWiNFO32.SYS - C:\WINDOWS\system32\drivers\HWiNFO32.SYS - REALiX(tm)
       Fips.SYS - C:\WINDOWS\System32\Drivers\Fips.SYS - Microsoft Corporation
       aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       aswSnx.SYS - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       Aavmker4.SYS - C:\WINDOWS\System32\Drivers\Aavmker4.SYS - AVAST Software
       usbccgp.sys - C:\WINDOWS\system32\DRIVERS\usbccgp.sys - Microsoft Corporation
       Cdfs.SYS - C:\WINDOWS\System32\Drivers\Cdfs.SYS - Microsoft Corporation
       USBSTOR.SYS - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Microsoft Corporation
       hidusb.sys - C:\WINDOWS\system32\DRIVERS\hidusb.sys - Microsoft Corporation
       HIDCLASS.SYS - C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS - Microsoft Corporation
       kbdhid.sys - C:\WINDOWS\system32\DRIVERS\kbdhid.sys - Microsoft Corporation
       mouhid.sys - C:\WINDOWS\system32\DRIVERS\mouhid.sys - Microsoft Corporation
       dump_atapi.sys - C:\WINDOWS\System32\Drivers\dump_atapi.sys - File not found
       dump_WMILIB.SYS - C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS - File not found
       win32k.sys - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       watchdog.sys - C:\WINDOWS\System32\watchdog.sys - Microsoft Corporation
       Dxapi.sys - C:\WINDOWS\System32\drivers\Dxapi.sys - Microsoft Corporation
       dxg.sys - C:\WINDOWS\System32\drivers\dxg.sys - Microsoft Corporation
       dxgthk.sys - C:\WINDOWS\System32\drivers\dxgthk.sys - Microsoft Corporation
       nv4_disp.dll - C:\WINDOWS\System32\nv4_disp.dll - NVIDIA Corporation
       aswFsBlk.SYS - C:\WINDOWS\System32\Drivers\aswFsBlk.SYS - AVAST Software
       ndisuio.sys - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       aswMon2.SYS - C:\WINDOWS\System32\Drivers\aswMon2.SYS - AVAST Software
       Fastfat.SYS - C:\WINDOWS\System32\Drivers\Fastfat.SYS - Microsoft Corporation
       mrxdav.sys - C:\WINDOWS\system32\DRIVERS\mrxdav.sys - Microsoft Corporation
       ParVdm.SYS - C:\WINDOWS\System32\Drivers\ParVdm.SYS - Microsoft Corporation
       srv.sys - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
       wdmaud.sys - C:\WINDOWS\system32\drivers\wdmaud.sys - Microsoft Corporation
       sysaudio.sys - C:\WINDOWS\system32\drivers\sysaudio.sys - Microsoft Corporation
       FsUsbExDisk.SYS - C:\WINDOWS\system32\FsUsbExDisk.SYS - 
       HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
       PCHunter32.sys - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       Suspicious PE Image - Suspicious PE Image - 

==========================================================================================

Notify Routine

       CreateProcess - 0xBA710958 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       CreateProcess - 0xA79078C2 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       CreateProcess - 0xA7851E64 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       CreateProcess - 0xAA3DD32C - C:\WINDOWS\System32\Drivers\Aavmker4.SYS - AVAST Software
       CreateThread - 0xA7907632 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       CreateThread - 0xA7848288 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       LoadImage - 0xBA69D00C - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       LoadImage - 0xA790751A - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       LoadImage - 0xA7850334 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       BugCheckCallback - 0xBA4F65ED - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       BugCheckCallback - 0xBA69384C - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       BugCheckCallback - 0x806E9C12 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       BugCheckReasonCallback - 0xB10B5AC0 - C:\WINDOWS\system32\DRIVERS\mssmbios.sys - Microsoft Corporation
       BugCheckReasonCallback - 0xB10B5A78 - C:\WINDOWS\system32\DRIVERS\mssmbios.sys - Microsoft Corporation
       BugCheckReasonCallback - 0xB10B5A30 - C:\WINDOWS\system32\DRIVERS\mssmbios.sys - Microsoft Corporation
       BugCheckReasonCallback - 0xB705A006 - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
       BugCheckReasonCallback - 0xB7059F66 - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
       BugCheckReasonCallback - 0xB70703E2 - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       BugCheckReasonCallback - 0xBA693862 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       SeFileSystem - 0xA79451EB - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - Microsoft Corporation
       Shutdown - 0x89AA4430 - unknown image - 
       Shutdown - 0xB707C65C - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       Shutdown - 0xB707C65C - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       Shutdown - 0xB707C65C - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       Shutdown - 0xBAE465BE - C:\WINDOWS\System32\Drivers\Fs_Rec.SYS - Microsoft Corporation
       Shutdown - 0xBAE465BE - C:\WINDOWS\System32\Drivers\Fs_Rec.SYS - Microsoft Corporation
       Shutdown - 0xBAE465BE - C:\WINDOWS\System32\Drivers\Fs_Rec.SYS - Microsoft Corporation
       Shutdown - 0xBAE465BE - C:\WINDOWS\System32\Drivers\Fs_Rec.SYS - Microsoft Corporation
       Shutdown - 0xBAE465BE - C:\WINDOWS\System32\Drivers\Fs_Rec.SYS - Microsoft Corporation
       Shutdown - 0xB707C65C - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       Shutdown - 0xBA6D3F80 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       Shutdown - 0xBA4E933D - C:\WINDOWS\system32\drivers\Mup.sys - Microsoft Corporation
       Shutdown - 0xBA6332BE - C:\WINDOWS\system32\drivers\ftdisk.sys - Microsoft Corporation
       Shutdown - 0xBA8D873A - C:\WINDOWS\system32\drivers\MountMgr.sys - Microsoft Corporation
       Shutdown - 0x805D63F2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Shutdown - 0x805FE0E6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PlugPlay - 0xB60D42C0 - C:\WINDOWS\system32\drivers\sysaudio.sys - Microsoft Corporation
       PlugPlay - 0xB70F7F40 - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - NVIDIA Corporation
       PlugPlay - 0x805C7742 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PlugPlay - 0x805C7742 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PlugPlay - 0xBF8AE7C3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       PlugPlay - 0x805C7742 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PlugPlay - 0xA729A554 - C:\WINDOWS\system32\drivers\wdmaud.sys - Microsoft Corporation
       PlugPlay - 0xA729A554 - C:\WINDOWS\system32\drivers\wdmaud.sys - Microsoft Corporation
       PlugPlay - 0xA729A554 - C:\WINDOWS\system32\drivers\wdmaud.sys - Microsoft Corporation
       PlugPlay - 0xBA715428 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       PlugPlay - 0xBF8AE7C3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       PlugPlay - 0xBA715428 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       PlugPlay - 0xBF8AF3EA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       PlugPlay - 0xB70F7970 - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - NVIDIA Corporation
       PlugPlay - 0xBA93B9C0 - C:\WINDOWS\system32\DRIVERS\redbook.sys - Microsoft Corporation
       PlugPlay - 0xBA93B9C0 - C:\WINDOWS\system32\DRIVERS\redbook.sys - Microsoft Corporation
       PlugPlay - 0xBA715428 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       PlugPlay - 0xBA8E0B88 - C:\WINDOWS\system32\drivers\MountMgr.sys - Microsoft Corporation
       PlugPlay - 0xBA715428 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       PlugPlay - 0xBA8F0544 - C:\WINDOWS\system32\drivers\VolSnap.sys - Microsoft Corporation
       PlugPlay - 0xBF8AE7C3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       PlugPlay - 0x805C7742 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PlugPlay - 0xBAB3166A - C:\WINDOWS\system32\drivers\PartMgr.sys - Microsoft Corporation
       PlugPlay - 0xB60D42C0 - C:\WINDOWS\system32\drivers\sysaudio.sys - Microsoft Corporation
       FsNotifyChange - 0xBA5E4B58 - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       FsNotifyChange - 0xBA5CE876 - C:\WINDOWS\system32\drivers\sr.sys - Microsoft Corporation
       FsNotifyChange - 0xBA5E4B58 - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       FsNotifyChange - 0xA75568D4 - C:\WINDOWS\System32\Drivers\aswMon2.SYS - AVAST Software
       ShutdownWorkItem - 0xBA5A24B6 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IopTimer - 0xBA5FACCC - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IopTimer - 0xBA5FACCC - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IopTimer - 0xBA5FACCC - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IopTimer - 0xBA5FACCC - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IopTimer - 0xBA8EDDE0 - C:\WINDOWS\system32\drivers\VolSnap.sys - Microsoft Corporation
       IopTimer - 0xBA8EDDE0 - C:\WINDOWS\system32\drivers\VolSnap.sys - Microsoft Corporation
       IopTimer - 0xBA4D7305 - C:\WINDOWS\system32\drivers\Mup.sys - Microsoft Corporation
       IopTimer - 0xBA908497 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IopTimer - 0xB7070F1C - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       IopTimer - 0xBA908497 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IopTimer - 0xA7AA0385 - C:\WINDOWS\system32\drivers\portcls.sys - Microsoft Corporation
       IopTimer - 0xB6F968A2 - C:\WINDOWS\System32\Drivers\SCSIPORT.SYS - Microsoft Corporation
       IopTimer - 0xB68A1130 - C:\WINDOWS\system32\DRIVERS\rasacd.sys - Microsoft Corporation
       IopTimer - 0xA7930405 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - Microsoft Corporation
       IopTimer - 0xBABD8E9A - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Microsoft Corporation
       IopTimer - 0xBABD8E9A - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Microsoft Corporation
       IopTimer - 0xBA908497 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IopTimer - 0xBA908497 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation

==========================================================================================

Filter

       File - \FileSystem\FltMgr->\FileSystem\Ntfs - 0x89DA2210 - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       File - \FileSystem\sr->\FileSystem\FltMgr - 0x89DD7DD0 - C:\WINDOWS\system32\drivers\sr.sys - Microsoft Corporation
       File - \FileSystem\FltMgr->\FileSystem\sr - 0x8972BEE8 - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       File - \FileSystem\aswMon2->\FileSystem\FltMgr - 0x89A93EE0 - C:\WINDOWS\System32\Drivers\aswMon2.SYS - AVAST Software
       Disk - \Driver\PartMgr->\Driver\Disk - 0x89E43E08 - C:\WINDOWS\system32\drivers\PartMgr.sys - Microsoft Corporation
       Volume - \Driver\VolSnap->\Driver\Ftdisk - 0x89DA3020 - C:\WINDOWS\system32\drivers\VolSnap.sys - Microsoft Corporation
       I8042prt - \Driver\Mouclass->\Driver\i8042prt - 0x89BB9E48 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       Tcpip - \Driver\aswTdi->\Driver\Tcpip - 0x89940268 - C:\WINDOWS\System32\Drivers\aswTdi.SYS - AVAST Software
       Tcpip - \Driver\aswTdi->\Driver\Tcpip - 0x8997BCF0 - C:\WINDOWS\System32\Drivers\aswTdi.SYS - AVAST Software
       Tcpip - \Driver\AswRdr->\Driver\aswTdi - 0x89B02968 - C:\WINDOWS\System32\Drivers\AswRdr.SYS - AVAST Software
       PnpManager - \Driver\dtsoftbus01->\Driver\PnpManager - 0x899DC218 - C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys - DT Soft Ltd
       PnpManager - \Driver\MarvinBus->\Driver\PnpManager - 0x898EA038 - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys - Pinnacle Systems GmbH
       PnpManager - \Driver\mssmbios->\Driver\PnpManager - 0x89B569F8 - C:\WINDOWS\system32\DRIVERS\mssmbios.sys - Microsoft Corporation
       PnpManager - \Driver\Update->\Driver\PnpManager - 0x89C8A900 - C:\WINDOWS\system32\DRIVERS\update.sys - Microsoft Corporation
       PnpManager - \Driver\swenum->\Driver\PnpManager - 0x89B83430 - C:\WINDOWS\system32\DRIVERS\swenum.sys - Microsoft Corporation
       PnpManager - \Driver\TermDD->\Driver\PnpManager - 0x89B88B18 - C:\WINDOWS\system32\DRIVERS\termdd.sys - Microsoft Corporation
       PnpManager - \Driver\Mouclass->\Driver\TermDD - 0x89CC4030 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       PnpManager - \Driver\TermDD->\Driver\PnpManager - 0x89B77650 - C:\WINDOWS\system32\DRIVERS\termdd.sys - Microsoft Corporation
       PnpManager - \Driver\Kbdclass->\Driver\TermDD - 0x89B8C440 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       PnpManager - \Driver\rdpdr->\Driver\PnpManager - 0x89C86970 - C:\WINDOWS\system32\DRIVERS\rdpdr.sys - Microsoft Corporation
       PnpManager - \Driver\Raspti->\Driver\PnpManager - 0x899AB198 - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       PnpManager - \Driver\PSched->\Driver\PnpManager - 0x8992C9D0 - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       PnpManager - \Driver\PSched->\Driver\PnpManager - 0x89B1D9A0 - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       PnpManager - \Driver\PptpMiniport->\Driver\PnpManager - 0x89ACC610 - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       PnpManager - \Driver\RasPppoe->\Driver\PnpManager - 0x89AD67F0 - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       PnpManager - \Driver\NdisWan->\Driver\PnpManager - 0x89AF1968 - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       PnpManager - \Driver\Rasl2tp->\Driver\PnpManager - 0x89B131A8 - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       PnpManager - \Driver\audstub->\Driver\PnpManager - 0x89B24DA8 - C:\WINDOWS\system32\DRIVERS\audstub.sys - Microsoft Corporation
       PnpManager - \Driver\audstub->\Driver\PnpManager - 0x89B26BC8 - C:\WINDOWS\system32\DRIVERS\audstub.sys - Microsoft Corporation
       PnpManager - \Driver\audstub->\Driver\PnpManager - 0x89B2D340 - C:\WINDOWS\system32\DRIVERS\audstub.sys - Microsoft Corporation
       PnpManager - \Driver\audstub->\Driver\PnpManager - 0x89B2DEA0 - C:\WINDOWS\system32\DRIVERS\audstub.sys - Microsoft Corporation
       PnpManager - \Driver\audstub->\Driver\PnpManager - 0x89B336F0 - C:\WINDOWS\system32\DRIVERS\audstub.sys - Microsoft Corporation
       PnpManager - \Driver\Ftdisk->\Driver\PnpManager - 0x89E49030 - C:\WINDOWS\system32\drivers\ftdisk.sys - Microsoft Corporation
       PnpManager - \Driver\dmio->\Driver\PnpManager - 0x89DDEDA8 - C:\WINDOWS\system32\drivers\dmio.sys - Microsoft Corp., Veritas Software
       PnpManager - \Driver\ACPI_HAL->\Driver\PnpManager - 0x89E5DBC8 -  - 

==========================================================================================

DPC Timer

       0xA73A8790 - 0xA7399385 - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
       0x88A90CC0 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x8992CB40 - 0xBA50AFDF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8895E8A0 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x80563860 - 0x805374EE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x80559C50 - 0x804F4C32 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89C39450 - 0xA79D9240 - C:\WINDOWS\System32\drivers\afd.sys - Microsoft Corporation
       0xA79A9320 - 0xA799F385 - C:\WINDOWS\system32\DRIVERS\rdbss.sys - Microsoft Corporation
       0x89BF57C8 - 0xBA50AFDF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B5D730 - 0x89C2DB88 - unknown image - 
       0x89A7B4B8 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0xA7A5D968 - 0xA7A153DD - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0xA7A5D910 - 0xA7A153DD - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0xA7A58BF0 - 0xBACB03F0 - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       0x80559D80 - 0x804F4460 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89B59730 - 0x89C2DB88 - unknown image - 
       0x89A663B0 - 0xA79ED48A - C:\WINDOWS\system32\DRIVERS\netbt.sys - Microsoft Corporation
       0x89B42A50 - 0xBACB03F0 - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       0x89B34950 - 0xBACB03F0 - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       0x899FE0B8 - 0xBACB03F0 - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       0x89C31080 - 0xBAA3ADAA - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0xBA53F0F0 - 0xBA521233 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       0x899BC3F8 - 0xA7C9AD52 - C:\WINDOWS\system32\drivers\RtkHDAud.sys - Realtek Semiconductor Corp.
       0x89B73730 - 0x89C2DB88 - unknown image - 
       0x88ABF7C8 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x80558608 - 0x804E699C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89C22730 - 0x89C2DB88 - unknown image - 
       0x89B13318 - 0xBA50AFDF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89C1F730 - 0x89C2DB88 - unknown image - 
       0x89B60730 - 0x89C2DB88 - unknown image - 
       0x80561FA0 - 0x80526996 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89DA32E0 - 0xBA5C392E - C:\WINDOWS\system32\drivers\sr.sys - Microsoft Corporation
       0x888F99C8 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89B464F0 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89A24478 - 0xBA50B72C - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC780 - 0xBA50AFDF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD6960 - 0xBA50AFDF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0xBA53F150 - 0xBA52473E - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       0x89D5A1D8 - 0xBA5D91C2 - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       0xA6DEA040 - 0xA6DDDAE8 - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
       0xA6DE7A60 - 0xA6DD7490 - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
       0x88AB7578 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89720190 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89705228 - 0xA79CB385 - C:\WINDOWS\System32\drivers\afd.sys - Microsoft Corporation
       0x805638E0 - 0x8053753A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x80563960 - 0x80537514 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89836020 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x88B31B78 - 0xA79D9240 - C:\WINDOWS\System32\drivers\afd.sys - Microsoft Corporation
       0x89B47B40 - 0xBA50AFDF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8998CE98 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x899D0020 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0xA7A7CB70 - 0xA7A6D449 - C:\WINDOWS\system32\DRIVERS\ipsec.sys - Microsoft Corporation
       0x899C64C0 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x899C2318 - 0xA79ED48A - C:\WINDOWS\system32\DRIVERS\netbt.sys - Microsoft Corporation
       0xA7A7CB08 - 0xA7A6D449 - C:\WINDOWS\system32\DRIVERS\ipsec.sys - Microsoft Corporation
       0xA7A7CFA0 - 0xA7A6D4D3 - C:\WINDOWS\system32\DRIVERS\ipsec.sys - Microsoft Corporation
       0x89A68150 - 0xA78FAF0C - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       0x88BA21D8 - 0xBA5D91C2 - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       0x89A4FF18 - 0xA7399462 - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
       0x89A4FCD8 - 0xA7399462 - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
       0x88A5E398 - 0x8053797A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x899AB308 - 0xBA50AFDF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1AD8 - 0xBA50AFDF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DB10 - 0xBA50AFDF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0xA6DEA0E0 - 0xA6DDB8DE - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
       0xA6DE7808 - 0xA6DD0202 - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
       0x805626C0 - 0x8052A3DE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x88587218 - 0xA79D9240 - C:\WINDOWS\System32\drivers\afd.sys - Microsoft Corporation
       0x89CC5D58 - 0xBAB706C4 - C:\WINDOWS\System32\watchdog.sys - Microsoft Corporation
       0x89B54848 - 0xBAB706C4 - C:\WINDOWS\System32\watchdog.sys - Microsoft Corporation

==========================================================================================

Worker Thread

       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       DelayedWorkQueue - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       DelayedWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       HyperCriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation

==========================================================================================

HalDispatchTable

       0 - 0x806F8F3A - HaliQuerySystemInformation - C:\WINDOWS\system32\hal.dll
       1 - 0x806FB946 - HalpSetSystemInformation - C:\WINDOWS\system32\hal.dll
       2 - 0x80570DD8 - xHalQueryBusSlots - C:\WINDOWS\system32\ntkrnlpa.exe
       3 - 0x00000000 - - - 
       4 - 0x804EDC54 - HalExamineMBR - C:\WINDOWS\system32\ntkrnlpa.exe
       5 - 0x805704F0 - IoAssignDriveLetters - C:\WINDOWS\system32\ntkrnlpa.exe
       6 - 0x8056FBBC - IoReadPartitionTable - C:\WINDOWS\system32\ntkrnlpa.exe
       7 - 0x8056F24C - IoSetPartitionInformation - C:\WINDOWS\system32\ntkrnlpa.exe
       8 - 0x8056F4AA - IoWritePartitionTable - C:\WINDOWS\system32\ntkrnlpa.exe
       9 - 0x804EDE4E - xHalHandlerForBus - C:\WINDOWS\system32\ntkrnlpa.exe
       10 - 0x804EDED0 - xHalReferenceHandler - C:\WINDOWS\system32\ntkrnlpa.exe
       11 - 0x804EDED0 - xHalReferenceHandler - C:\WINDOWS\system32\ntkrnlpa.exe
       12 - 0x806FAD66 - HaliInitPnpDriver - C:\WINDOWS\system32\hal.dll
       13 - 0x806FB7B4 - HaliInitPowerManagement - C:\WINDOWS\system32\hal.dll
       14 - 0x806E6944 - HaliGetDmaAdapter - C:\WINDOWS\system32\hal.dll
       15 - 0x806FB238 - HalacpiGetInterruptTranslator - C:\WINDOWS\system32\hal.dll
       16 - 0x80570DF4 - xHalStartMirroring - C:\WINDOWS\system32\ntkrnlpa.exe
       17 - 0x804EDE70 - xHalEndMirroring - C:\WINDOWS\system32\ntkrnlpa.exe
       18 - 0x804EDE7E - xHalMirrorPhysicalMemory - C:\WINDOWS\system32\ntkrnlpa.exe
       19 - 0x806FB934 - HalpEndOfBoot - C:\WINDOWS\system32\hal.dll
       20 - 0x804EDE7E - xHalMirrorPhysicalMemory - C:\WINDOWS\system32\ntkrnlpa.exe

==========================================================================================

HalPrivateDispatchTable

       0 - 0x804EDE4E - xHalHandlerForBus - C:\WINDOWS\system32\ntkrnlpa.exe
       1 - 0x804EDE4E - xHalHandlerForBus - C:\WINDOWS\system32\ntkrnlpa.exe
       2 - 0x806FAD9E - HaliLocateHiberRanges - C:\WINDOWS\system32\hal.dll
       3 - 0x80570DE6 - xHalRegisterBusHandler - C:\WINDOWS\system32\ntkrnlpa.exe
       4 - 0x806F736E - xHalSetWakeEnable - C:\WINDOWS\system32\hal.dll
       5 - 0x806F7328 - xHalSetWakeAlarm - C:\WINDOWS\system32\hal.dll
       6 - 0xBA65312E - xHalTranslateBusAddress - C:\WINDOWS\system32\drivers\pci.sys
       7 - 0xBA652F82 - xHalTranslateBusAddress - C:\WINDOWS\system32\drivers\pci.sys
       8 - 0x806E6108 - HaliHaltSystem - C:\WINDOWS\system32\hal.dll
       9 - 0x806EA5AE - HalpBiosDisplayReset - C:\WINDOWS\system32\hal.dll
       10 - 0x806E954A - HalpAllocateMapRegisters - C:\WINDOWS\system32\hal.dll
       11 - 0x806FCD5E - xKdSetupPciDeviceForDebugging - C:\WINDOWS\system32\hal.dll
       12 - 0x806FC226 - xKdReleasePciDeviceForDebugging - C:\WINDOWS\system32\hal.dll
       13 - 0x806FF242 - xKdGetAcpiTablePhase0 - C:\WINDOWS\system32\hal.dll
       14 - 0x806E6026 - xHalReferenceHandler - C:\WINDOWS\system32\hal.dll
       15 - 0x804EDED6 - xHalVectorToIDTEntry - C:\WINDOWS\system32\ntkrnlpa.exe
       16 - 0x806E9956 - MatchAll - C:\WINDOWS\system32\hal.dll
       17 - 0x806E9AAE - xKdUnmapVirtualAddress - C:\WINDOWS\system32\hal.dll

==========================================================================================

HalAcpiDispatchTable

       HaliAcpiTimerInit - 0x806FB292 - - - 0x806FB292 - C:\WINDOWS\system32\hal.dll
       HalAcpiTimerCarry/HalAcpiBrokenPiix4TimerCarry - 0x806EAFAC - - - - - C:\WINDOWS\system32\hal.dll
       HaliAcpiMachineStateInit - 0x806FB2DE - - - 0x806FB2DE - C:\WINDOWS\system32\hal.dll
       HaliAcpiQueryFlags - 0x806FB48C - - - 0x806FB48C - C:\WINDOWS\system32\hal.dll
       HalpAcpiPicStateIntact - 0x806F8A4A - - - 0x806F8A4A - C:\WINDOWS\system32\hal.dll
       HalpRestoreInterruptControllerState - 0x806F884C - - - 0x806F884C - C:\WINDOWS\system32\hal.dll
       HaliPciInterfaceReadConfig - 0x806E90B8 - - - 0x806E90B8 - C:\WINDOWS\system32\hal.dll
       HaliPciInterfaceWriteConfig - 0x806E9118 - - - 0x806E9118 - C:\WINDOWS\system32\hal.dll
       HaliSetVectorState - 0x806FBA86 - - - 0x806FBA86 - C:\WINDOWS\system32\hal.dll
       HalpGetApicVersion - 0x806F8A56 - - - 0x806F8A56 - C:\WINDOWS\system32\hal.dll
       HaliSetMaxLegacyPciBusNumber - 0x806E915A - - - 0x806E915A - C:\WINDOWS\system32\hal.dll
       HaliIsVectorValid - 0x806FBB4E - - - 0x806FBB4E - C:\WINDOWS\system32\hal.dll

==========================================================================================

System Debug

       KiDebugRoutine Hooked - 0x89D72AE0 - 0x804F7A84 - unknown image
       CPU[1].Dr0 - 0x00000000
       CPU[1].Dr1 - 0x0000D8E6
       CPU[1].Dr2 - 0x46C1E000
       CPU[1].Dr3 - 0x00E0FFFF
       CPU[1].Dr6 - 0xFFFF0FF0
       CPU[1].Dr7 - 0x00000400

==========================================================================================

Object Hijack

       0x88BB7028 - DeviceObject -  - Abnormal DeviceObject/DriverObject
       0xBA5F4000 - KernelModule - C:\WINDOWS\system32\drivers\atapi.sys - Hijack on Kernel Module File

==========================================================================================

Direct IO

       csrss.exe - C:\Windows\system32\csrss.exe - Microsoft Corporation - IOPL

==========================================================================================

GDT

       Selector(0x0001) - Type(Code RE Ac)
       Selector(0x0002) - Type(Data RW Ac)
       Selector(0x0003) - Type(Code RE Ac)
       Selector(0x0004) - Type(Data RW Ac)
       Selector(0x0005) - Type(T5532 Busy)
       Selector(0x0007) - Type(Data RW Ac)
       Selector(0x0008) - Type(Data RW)
       Selector(0x000A) - Type(T5532 Avl)
       Selector(0x000C) - Type(Data RW Ac)
       Selector(0x000D) - Type(Data RW)
       Selector(0x000E) - Type(Data RW)
       Selector(0x000F) - Type(Code RE)
       Selector(0x0010) - Type(Data RW)
       Selector(0x0011) - Type(Data RW)
       Selector(0x0014) - Type(T5532 Avl)
       Selector(0x001C) - Type(Code RE CA)
       Selector(0x001D) - Type(Data RW)
       Selector(0x001E) - Type(Code EO)
       Selector(0x001F) - Type(Data RW)
       Selector(0x0020) - Type(Data RW Ac)
       Selector(0x0021) - Type(Data RW Ac)
       Selector(0x0022) - Type(Data RW Ac)

==========================================================================================

SSDT

       NtAcceptConnectPort - OK - 0x805A3054 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheck - OK - 0x805EF2D8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheckAndAuditAlarm - OK - 0x805F2B0E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheckByType - OK - 0x805EF30A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheckByTypeAndAuditAlarm - OK - 0x805F2B48 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheckByTypeResultList - OK - 0x805EF340 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheckByTypeResultListAndAuditAlarm - OK - 0x805F2B8C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheckByTypeResultListAndAuditAlarmByHandle - OK - 0x805F2BD0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAddAtom - OK - 0x80613ADC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAddBootEntry - ssdt hook - 0xA78394BA - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtAdjustGroupsToken - OK - 0x805EA67A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAdjustPrivilegesToken - OK - 0x805EA2D2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAlertResumeThread - OK - 0x805D330C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAlertThread - OK - 0x805D32BC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAllocateLocallyUniqueId - OK - 0x80614102 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAllocateUserPhysicalPages - OK - 0x805B493A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAllocateUuids - OK - 0x8061371E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAllocateVirtualMemory - ssdt hook - 0xA78E6C22 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       NtAreMappedFilesTheSame - OK - 0x805AEF5E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAssignProcessToJobObject - ssdt hook - 0xA7839ED6 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCallbackReturn - OK - 0x80500C00 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCancelDeviceWakeupRequest - OK - 0x80614810 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCancelIoFile - OK - 0x80575900 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCancelTimer - OK - 0x80537BBC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtClearEvent - OK - 0x8060CD26 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtClose - ssdt hook - 0xA787B811 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCloseObjectAuditAlarm - OK - 0x805F3048 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCompactKeys - OK - 0x80621C18 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCompareTokens - OK - 0x805F753A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCompleteConnectPort - OK - 0x805A3742 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCompressKey - OK - 0x80621E6C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtConnectPort - OK - 0x805A2FF4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtContinue - OK - 0x80543E5C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateDebugObject - OK - 0x8063FE5A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateDirectoryObject - OK - 0x805BCD68 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateEvent - ssdt hook - 0xA7844FA8 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateEventPair - ssdt hook - 0xA7844FF4 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateFile - OK - 0x80577E5E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateIoCompletion - ssdt hook - 0xA7845176 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateJobObject - OK - 0x805D3D94 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateJobSet - OK - 0x805D3ACC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateKey - ssdt hook - 0xA787B1C5 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateMailslotFile - OK - 0x80577F6C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateMutant - ssdt hook - 0xA7844F16 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateNamedPipeFile - OK - 0x80577E98 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreatePagingFile - OK - 0x805AA414 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreatePort - OK - 0x805A3B10 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateProcess - OK - 0x805CFA1C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateProcessEx - inline hook - 0xA78FFE5A - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       NtCreateProfile - OK - 0x806158AC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateSection - ssdt hook - 0xA7845038 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateSemaphore - ssdt hook - 0xA7844F5E - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateSymbolicLinkObject - OK - 0x805C35E0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateThread - ssdt hook - 0xA783A11C - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateTimer - ssdt hook - 0xA7845130 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateToken - OK - 0x805F78E2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateWaitablePort - OK - 0x805A3B34 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDebugActiveProcess - ssdt hook - 0xA783A93E - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtDebugContinue - OK - 0x80641086 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDelayExecution - OK - 0x80614760 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDeleteAtom - OK - 0x80613F92 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDeleteBootEntry - ssdt hook - 0xA7839508 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtDeleteFile - OK - 0x80575A46 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDeleteKey - ssdt hook - 0xA787BED7 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtDeleteObjectAuditAlarm - OK - 0x805F3154 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDeleteValueKey - ssdt hook - 0xA787C18D - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtDeviceIoControlFile - OK - 0x80578024 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDisplayString - OK - 0x80610DBA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDuplicateObject - ssdt hook - 0xA783E1C2 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtDuplicateToken - OK - 0x805EB518 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtEnumerateBootEntries - OK - 0x8061481E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtEnumerateKey - ssdt hook - 0xA787BD42 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtEnumerateSystemEnvironmentValuesEx - OK - 0x80614802 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtEnumerateValueKey - ssdt hook - 0xA787BBAD - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtExtendSection - OK - 0x805B2666 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFilterToken - OK - 0x805EB6C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFindAtom - OK - 0x80613D46 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFlushBuffersFile - OK - 0x80575B12 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFlushInstructionCache - OK - 0x805B51CE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFlushKey - OK - 0x80622D5C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFlushVirtualMemory - OK - 0x805AB128 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFlushWriteBuffer - OK - 0x805B5170 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFreeUserPhysicalPages - OK - 0x805B4CDC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFreeVirtualMemory - ssdt hook - 0xA78E6CEA - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       NtFsControlFile - OK - 0x80578058 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtGetContextThread - OK - 0x805CFD16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtGetDevicePowerState - OK - 0x805C6F00 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtGetPlugPlayEvent - OK - 0x80597DCE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtGetWriteWatch - OK - 0x8052028E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtImpersonateAnonymousToken - OK - 0x805F722E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtImpersonateClientOfPort - OK - 0x805A3B9E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtImpersonateThread - OK - 0x805D5F90 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtInitializeRegistry - OK - 0x80620020 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtInitiatePowerAction - OK - 0x805C6CE6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtIsProcessInJob - OK - 0x805D3990 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtIsSystemResumeAutomatic - OK - 0x805C6EEC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtListenPort - OK - 0x805A3DAA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtLoadDriver - ssdt hook - 0xA7839170 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtLoadKey - OK - 0x80623D78 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtLoadKey2 - OK - 0x806239C2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtLockFile - OK - 0x8057808C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtLockProductActivationKeys - OK - 0x806113AC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtLockRegistryKey - OK - 0x80621F18 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtLockVirtualMemory - OK - 0x805B52D6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtMakePermanentObject - OK - 0x805BCB5E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtMakeTemporaryObject - OK - 0x805BAF58 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtMapUserPhysicalPages - OK - 0x805B3D9A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtMapUserPhysicalPagesScatter - OK - 0x805B42EA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtMapViewOfSection - OK - 0x805B09CE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtModifyBootEntry - ssdt hook - 0xA7839556 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtNotifyChangeDirectoryFile - OK - 0x80578CA4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtNotifyChangeKey - ssdt hook - 0xA783E534 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtNotifyChangeMultipleKeys - ssdt hook - 0xA783B3A6 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenDirectoryObject - OK - 0x805BCE3A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenEvent - ssdt hook - 0xA7844FD2 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenEventPair - ssdt hook - 0xA7845016 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenFile - OK - 0x80578F5C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenIoCompletion - ssdt hook - 0xA784519A - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenJobObject - OK - 0x805D3F1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenKey - ssdt hook - 0xA787B521 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenMutant - ssdt hook - 0xA7844F3C - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenObjectAuditAlarm - OK - 0x805F2C16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenProcess - ssdt hook - 0xA783DC3E - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenProcessToken - OK - 0x805EBF10 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenProcessTokenEx - OK - 0x805EBB16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenSection - ssdt hook - 0xA78450BA - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenSemaphore - ssdt hook - 0xA7844F86 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenSymbolicLinkObject - OK - 0x805C37C6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenThread - ssdt hook - 0xA783DF14 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenThreadToken - OK - 0x805EBF2E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenThreadTokenEx - OK - 0x805EBC86 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenTimer - ssdt hook - 0xA7845154 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtPlugPlayControl - OK - 0x80643128 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtPowerInformation - OK - 0x805C7D34 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtPrivilegeCheck - OK - 0x805F62E0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtPrivilegeObjectAuditAlarm - OK - 0x805F1F28 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtPrivilegedServiceAuditAlarm - OK - 0x805F2114 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtProtectVirtualMemory - ssdt hook - 0xA78E6E4A - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       NtPulseEvent - OK - 0x8060CF2E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryAttributesFile - OK - 0x80575CF0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryBootEntryOrder - OK - 0x8061481E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryBootOptions - OK - 0x8061481E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryDebugFilterState - OK - 0x8053EBA6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryDefaultLocale - OK - 0x8060EB00 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryDefaultUILanguage - OK - 0x8060F760 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryDirectoryFile - OK - 0x80578C3E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryDirectoryObject - OK - 0x805BCEDA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryEaFile - OK - 0x80578F8C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryEvent - OK - 0x8060CFF6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryFullAttributesFile - OK - 0x80575E28 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationAtom - OK - 0x80613FBA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationFile - OK - 0x805797F8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationJobObject - OK - 0x805D43EC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationPort - OK - 0x805A3E08 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationProcess - OK - 0x805CB79A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationThread - OK - 0x805CA3C8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationToken - OK - 0x805EC00E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInstallUILanguage - OK - 0x8060EEFE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryIntervalProfile - OK - 0x80615D2E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryIoCompletion - OK - 0x80576870 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryKey - ssdt hook - 0xA787BA28 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtQueryMultipleValueKey - OK - 0x80621216 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryMutant - OK - 0x8061560C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryObject - ssdt hook - 0xA783B272 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtQueryOpenSubKeys - OK - 0x8062187C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryPerformanceCounter - OK - 0x80615DBC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryQuotaInformationFile - OK - 0x8057A590 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySection - OK - 0x805B6F64 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySecurityObject - OK - 0x805BE9C6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySemaphore - OK - 0x80612FEE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySymbolicLinkObject - OK - 0x805C3866 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySystemEnvironmentValue - OK - 0x8061483A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySystemEnvironmentValueEx - OK - 0x806147F4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySystemInformation - OK - 0x8060F7E0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySystemTime - OK - 0x80610F86 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryTimer - OK - 0x80614F36 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryTimerResolution - OK - 0x80611018 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryValueKey - ssdt hook - 0xA787B87A - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtQueryVirtualMemory - OK - 0x805B75F2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryVolumeInformationFile - OK - 0x8057AA7A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueueApcThread - ssdt hook - 0xA783ADD4 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtRaiseException - OK - 0x80543EA4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRaiseHardError - OK - 0x80612C60 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReadFile - OK - 0x8057B21A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReadFileScatter - OK - 0x8057B784 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReadRequestData - OK - 0x805A4890 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReadVirtualMemory - OK - 0x805B2C52 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRegisterThreadTerminatePort - OK - 0x805D0F26 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReleaseMutant - OK - 0x80615744 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReleaseSemaphore - OK - 0x8061311E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRemoveIoCompletion - OK - 0x80576B68 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRemoveProcessDebug - OK - 0x80641006 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRenameKey - ssdt hook - 0xA78F37D2 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       NtReplaceKey - OK - 0x80623C28 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReplyPort - OK - 0x805A3F10 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReplyWaitReceivePort - OK - 0x805A4ED8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReplyWaitReceivePortEx - OK - 0x805A48E0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReplyWaitReplyPort - OK - 0x805A41FA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRequestDeviceWakeup - OK - 0x805C6E7E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRequestPort - OK - 0x805A146E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRequestWaitReplyPort - OK - 0x805A179A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRequestWakeupLatency - OK - 0x805C6C8C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtResetEvent - OK - 0x8060D108 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtResetWriteWatch - OK - 0x80520776 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRestoreKey - ssdt hook - 0xA787A838 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtResumeProcess - OK - 0x805D3266 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtResumeThread - OK - 0x805D3148 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSaveKey - OK - 0x806204F2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSaveKeyEx - OK - 0x80620582 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSaveMergedKeys - OK - 0x8062064E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSecureConnectPort - OK - 0x805A2788 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetBootEntryOrder - ssdt hook - 0xA78395A4 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSetBootOptions - ssdt hook - 0xA78395F2 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSetContextThread - ssdt hook - 0xA783A7BE - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSetDebugFilterState - OK - 0x80643CBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetDefaultHardErrorPort - OK - 0x80612B0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetDefaultLocale - OK - 0x8060EC50 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetDefaultUILanguage - OK - 0x8060F4C2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetEaFile - OK - 0x805794A0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetEvent - OK - 0x8060D1C8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetEventBoostPriority - OK - 0x8060D292 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetHighEventPair - OK - 0x80615428 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetHighWaitLowEventPair - OK - 0x80615358 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationDebugObject - OK - 0x806409D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationFile - OK - 0x80579DC4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationJobObject - OK - 0x805D50FA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationKey - OK - 0x80620DE2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationObject - OK - 0x805C227E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationProcess - OK - 0x805CC690 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationThread - OK - 0x805CA914 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationToken - OK - 0x805F865C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetIntervalProfile - OK - 0x80615890 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetIoCompletion - OK - 0x80576B06 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetLdtEntries - OK - 0x805D2092 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetLowEventPair - OK - 0x806153C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetLowWaitHighEventPair - OK - 0x806152EC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetQuotaInformationFile - OK - 0x8057A56E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetSecurityObject - OK - 0x805BE8FA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetSystemEnvironmentValue - OK - 0x80614ABE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetSystemEnvironmentValueEx - OK - 0x806147F4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetSystemInformation - ssdt hook - 0xA78391FA - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSetSystemPowerState - ssdt hook - 0xA78393AA - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSetSystemTime - OK - 0x8061228E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetThreadExecutionState - OK - 0x805C6BA0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetTimer - OK - 0x80537D4C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetTimerResolution - OK - 0x80611760 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetUuidSeed - OK - 0x806135D4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetValueKey - ssdt hook - 0xA787BFDE - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSetVolumeInformationFile - OK - 0x8057AE84 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtShutdownSystem - ssdt hook - 0xA7839350 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSignalAndWaitForSingleObject - OK - 0x80525846 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtStartProfile - OK - 0x80615ADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtStopProfile - OK - 0x80615C84 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSuspendProcess - ssdt hook - 0xA783AAF8 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSuspendThread - ssdt hook - 0xA783AC54 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSystemDebugControl - ssdt hook - 0xA783941A - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtTerminateJobObject - OK - 0x805D5C8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtTerminateProcess - ssdt hook - 0xA783A4D4 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtTerminateThread - ssdt hook - 0xA783A636 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtTestAlert - OK - 0x805D33D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtTraceEvent - OK - 0x805340EC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtTranslateFilePath - OK - 0x8061482C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtUnloadDriver - ssdt hook - 0xA78E541C - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       NtUnloadKey - OK - 0x806209D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtUnloadKeyEx - OK - 0x80620BBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtUnlockFile - OK - 0x80578430 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtUnlockVirtualMemory - OK - 0x805B5864 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtUnmapViewOfSection - OK - 0x805B17DC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtVdmControl - ssdt hook - 0xA7839640 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtWaitForDebugEvent - OK - 0x80640738 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWaitForMultipleObjects - OK - 0x805BF01C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWaitForSingleObject - OK - 0x805BEF32 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWaitHighEventPair - OK - 0x80615288 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWaitLowEventPair - OK - 0x80615224 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWriteFile - OK - 0x8057BC82 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWriteFileGather - OK - 0x8057C266 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWriteRequestData - OK - 0x805A48B8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWriteVirtualMemory - ssdt hook - 0xA7839F1A - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtYieldExecution - OK - 0x80503DBC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateKeyedEvent - OK - 0x80616300 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenKeyedEvent - OK - 0x806163EA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReleaseKeyedEvent - OK - 0x8061649C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWaitForKeyedEvent - OK - 0x806166F8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryPortInformationProcess - OK - 0x805CA148 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation

==========================================================================================

Shadow SSDT

       NtGdiAbortDoc - OK - 0xBF934FFE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAbortPath - OK - 0xBF946A92 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAddFontResourceW - OK - 0xBF8BF295 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAddRemoteFontToDC - OK - 0xBF93E718 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAddFontMemResourceEx - OK - 0xBF9480A9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRemoveMergeFont - OK - 0xBF935262 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAddRemoteMMInstanceToDC - OK - 0xBF935307 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAlphaBlend - inline hook - 0xA783FEBE - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiAngleArc - OK - 0xBF9479D0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAnyLinkedFonts - OK - 0xBF933A9D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFontIsLinked - OK - 0xBF947FC8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiArcInternal - OK - 0xBF90E7E0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBeginPath - OK - 0xBF88E5FE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBitBlt - inline hook - 0xA783FB4C - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiCancelDC - OK - 0xBF947E9A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCheckBitmapBits - OK - 0xBF949694 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCloseFigure - OK - 0xBF88D61C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiClearBitmapAttributes - OK - 0xBF8A2669 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiClearBrushAttributes - OK - 0xBF947F78 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiColorCorrectPalette - OK - 0xBF9497C7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCombineRgn - OK - 0xBF81C2FC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCombineTransform - OK - 0xBF858A31 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiComputeXformCoefficients - OK - 0xBF8DAF38 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiConsoleTextOut - OK - 0xBF8E6821 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiConvertMetafileRect - OK - 0xBF90FA14 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateBitmap - OK - 0xBF80E2F2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateClientObj - OK - 0xBF8FAD2A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateColorSpace - OK - 0xBF94948E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateColorTransform - OK - 0xBF94A38B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateCompatibleBitmap - OK - 0xBF8102E8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateCompatibleDC - inline hook - 0xA783FA3C - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiCreateDIBBrush - OK - 0xBF8C5A6D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateDIBitmapInternal - OK - 0xBF83354D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateDIBSection - OK - 0xBF82D477 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateEllipticRgn - OK - 0xBF937ECF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateHalftonePalette - OK - 0xBF881EB8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateHatchBrushInternal - OK - 0xBF94B417 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateMetafileDC - OK - 0xBF85A93F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreatePaletteInternal - OK - 0xBF88231A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreatePatternBrushInternal - OK - 0xBF87CB6B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreatePen - OK - 0xBF84EEFA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateRectRgn - OK - 0xBF838326 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateRoundRectRgn - OK - 0xBF85CFE7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateServerMetaFile - OK - 0xBF90F919 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateSolidBrush - OK - 0xBF80F1A5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiD3dContextCreate - OK - 0xBF93310D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiD3dContextDestroy - OK - 0xBF933120 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiD3dContextDestroyAll - OK - 0xBF933133 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiD3dValidateTextureStageState - OK - 0xBF933146 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiD3dDrawPrimitives2 - OK - 0xBF933159 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetDriverState - OK - 0xBF93316C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdAddAttachedSurface - OK - 0xBF932FE2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdAlphaBlt - OK - 0xBF93322C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdAttachSurface - OK - 0xBF886DA0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdBeginMoCompFrame - OK - 0xBF9331D7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdBlt - OK - 0xBF886DB3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCanCreateSurface - OK - 0xBF886B8D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCanCreateD3DBuffer - OK - 0xBF9330E4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdColorControl - OK - 0xBF932FF5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCreateDirectDrawObject - OK - 0xBF885511 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCreateSurface - OK - 0xBF885524 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCreateD3DBuffer - OK - 0xBF9330CE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCreateMoComp - OK - 0xBF886BCC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCreateSurfaceObject - OK - 0xBF887201 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdDeleteDirectDrawObject - OK - 0xBF8DB2D3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdDeleteSurfaceObject - OK - 0xBF886D74 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdDestroyMoComp - OK - 0xBF886BA0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdDestroySurface - OK - 0xBF8DB2BD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdDestroyD3DBuffer - OK - 0xBF9330F7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdEndMoCompFrame - OK - 0xBF9331EA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdFlip - OK - 0xBF887315 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdFlipToGDISurface - OK - 0xBF887A1A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetAvailDriverMemory - OK - 0xBF886D8A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetBltStatus - OK - 0xBF933008 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetDC - OK - 0xBF886AF8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetDriverInfo - OK - 0xBF886B37 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetDxHandle - OK - 0xBF933076 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetFlipStatus - OK - 0xBF93301E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetInternalMoCompInfo - OK - 0xBF9331C1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetMoCompBuffInfo - OK - 0xBF9331AB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetMoCompGuids - OK - 0xBF886BB6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetMoCompFormats - OK - 0xBF933195 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetScanLine - OK - 0xBF887B1E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdLock - OK - 0xBF8DF38E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdLockD3D - OK - 0xBF9330A2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdQueryDirectDrawObject - OK - 0xBF8854B0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdQueryMoCompStatus - OK - 0xBF933216 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdReenableDirectDrawObject - OK - 0xBF8854EB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdReleaseDC - OK - 0xBF886C6C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdRenderMoComp - OK - 0xBF933200 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdResetVisrgn - OK - 0xBF8DF1D4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdSetColorKey - OK - 0xBF88732B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdSetExclusiveMode - OK - 0xBF933034 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdSetGammaRamp - OK - 0xBF93308C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCreateSurfaceEx - OK - 0xBF93317F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdSetOverlayPosition - OK - 0xBF93304A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdUnattachSurface - OK - 0xBF886E40 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdUnlock - OK - 0xBF8DF184 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdUnlockD3D - OK - 0xBF9330B8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdUpdateOverlay - OK - 0xBF8872FF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdWaitForVerticalBlank - OK - 0xBF933060 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpCanCreateVideoPort - OK - 0xBF93323F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpColorControl - OK - 0xBF933255 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpCreateVideoPort - OK - 0xBF93326B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpDestroyVideoPort - OK - 0xBF933281 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpFlipVideoPort - OK - 0xBF933297 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortBandwidth - OK - 0xBF9332AD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortField - OK - 0xBF9332C3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortFlipStatus - OK - 0xBF9332D9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortInputFormats - OK - 0xBF9332EF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortLine - OK - 0xBF933305 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortOutputFormats - OK - 0xBF93331B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortConnectInfo - OK - 0xBF933331 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoSignalStatus - OK - 0xBF933347 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpUpdateVideoPort - OK - 0xBF93335D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpWaitForVideoPortSync - OK - 0xBF933373 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpAcquireNotification - OK - 0xBF933389 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpReleaseNotification - OK - 0xBF93339F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDxgGenericThunk - OK - 0xBF932FCF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDeleteClientObj - OK - 0xBF8FADC5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDeleteColorSpace - OK - 0xBF949481 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDeleteColorTransform - OK - 0xBF94A647 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDeleteObjectApp - inline hook - 0xA783F9F6 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiDescribePixelFormat - OK - 0xBF948B7F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetPerBandInfo - OK - 0xBF88A845 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDoBanding - OK - 0xBF892E48 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDoPalette - OK - 0xBF83DE12 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDrawEscape - OK - 0xBF947A1A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEllipse - OK - 0xBF85BAE3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEnableEudc - OK - 0xBF8A0D5B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEndDoc - OK - 0xBF892791 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEndPage - OK - 0xBF88A3E8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEndPath - OK - 0xBF88E69E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEnumFontChunk - OK - 0xBF8D73A4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEnumFontClose - OK - 0xBF8D7323 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEnumFontOpen - OK - 0xBF8D6986 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEnumObjects - OK - 0xBF8C5D75 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEqualRgn - OK - 0xBF937FCA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEudcLoadUnloadLink - OK - 0xBF94EC23 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExcludeClipRect - OK - 0xBF8244F1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtCreatePen - OK - 0xBF879308 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtCreateRegion - OK - 0xBF83866D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtEscape - OK - 0xBF8709DE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtFloodFill - OK - 0xBF94FA2F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtGetObjectW - OK - 0xBF823842 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtSelectClipRgn - OK - 0xBF80F939 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtTextOutW - OK - 0xBF82A233 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFillPath - OK - 0xBF946BB7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFillRgn - OK - 0xBF9066D2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFlattenPath - OK - 0xBF946B1C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFlushUserBatch - OK - 0xBF80DA45 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFlush - OK - 0xBF8089FF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiForceUFIMapping - OK - 0xBF948A5F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFrameRgn - OK - 0xBF85D38E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFullscreenControl - OK - 0xBF93AC6A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetAndSetDCDword - OK - 0xBF877743 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetAppClipBox - OK - 0xBF817116 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetBitmapBits - OK - 0xBF8DB715 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetBitmapDimension - OK - 0xBF948981 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetBoundsRect - OK - 0xBF85A271 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetCharABCWidthsW - OK - 0xBF908669 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetCharacterPlacementW - OK - 0xBF947125 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetCharSet - OK - 0xBF80FF05 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetCharWidthW - OK - 0xBF8CF94C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetCharWidthInfo - OK - 0xBF881281 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetColorAdjustment - OK - 0xBF947D3C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetColorSpaceforBitmap - OK - 0xBF9502E4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDCDword - OK - 0xBF823B0F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDCforBitmap - OK - 0xBF830FAF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDCObject - OK - 0xBF82399C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDCPoint - OK - 0xBF83FF1D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDeviceCaps - OK - 0xBF947F38 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDeviceGammaRamp - OK - 0xBF949A1E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDeviceCapsAll - OK - 0xBF86C479 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDIBitsInternal - OK - 0xBF83FBEB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetETM - OK - 0xBF951247 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetEudcTimeStampEx - OK - 0xBF94C6C4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetFontData - OK - 0xBF8D5D18 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetFontResourceInfoInternalW - OK - 0xBF9481D7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetGlyphIndicesW - OK - 0xBF948E62 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetGlyphIndicesWInternal - OK - 0xBF948D05 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetGlyphOutline - OK - 0xBF947B2D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetKerningPairs - OK - 0xBF947C32 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetLinkedUFIs - OK - 0xBF935016 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetMiterLimit - OK - 0xBF85A9A7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetMonitorID - OK - 0xBF93DC0A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetNearestColor - OK - 0xBF823DF5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetNearestPaletteIndex - OK - 0xBF94B49D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetObjectBitmapHandle - OK - 0xBF947CC3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetOutlineTextMetricsInternalW - OK - 0xBF8CF034 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetPath - OK - 0xBF946F84 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetPixel - inline hook - 0xA783FA86 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiGetRandomRgn - OK - 0xBF80F949 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetRasterizerCaps - OK - 0xBF8D6189 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetRealizationInfo - OK - 0xBF948F0D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetRegionData - OK - 0xBF87C521 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetRgnBox - OK - 0xBF82822E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetServerMetaFileBits - OK - 0xBF90FB56 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetSpoolMessage - OK - 0xBF89D3E0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetStats - OK - 0xBF9513C4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetStockObject - OK - 0xBF8449D1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetStringBitmapW - OK - 0xBF94E2B7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetSystemPaletteUse - OK - 0xBF9080E2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetTextCharsetInfo - OK - 0xBF832D87 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetTextExtent - OK - 0xBF855960 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetTextExtentExW - OK - 0xBF8C55DB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetTextFaceW - OK - 0xBF834814 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetTextMetricsW - OK - 0xBF832BE5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetTransform - OK - 0xBF8585D0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetUFI - OK - 0xBF94841E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetEmbUFI - OK - 0xBF9484E7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetUFIPathname - OK - 0xBF9485C7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetEmbedFonts - OK - 0xBF94839F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiChangeGhostFont - OK - 0xBF9483A9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAddEmbFontToDC - OK - 0xBF934348 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetFontUnicodeRanges - OK - 0xBF948E86 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetWidthTable - OK - 0xBF833A26 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGradientFill - OK - 0xBF859671 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiHfontCreate - OK - 0xBF824057 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiIcmBrushInfo - OK - 0xBF94A002 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiInit - OK - 0xBF8E59CC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiInitSpool - OK - 0xBF8A2D87 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiIntersectClipRect - OK - 0xBF816C3F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiInvertRgn - OK - 0xBF907A16 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiLineTo - OK - 0xBF84F0D3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiMakeFontDir - OK - 0xBF948BF9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiMakeInfoDC - OK - 0xBF95031D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiMaskBlt - inline hook - 0xA783FCB6 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiModifyWorldTransform - OK - 0xBF8583B1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiMonoBitmap - OK - 0xBF9085BB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiMoveTo - OK - 0xBF947ECA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiOffsetClipRgn - OK - 0xBF892CE3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiOffsetRgn - OK - 0xBF831ABF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiOpenDCW - inline hook - 0xA783F8FC - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiPatBlt - OK - 0xBF82807B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPolyPatBlt - OK - 0xBF82CB05 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPathToRegion - OK - 0xBF946C91 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPlgBlt - inline hook - 0xA783FD74 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiPolyDraw - OK - 0xBF9475B8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPolyPolyDraw - OK - 0xBF84E77E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPolyTextOutW - OK - 0xBF9476B5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPtInRegion - OK - 0xBF947FB8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPtVisible - OK - 0xBF93816C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiQueryFonts - OK - 0xBF947FD8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiQueryFontAssocInfo - OK - 0xBF8E5EDE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRectangle - OK - 0xBF8DFB85 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRectInRegion - OK - 0xBF8E2595 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRectVisible - OK - 0xBF82FF0D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRemoveFontResourceW - OK - 0xBF89DD8A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRemoveFontMemResourceEx - OK - 0xBF9481BB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiResetDC - OK - 0xBF888D6B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiResizePalette - OK - 0xBF94B711 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRestoreDC - OK - 0xBF82880C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRoundRect - OK - 0xBF90D9BC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSaveDC - OK - 0xBF82881C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiScaleViewportExtEx - OK - 0xBF940B11 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiScaleWindowExtEx - OK - 0xBF94890D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSelectBitmap - OK - 0xBF80A6C5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSelectBrush - OK - 0xBF947EAA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSelectClipPath - OK - 0xBF88E799 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSelectFont - OK - 0xBF81C30C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSelectPen - OK - 0xBF947EBA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetBitmapAttributes - OK - 0xBF8A2770 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetBitmapBits - OK - 0xBF8248D9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetBitmapDimension - OK - 0xBF9489EB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetBoundsRect - OK - 0xBF85A678 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetBrushAttributes - OK - 0xBF947F58 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetBrushOrg - OK - 0xBF85488F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetColorAdjustment - OK - 0xBF947D9D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetColorSpace - OK - 0xBF949543 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetDeviceGammaRamp - OK - 0xBF949D5A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetDIBitsToDeviceInternal - OK - 0xBF826EA8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetFontEnumeration - OK - 0xBF8BD6FD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetFontXform - OK - 0xBF858DBD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetIcmMode - OK - 0xBF9070A3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetLinkedUFIs - OK - 0xBF889F0F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetMagicColors - OK - 0xBF94B99B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetMetaRgn - OK - 0xBF858C3C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetMiterLimit - OK - 0xBF858C5E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDeviceWidth - OK - 0xBF9488FD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiMirrorWindowOrg - OK - 0xBF9488ED - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetLayout - OK - 0xBF8243F9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetPixel - OK - 0xBF8DACB8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetPixelFormat - OK - 0xBF95208E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetRectRgn - OK - 0xBF947FA8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetSystemPaletteUse - OK - 0xBF947F48 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetTextJustification - OK - 0xBF951654 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetupPublicCFONT - OK - 0xBF89E43D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetVirtualResolution - OK - 0xBF85899E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetSizeDevice - OK - 0xBF858E2E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiStartDoc - OK - 0xBF891FBE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiStartPage - OK - 0xBF88A239 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiStretchBlt - inline hook - 0xA783FBFE - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiStretchDIBitsInternal - OK - 0xBF901429 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiStrokeAndFillPath - OK - 0xBF88DA35 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiStrokePath - OK - 0xBF946E98 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSwapBuffers - OK - 0xBF952236 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiTransformPoints - OK - 0xBF87C78B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiTransparentBlt - inline hook - 0xA783FE1C - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiUnloadPrinterDriver - OK - 0xBF948AD0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiUnmapMemFont - OK - 0xBF9524F4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiUnrealizeObject - OK - 0xBF947F98 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiUpdateColors - OK - 0xBF94B9AB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiWidenPath - OK - 0xBF946D79 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserActivateKeyboardLayout - OK - 0xBF8D98C2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserAlterWindowStyle - OK - 0xBF8DC5DA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserAssociateInputContext - OK - 0xBF913D11 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserAttachThreadInput - inline hook - 0xA783F0C0 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserBeginPaint - OK - 0xBF816083 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserBitBltSysBmp - OK - 0xBF90801E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserBlockInput - inline hook - 0xA783E8F0 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserBuildHimcList - OK - 0xBF913E48 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserBuildHwndList - ssdt hook - 0xA5DAA390 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       NtUserBuildNameList - inline hook - 0xA783EEE4 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserBuildPropList - OK - 0xBF912470 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallHwnd - OK - 0xBF8DB3C7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallHwndLock - OK - 0xBF831A06 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallHwndOpt - OK - 0xBF89FDBF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallHwndParam - OK - 0xBF82EBD1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallHwndParamLock - inline hook - 0xA783E7C4 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserCallMsgFilter - OK - 0xBF87A596 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallNextHookEx - OK - 0xBF8D4BEB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallNoParam - OK - 0xBF801019 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallOneParam - OK - 0xBF800FD1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallTwoParam - OK - 0xBF831BF2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserChangeClipboardChain - OK - 0xBF908BFC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserChangeDisplaySettings - OK - 0xBF8BBCDF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCheckImeHotKey - OK - 0xBF8DDDCC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCheckMenuItem - OK - 0xBF8DC90D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserChildWindowFromPointEx - OK - 0xBF8C656B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserClipCursor - OK - 0xBF861D89 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCloseClipboard - OK - 0xBF90791B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCloseDesktop - OK - 0xBF87FDA0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCloseWindowStation - OK - 0xBF8802BE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserConsoleControl - OK - 0xBF8E5400 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserConvertMemHandle - OK - 0xBF8CD465 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCopyAcceleratorTable - OK - 0xBF90CFF5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCountClipboardFormats - OK - 0xBF907FF8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateAcceleratorTable - OK - 0xBF881DDD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateCaret - OK - 0xBF84BF62 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateDesktop - OK - 0xBF8A235A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateInputContext - OK - 0xBF913C77 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateLocalMemHandle - OK - 0xBF908F57 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateWindowEx - OK - 0xBF82F80F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateWindowStation - OK - 0xBF8A2AC7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDdeGetQualityOfService - OK - 0xBF9114FA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDdeInitialize - OK - 0xBF8A0A55 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDdeSetQualityOfService - OK - 0xBF91142A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDeferWindowPos - OK - 0xBF87CD4D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDefSetText - OK - 0xBF8FCF6E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDeleteMenu - OK - 0xBF8FEF19 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDestroyAcceleratorTable - OK - 0xBF861E47 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDestroyCursor - OK - 0xBF830B52 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDestroyInputContext - OK - 0xBF913CC7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDestroyMenu - OK - 0xBF8FE709 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDestroyWindow - ssdt & inline - 0xA5DAAAE0 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       NtUserDisableThreadIme - OK - 0xBF91447F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDispatchMessage - OK - 0xBF80F3D1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDragDetect - OK - 0xBF91256B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDragObject - OK - 0xBF9109EE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDrawAnimatedRects - OK - 0xBF9116CA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDrawCaption - OK - 0xBF91178D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDrawCaptionTemp - OK - 0xBF90AE78 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDrawIconEx - OK - 0xBF83A871 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDrawMenuBarTemp - OK - 0xBF912738 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEmptyClipboard - OK - 0xBF8CD0EA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEnableMenuItem - OK - 0xBF8FDEA3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEnableScrollBar - OK - 0xBF9113A5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEndDeferWindowPosEx - OK - 0xBF8282CE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEndMenu - OK - 0xBF911836 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEndPaint - OK - 0xBF815D3B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEnumDisplayDevices - OK - 0xBF8CDD91 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEnumDisplayMonitors - OK - 0xBF83051C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEnumDisplaySettings - OK - 0xBF885887 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEvent - OK - 0xBF910C7B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserExcludeUpdateRgn - OK - 0xBF907C1C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserFillWindow - OK - 0xBF87A671 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserFindExistingCursorIcon - OK - 0xBF840723 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserFindWindowEx - ssdt hook - 0xA5DAA630 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       NtUserFlashWindowEx - OK - 0xBF91486E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetAltTabInfo - OK - 0xBF8CBB05 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetAncestor - OK - 0xBF81F163 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetAppImeLevel - OK - 0xBF91421C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetAsyncKeyState - inline hook - 0xA783F090 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserGetAtomName - OK - 0xBF82F9EB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetCaretBlinkTime - OK - 0xBF906A27 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetCaretPos - OK - 0xBF9069AD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClassInfo - OK - 0xBF83DAD2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClassName - OK - 0xBF823C1A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClipboardData - inline hook - 0xA783EB48 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserGetClipboardFormatName - OK - 0xBF8E265A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClipboardOwner - OK - 0xBF8CD1E0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClipboardSequenceNumber - OK - 0xBF8283F6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClipboardViewer - OK - 0xBF91187C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClipCursor - OK - 0xBF91130D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetComboBoxInfo - OK - 0xBF910F43 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetControlBrush - OK - 0xBF856332 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetControlColor - OK - 0xBF8DEF58 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetCPD - OK - 0xBF84AC24 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetCursorFrameInfo - OK - 0xBF8815DB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetCursorInfo - OK - 0xBF911060 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetDC - OK - 0xBF804473 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetDCEx - OK - 0xBF838C46 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetDoubleClickTime - OK - 0xBF8FD806 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetForegroundWindow - ssdt hook - 0xA5DAA6D0 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       NtUserGetGuiResources - OK - 0xBF910AB7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetGUIThreadInfo - OK - 0xBF87E5E1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetIconInfo - OK - 0xBF83D242 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetIconSize - OK - 0xBF83D392 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetImeHotKey - OK - 0xBF9140DA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetImeInfoEx - OK - 0xBF913F4A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetInternalWindowPos - OK - 0xBF910D0C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetKeyboardLayoutList - OK - 0xBF830243 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetKeyboardLayoutName - OK - 0xBF8D1CAB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetKeyboardState - inline hook - 0xA783F16A - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserGetKeyNameText - OK - 0xBF90B1C3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetKeyState - inline hook - 0xA783F0A8 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserGetListBoxInfo - OK - 0xBF91100C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetMenuBarInfo - OK - 0xBF91115D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetMenuIndex - OK - 0xBF9115B3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetMenuItemRect - OK - 0xBF9120E7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetMessage - OK - 0xBF80F0DF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetMouseMovePointsEx - OK - 0xBF911DC2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetObjectInformation - OK - 0xBF844E48 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetOpenClipboardWindow - OK - 0xBF907FCC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetPriorityClipboardFormat - OK - 0xBF9118A8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetProcessWindowStation - OK - 0xBF80F1C2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetRawInputBuffer - OK - 0xBF9150EE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetRawInputData - OK - 0xBF9149EE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetRawInputDeviceInfo - OK - 0xBF914BC8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetRawInputDeviceList - OK - 0xBF914EBD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetRegisteredRawInputDevices - OK - 0xBF9150B3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetScrollBarInfo - OK - 0xBF8FE245 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetSystemMenu - OK - 0xBF838526 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetThreadDesktop - OK - 0xBF8450FF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetThreadState - OK - 0xBF81EAFC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetTitleBarInfo - OK - 0xBF838ECE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetUpdateRect - OK - 0xBF833656 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetUpdateRgn - OK - 0xBF84B3BF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetWindowDC - OK - 0xBF80373D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetWindowPlacement - OK - 0xBF856811 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetWOWClass - OK - 0xBF90D3A1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserHardErrorControl - OK - 0xBF9108F8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserHideCaret - OK - 0xBF824582 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserHiliteMenuItem - OK - 0xBF911931 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserImpersonateDdeClientWindow - OK - 0xBF9126D3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserInitialize - OK - 0xBF8B718D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserInitializeClientPfnArrays - OK - 0xBF8B175C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserInitTask - OK - 0xBF910DEB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserInternalGetWindowText - OK - 0xBF838FCA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserInvalidateRect - OK - 0xBF8153D5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserInvalidateRgn - OK - 0xBF8FE56F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserIsClipboardFormatAvailable - OK - 0xBF8283BC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserKillTimer - OK - 0xBF80E5AF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserLoadKeyboardLayoutEx - OK - 0xBF8D150A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserLockWindowStation - OK - 0xBF8A25B8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserLockWindowUpdate - OK - 0xBF8D2D97 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserLockWorkStation - OK - 0xBF9109D1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserMapVirtualKeyEx - OK - 0xBF8FEB43 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserMenuItemFromPoint - OK - 0xBF9121BE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserMessageCall - ssdt hook - 0xA5DAAB40 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       NtUserMinMaximize - OK - 0xBF90EF83 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserMNDragLeave - OK - 0xBF911A81 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserMNDragOver - OK - 0xBF9119D1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserModifyUserStartupInfoFlags - OK - 0xBF86208B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserMoveWindow - OK - 0xBF833903 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserNotifyIMEStatus - OK - 0xBF91441A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserNotifyProcessCreate - OK - 0xBF8E5A02 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserNotifyWinEvent - OK - 0xBF839226 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserOpenClipboard - OK - 0xBF907898 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserOpenDesktop - inline hook - 0xA783EC1E - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserOpenInputDesktop - inline hook - 0xA783ECDE - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserOpenWindowStation - OK - 0xBF880385 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserPaintDesktop - OK - 0xBF8D9B78 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserPeekMessage - OK - 0xBF80362C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserPostMessage - inline hook - 0xA5DAA770 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       NtUserPostThreadMessage - ssdt hook - 0xA5DAA870 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       NtUserPrintWindow - OK - 0xBF8BD800 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserProcessConnect - OK - 0xBF8E3764 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserQueryInformationThread - OK - 0xBF912250 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserQueryInputContext - OK - 0xBF913DC4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserQuerySendMessage - OK - 0xBF9125FE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserQueryUserCounters - OK - 0xBF914523 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserQueryWindow - ssdt hook - 0xA5DAA8B0 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       NtUserRealChildWindowFromPoint - OK - 0xBF91111F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRealInternalGetMessage - OK - 0xBF89E7D8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRealWaitMessageEx - OK - 0xBF912027 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRedrawWindow - OK - 0xBF81ECD1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRegisterClassExWOW - OK - 0xBF8443D4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRegisterUserApiHook - OK - 0xBF8A2EB3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRegisterHotKey - inline hook - 0xA783F182 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserRegisterRawInputDevices - inline hook - 0xA783EFFE - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserRegisterTasklist - OK - 0xBF910F0F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRegisterWindowMessage - OK - 0xBF808B93 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRemoveMenu - OK - 0xBF8BD728 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRemoveProp - OK - 0xBF82D80E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserResolveDesktop - OK - 0xBF8DEAF5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserResolveDesktopForWOW - OK - 0xBF9152FE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSBGetParms - OK - 0xBF8FE0EE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserScrollDC - OK - 0xBF8E308A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserScrollWindowEx - OK - 0xBF8E1C95 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSelectPalette - OK - 0xBF833198 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSendInput - inline hook - 0xA783E944 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserSetActiveWindow - OK - 0xBF87A4FF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetAppImeLevel - OK - 0xBF9141B1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetCapture - OK - 0xBF84D0ED - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetClassLong - OK - 0xBF8FD95B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetClassWord - OK - 0xBF911A9E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetClipboardData - OK - 0xBF8CD389 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetClipboardViewer - inline hook - 0xA783EA1C - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserSetConsoleReserveKeys - OK - 0xBF8DA65E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetCursor - OK - 0xBF81C4AF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetCursorContents - OK - 0xBF9120A0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetCursorIconData - OK - 0xBF83D521 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetDbgTag - OK - 0xBF911636 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetFocus - OK - 0xBF839466 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetImeHotKey - OK - 0xBF8D1434 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetImeInfoEx - OK - 0xBF91402F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetImeOwnerWindow - OK - 0xBF914286 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetInformationProcess - OK - 0xBF8E5666 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetInformationThread - OK - 0xBF8DA428 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetInternalWindowPos - OK - 0xBF91122C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetKeyboardState - OK - 0xBF907DCA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetLogonNotifyWindow - OK - 0xBF8AB198 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetMenu - OK - 0xBF90B089 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetMenuContextHelpId - OK - 0xBF911659 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetMenuDefaultItem - OK - 0xBF8BD6BD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetMenuFlagRtoL - OK - 0xBF911696 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetObjectInformation - OK - 0xBF910943 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetParent - ssdt hook - 0xA5DAA940 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       NtUserSetProcessWindowStation - OK - 0xBF880564 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetProp - OK - 0xBF823625 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetRipFlags - OK - 0xBF911613 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetScrollInfo - OK - 0xBF80EAD3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetShellWindowEx - OK - 0xBF89F5AA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetSysColors - inline hook - 0xA783E760 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserSetSystemCursor - OK - 0xBF912067 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetSystemMenu - OK - 0xBF8D592C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetSystemTimer - OK - 0xBF9125C5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetThreadDesktop - OK - 0xBF8805BC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetThreadLayoutHandles - OK - 0xBF914399 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetThreadState - OK - 0xBF8562F6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetTimer - OK - 0xBF8039D7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowFNID - OK - 0xBF8561A6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowLong - ssdt hook - 0xA5DAAA60 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       NtUserSetWindowPlacement - OK - 0xBF8D5037 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowPos - OK - 0xBF8233CC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowRgn - OK - 0xBF83827B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowsHookAW - OK - 0xBF8DC892 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowsHookEx - inline hook - 0xA783E670 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserSetWindowStationUser - OK - 0xBF8A2455 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowWord - OK - 0xBF907E1E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWinEventHook - inline hook - 0xA783E56A - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserShowCaret - OK - 0xBF8245E4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserShowScrollBar - OK - 0xBF8FD78C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserShowWindow - ssdt hook - 0xA5DAAAA0 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       NtUserShowWindowAsync - OK - 0xBF8DE9E8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSoundSentry - OK - 0xBF862181 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSwitchDesktop - inline hook - 0xA783EE9E - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserSystemParametersInfo - inline hook - 0xA783E688 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserTestForInteractiveUser - OK - 0xBF90D52C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserThunkedMenuInfo - OK - 0xBF8D588D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserThunkedMenuItemInfo - OK - 0xBF837665 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserToUnicodeEx - OK - 0xBF911E72 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserTrackMouseEvent - OK - 0xBF909605 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserTrackPopupMenuEx - OK - 0xBF911C8F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCalcMenuBar - OK - 0xBF839135 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserPaintMenuBar - OK - 0xBF863D93 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserTranslateAccelerator - OK - 0xBF9090EC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserTranslateMessage - OK - 0xBF84A3EB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnhookWindowsHookEx - OK - 0xBF8DBC2B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnhookWinEvent - OK - 0xBF8CED24 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnloadKeyboardLayout - OK - 0xBF91253D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnlockWindowStation - OK - 0xBF8BD9A0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnregisterClass - OK - 0xBF844CA1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnregisterUserApiHook - OK - 0xBF8A28C6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnregisterHotKey - OK - 0xBF911D85 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUpdateInputContext - OK - 0xBF913D74 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUpdateInstance - OK - 0xBF910BE6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUpdateLayeredWindow - OK - 0xBF905F8E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetLayeredWindowAttributes - OK - 0xBF914930 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetLayeredWindowAttributes - OK - 0xBF8FE5ED - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUpdatePerUserSystemParameters - OK - 0xBF8A80CB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUserHandleGrantAccess - OK - 0xBF912297 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserValidateHandleSecure - OK - 0xBF8017E5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserValidateRect - OK - 0xBF8E17F6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserValidateTimerCallback - OK - 0xBF808EBA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserVkKeyScanEx - OK - 0xBF84B096 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserWaitForInputIdle - OK - 0xBF90CD70 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserWaitForMsgAndEvent - OK - 0xBF90BD83 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserWaitMessage - OK - 0xBF8036D3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserWin32PoolAllocationStats - OK - 0xBF910939 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserWindowFromPoint - ssdt hook - 0xA5DAA9D0 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys - File not found
       NtUserYieldTask - OK - 0xBF90D4C4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRemoteConnect - OK - 0xBF89F133 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRemoteRedrawRectangle - OK - 0xBF9107C0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRemoteRedrawScreen - OK - 0xBF91080D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRemoteStopScreenUpdates - OK - 0xBF910861 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCtxDisplayIOCtl - OK - 0xBF9108AE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngAssociateSurface - OK - 0xBF888FAA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCreateBitmap - OK - 0xBF892FEC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCreateDeviceSurface - OK - 0xBF888F77 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCreateDeviceBitmap - OK - 0xBF9524FF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCreatePalette - OK - 0xBF86EB6B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngComputeGlyphSet - OK - 0xBF89476D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCopyBits - OK - 0xBF952655 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngDeletePalette - OK - 0xBF86D407 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngDeleteSurface - OK - 0xBF888EFD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngEraseSurface - OK - 0xBF9534B8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngUnlockSurface - OK - 0xBF8969AA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngLockSurface - OK - 0xBF892A3D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngBitBlt - OK - 0xBF88B1B8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngStretchBlt - OK - 0xBF897E35 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngPlgBlt - OK - 0xBF952A4D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngMarkBandingSurface - OK - 0xBF89310F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngStrokePath - OK - 0xBF88BA74 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngFillPath - OK - 0xBF952C44 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngStrokeAndFillPath - OK - 0xBF88C712 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngPaint - OK - 0xBF952DAF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngLineTo - OK - 0xBF952ECB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngAlphaBlend - OK - 0xBF952FF4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngGradientFill - OK - 0xBF953173 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngTransparentBlt - OK - 0xBF95334C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngTextOut - OK - 0xBF88D284 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngStretchBltROP - OK - 0xBF9527F1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiXLATEOBJ_cGetPalette - OK - 0xBF953C6A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiXLATEOBJ_iXlate - OK - 0xBF953D26 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiXLATEOBJ_hGetColorTransform - OK - 0xBF953C1C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCLIPOBJ_bEnum - OK - 0xBF88BF7B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCLIPOBJ_cEnumStart - OK - 0xBF88C028 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCLIPOBJ_ppoGetPath - OK - 0xBF953582 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngDeletePath - OK - 0xBF9535C0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCreateClip - OK - 0xBF9535FA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngDeleteClip - OK - 0xBF95362C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBRUSHOBJ_ulGetBrushColor - OK - 0xBF893A70 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBRUSHOBJ_pvAllocRbrush - OK - 0xBF953666 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBRUSHOBJ_pvGetRbrush - OK - 0xBF9536B7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBRUSHOBJ_hGetColorTransform - OK - 0xBF8947F3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiXFORMOBJ_bApplyXform - OK - 0xBF89413C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiXFORMOBJ_iGetXform - OK - 0xBF88A0CA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_vGetInfo - OK - 0xBF8942FD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_pxoGetXform - OK - 0xBF88A030 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_cGetGlyphs - OK - 0xBF893DA1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_pifi - OK - 0xBF88A8C7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_pfdg - OK - 0xBF953DE1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_pQueryGlyphAttrs - OK - 0xBF953EE8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_pvTrueTypeFontFile - OK - 0xBF953B4C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_cGetAllGlyphHandles - OK - 0xBF953705 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSTROBJ_bEnum - OK - 0xBF953FC0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSTROBJ_bEnumPositionsOnly - OK - 0xBF89452B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSTROBJ_bGetAdvanceWidths - OK - 0xBF88A9DA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSTROBJ_vEnumStart - OK - 0xBF894549 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSTROBJ_dwGetCodePage - OK - 0xBF9537D0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPATHOBJ_vGetBounds - OK - 0xBF9538C1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPATHOBJ_bEnum - OK - 0xBF953FDE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPATHOBJ_vEnumStart - OK - 0xBF953952 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPATHOBJ_vEnumStartClipLines - OK - 0xBF953996 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPATHOBJ_bEnumClipLines - OK - 0xBF953A43 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDhpdev - OK - 0xBF9524CD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCheckAbort - OK - 0xBF953D78 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiHT_Get8BPPFormatPalette - OK - 0xBF88B74D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiHT_Get8BPPMaskPalette - OK - 0xBF952541 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiUpdateTransform - OK - 0xBF940CD6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetPUMPDOBJ - OK - 0xBF86CB29 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBRUSHOBJ_DeleteRbrush - OK - 0xBF95381E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiUnmapMemFont - OK - 0xBF9524F4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDrawStream - OK - 0xBF817DC4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation

==========================================================================================

FSD

       (Fastfat)IRP_MJ_CREATE - fsd hook - 0xA78FFAFC - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       (Fastfat)IRP_MJ_CREATE_NAMED_PIPE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Fastfat)IRP_MJ_CLOSE - fsd hook - 0xA78FFB3C - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       (Fastfat)IRP_MJ_READ - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Fastfat)IRP_MJ_WRITE - fsd hook - 0xA78FFC04 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       (Fastfat)IRP_MJ_QUERY_INFORMATION - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Fastfat)IRP_MJ_SET_INFORMATION - fsd hook - 0xA78FFC44 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       (Fastfat)IRP_MJ_QUERY_EA - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Fastfat)IRP_MJ_SET_EA - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Fastfat)IRP_MJ_FLUSH_BUFFERS - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Fastfat)IRP_MJ_QUERY_VOLUME_INFORMATION - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Fastfat)IRP_MJ_SET_VOLUME_INFORMATION - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Fastfat)IRP_MJ_DIRECTORY_CONTROL - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Fastfat)IRP_MJ_FILE_SYSTEM_CONTROL - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Fastfat)IRP_MJ_DEVICE_CONTROL - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Fastfat)IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Fastfat)IRP_MJ_SHUTDOWN - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Fastfat)IRP_MJ_LOCK_CONTROL - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Fastfat)IRP_MJ_CLEANUP - fsd hook - 0xA78FFBA0 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       (Fastfat)IRP_MJ_CREATE_MAILSLOT - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Fastfat)IRP_MJ_QUERY_SECURITY - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Fastfat)IRP_MJ_SET_SECURITY - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Fastfat)IRP_MJ_POWER - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Fastfat)IRP_MJ_SYSTEM_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Fastfat)IRP_MJ_DEVICE_CHANGE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Fastfat)IRP_MJ_QUERY_QUOTA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Fastfat)IRP_MJ_SET_QUOTA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Fastfat)IRP_MJ_PNP_POWER - fsd hook - 0x89904430->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_CREATE - fsd hook - 0xA78FF974 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       (Ntfs)IRP_MJ_CREATE_NAMED_PIPE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Ntfs)IRP_MJ_CLOSE - fsd hook - 0xA78FF9B4 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       (Ntfs)IRP_MJ_READ - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_WRITE - fsd hook - 0xA78FFA7C - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       (Ntfs)IRP_MJ_QUERY_INFORMATION - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_SET_INFORMATION - fsd hook - 0xA78FFABC - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       (Ntfs)IRP_MJ_QUERY_EA - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_SET_EA - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_FLUSH_BUFFERS - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_QUERY_VOLUME_INFORMATION - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_SET_VOLUME_INFORMATION - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_DIRECTORY_CONTROL - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_FILE_SYSTEM_CONTROL - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_DEVICE_CONTROL - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Ntfs)IRP_MJ_SHUTDOWN - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_LOCK_CONTROL - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_CLEANUP - fsd hook - 0xA78FFA18 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       (Ntfs)IRP_MJ_CREATE_MAILSLOT - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Ntfs)IRP_MJ_QUERY_SECURITY - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_SET_SECURITY - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_POWER - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Ntfs)IRP_MJ_SYSTEM_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Ntfs)IRP_MJ_DEVICE_CHANGE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       (Ntfs)IRP_MJ_QUERY_QUOTA - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_SET_QUOTA - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       (Ntfs)IRP_MJ_PNP_POWER - fsd hook - 0x89E541F8->0xBA6A902A - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.

==========================================================================================

Keyboard

       IRP_MJ_CREATE - OK - 0xB27BCDD8 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLOSE - OK - 0xB27BCFE8 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_READ - OK - 0xB27BDC82 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0xB27BCD50 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - OK - 0xB27BEA44 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0xB27BE386 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_SHUTDOWN - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0xB27BCD0C - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_POWER - OK - 0xB27BF196 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_SYSTEM_CONTROL - OK - 0xB27BE844 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CHANGE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_PNP_POWER - OK - 0xB27BD798 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation

==========================================================================================

Mouclass

       IRP_MJ_CREATE - OK - 0xBACA8B7E - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLOSE - OK - 0xBACA8D8C - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_READ - OK - 0xBACA999A - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0xBACA8AF6 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - OK - 0xBACAA2C8 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0xBACAA086 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_SHUTDOWN - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0xBACA8AB2 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_POWER - OK - 0xBACAACD4 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_SYSTEM_CONTROL - OK - 0xBACAA790 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CHANGE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_PNP_POWER - OK - 0xBACA954E - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation

==========================================================================================

Classpnp

       IRP_MJ_CREATE - OK - 0xBA90EC30 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLOSE - OK - 0xBA90EC30 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_READ - OK - 0xBA908D9B - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0xBA908D9B - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0xBA909366 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - OK - 0xBA90944D - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0xBA90CFC3 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_SHUTDOWN - OK - 0xBA909366 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_POWER - OK - 0xBA90AEF3 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_SYSTEM_CONTROL - OK - 0xBA90FA24 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_DEVICE_CHANGE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_PNP_POWER - OK - 0xBA90ED15 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation

==========================================================================================

Atapi

       IRP_MJ_CREATE - atapi hook - 0x89E551F8->0xBA6A7C40 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLOSE - atapi hook - 0x89E551F8->0xBA6A7C40 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       IRP_MJ_READ - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - atapi hook - 0x89E551F8->0xBA6A7C40 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       IRP_MJ_INTERNAL_DEVICE_CONTROL - atapi hook - 0x89E551F8->0xBA6A7C40 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       IRP_MJ_SHUTDOWN - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_POWER - atapi hook - 0x89E551F8->0xBA6A7C40 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       IRP_MJ_SYSTEM_CONTROL - atapi hook - 0x89E551F8->0xBA6A7C40 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       IRP_MJ_DEVICE_CHANGE - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0x804F4282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_PNP_POWER - atapi hook - 0x89E551F8->0xBA6A7C40 - C:\WINDOWS\system32\drivers\sptd.sys - Duplex Secure Ltd.
       DriverStartIo - OK - 0xBA5FB7C6 - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation

==========================================================================================

Acpi

       IRP_MJ_CREATE - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_CLOSE - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_READ - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SHUTDOWN - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_POWER - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SYSTEM_CONTROL - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CHANGE - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_PNP_POWER - OK - 0xBA668CB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation

==========================================================================================

Scsi

       Nothing

==========================================================================================

Kernel Hook

       Inline - len(1) RtlPrefetchMemoryNonTemporal[ntkrnlpa.exe] - [0x80545664]->[-]
       Inline - len(4) NtDuplicateObject[ntkrnlpa.exe] - [0x805BC8E7]->[0xA5DAB890][C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys]
       Inline - len(5) ObInsertObject[ntkrnlpa.exe] - [0x805C1810]->[0xA78FE810][C:\WINDOWS\System32\Drivers\aswSP.SYS]
       Inline - len(5) ObMakeTemporaryObject[ntkrnlpa.exe] - [0x805BAEDA]->[0xA78FCCF6][C:\WINDOWS\System32\Drivers\aswSP.SYS]
       Inline - len(1) KiFastCallEntry[ntkrnlpa.exe] - [0x8054070A]->[-]
       Inline - len(7) NtCreateProcessEx[ntkrnlpa.exe] - [0x805CF966]->[0xA78FFE5A][C:\WINDOWS\System32\Drivers\aswSP.SYS]
       Inline - len(4) NtTerminateProcess[ntkrnlpa.exe] - [0x805D11BB]->[0xA5DABEB0][C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys]
       Inline - len(4) NtTerminateThread[ntkrnlpa.exe] - [0x805D13B9]->[0xA5DABEB0][C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503758]->[-]
       Inline - len(12) [ntkrnlpa.exe] - [0x80503778]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503798]->[-]
       Inline - len(16) [ntkrnlpa.exe] - [0x805037C0]->[-]
       Inline - len(12) [ntkrnlpa.exe] - [0x805037D8]->[-]
       Inline - len(20) [ntkrnlpa.exe] - [0x805037FC]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503818]->[-]
       Inline - len(20) [ntkrnlpa.exe] - [0x80503828]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503844]->[-]
       Inline - len(12) [ntkrnlpa.exe] - [0x80503850]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503880]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805038B8]->[-]
       Inline - len(16) [ntkrnlpa.exe] - [0x80503928]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503940]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503958]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805039B4]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805039C0]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805039F8]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503A04]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503A34]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503A64]->[-]
       Inline - len(12) [ntkrnlpa.exe] - [0x80503A80]->[-]
       Inline - len(8) [ntkrnlpa.exe] - [0x80503AF4]->[-]
       Inline - len(12) [ntkrnlpa.exe] - [0x80503B10]->[-]
       Inline - len(24) [ntkrnlpa.exe] - [0x80503B28]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503B4C]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503B64]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80503B88]->[-]
       Inline - len(18) [ntkrnlpa.exe] - [0x80544C5E]->[-]
       Inline - len(1) [ntkrnlpa.exe] - [0x80544C76]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805A4ECC]->[0xA783BA76][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(4) [ntkrnlpa.exe] - [0x805C9E6B]->[0xA5DAB670][C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys]
       Inline - len(4) [ntkrnlpa.exe] - [0x805CA0ED]->[0xA5DAB670][C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys]
       Iat - HAL.dll:WRITE_PORT_ULONG[PCIIDEX.SYS<=>0xBAB29900] - [0x806EAAC8]->[0xBA693232][C:\WINDOWS\system32\drivers\sptd.sys]
       Iat - HAL.dll:READ_PORT_UCHAR[PCIIDEX.SYS<=>0xBAB29918] - [0x806EAA44]->[0xBA692730][C:\WINDOWS\system32\drivers\sptd.sys]
       Iat - HAL.dll:WRITE_PORT_UCHAR[PCIIDEX.SYS<=>0xBAB2991C] - [0x806EAAAC]->[0xBA692F12][C:\WINDOWS\system32\drivers\sptd.sys]
       Iat - ntoskrnl.exe:DbgBreakPoint[USBPORT.SYS<=>0xB70698C0] - [0x8052A5CC]->[0x89C2D308]
       Inline - len(5) DllUnload[USBPORT.SYS] - [0xB706462C]->[0x89C2D1D8][->0xBA718FE2==>C:\WINDOWS\system32\drivers\sptd.sys]
       Iat - ntoskrnl.exe:DbgBreakPoint[SCSIPORT.SYS<=>0xB6F9A0B8] - [0x8052A5CC]->[0x89B3C308]
       Iat - HAL.dll:READ_PORT_UCHAR[i8042prt.sys<=>0xBA97B464] - [0x806EAA44]->[0xBA6A6F1E][C:\WINDOWS\system32\drivers\sptd.sys]
       Inline - len(5) [win32k.sys] - [0xBF808522]->[0xA5DAA770][C:\Documents and Settings\win-xp\Plocha\PCHunter32.sys]
       Inline - len(5) [win32k.sys] - [0xBF80BA4F]->[0xA783FB4C][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF80C235]->[0xA783FA3C][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF810175]->[0xA783F9F6][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF81C0A3]->[0xA783F0A8][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF827A40]->[0xA783E7C4][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF83331E]->[0xA783FCB6][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF839CB5]->[0xA783FEBE][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF843888]->[0xA783E688][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF849B03]->[0xA783E944][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF84AE7C]->[0xA783F090][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF854BF4]->[0xA783F8FC][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF857AD0]->[0xA783FBFE][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF87FFC9]->[0xA783EC1E][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF880052]->[0xA783EEE4][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF880DD6]->[0xA783E670][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8814CF]->[0xA783F0C0][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF884C65]->[0xA783FE1C][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF89ED1E]->[0xA783ECDE][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF89F83F]->[0xA783EE9E][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8BCD44]->[0xA783F182][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8CEEE3]->[0xA783E56A][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8DAA77]->[0xA783FA86][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8FAF04]->[0xA783E834][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF907C6D]->[0xA783F16A][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF908B12]->[0xA783EA1C][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF908D92]->[0xA783EB48][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF911AD9]->[0xA783E760][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF9126AD]->[0xA783E8F0][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF915007]->[0xA783EFFE][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF94290C]->[0xA783FD74][C:\WINDOWS\System32\Drivers\aswSnx.SYS]

==========================================================================================

PTE HOOK

       Nothing

==========================================================================================

Object Type

       CmpCloseKeyObject - CmpKeyObjectType - OK - 0x80635094 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpDeleteKeyObject - CmpKeyObjectType - OK - 0x80634F7A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpParseKey - CmpKeyObjectType - OK - 0x8062D27E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpSecurityMethod - CmpKeyObjectType - OK - 0x80634DDC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpQueryKeyName - CmpKeyObjectType - OK - 0x80634036 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopCloseFile - IoFileObjectType - OK - 0x805823AC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopDeleteFile - IoFileObjectType - OK - 0x8058268A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopParseFile - IoFileObjectType - OK - 0x8058229A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopGetSetSecurityObject - IoFileObjectType - OK - 0x80582A0E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopQueryName - IoFileObjectType - OK - 0x80581302 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopDeleteDriver - IoDriverObjectType - OK - 0x805822F2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - IoDriverObjectType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopDeleteDevice - IoDeviceObjectType - OK - 0x8058236C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopParseDevice - IoDeviceObjectType - OK - 0x8058146A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopGetSetSecurityObject - IoDeviceObjectType - OK - 0x80582A0E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopDeleteIoCompletion - IoCompletionObjectType - OK - 0x80576AC4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - IoCompletionObjectType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PspJobClose - PsJobType - OK - 0x805D504E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PspJobDelete - PsJobType - OK - 0x805D42BA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - PsJobType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PspThreadDelete - PsThreadType - OK - 0x805D0688 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - PsThreadType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PspProcessDelete - PsProcessType - OK - 0x805D0500 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - PsProcessType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ObpDeleteObjectType - ObpTypeObjectType - OK - 0x805BFD88 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - ObpTypeObjectType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - ObpDirectoryObjectType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ObpDeleteSymbolicLink - ObpSymbolicLinkObjectType - OK - 0x805C35BA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ObpParseSymbolicLink - ObpSymbolicLinkObjectType - OK - 0x805C3284 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - ObpSymbolicLinkObjectType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       MiSectionDelete - MmSectionObjectType - OK - 0x805A745C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - MmSectionObjectType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - ExEventObjectType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ExpDeleteMutant - ExMutantObjectType - OK - 0x80537FEC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - ExMutantObjectType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - ExSemaphoreObjectType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SepTokenDeleteMethod - SeTokenObjectType - OK - 0x805F6ABA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - SeTokenObjectType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       LpcpClosePort - LpcPortObjectType - OK - 0x805A52D4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       LpcpDeletePort - LpcPortObjectType - OK - 0x805A530C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - LpcPortObjectType - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - FilterCommunicationPort - OK - 0xBA5E8E1C - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       DeleteProcedure - FilterCommunicationPort - OK - 0xBA5E86A2 - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       SeDefaultObjectMethod - FilterCommunicationPort - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - Controller - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - Profile - OK - 0x80615846 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - Profile - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - EventPair - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       OpenProcedure - Desktop - OK - 0x8060B68C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - Desktop - OK - 0x8060B56A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - Desktop - OK - 0x8060B642 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - Desktop - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       OkayToCloseProcedure - Desktop - OK - 0x8060B5D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - Timer - OK - 0x80537A62 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - Timer - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       OpenProcedure - WindowStation - OK - 0x8060B68C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - WindowStation - OK - 0x8060B56A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - WindowStation - OK - 0x8060B642 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ParseProcedure - WindowStation - OK - 0x8060B700 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - WindowStation - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       OkayToCloseProcedure - WindowStation - OK - 0x8060B5D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - WmiGuid - OK - 0x80602062 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - WmiGuid - OK - 0x806020C0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - WmiGuid - OK - 0x806025BA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - KeyedEvent - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - DebugObject - OK - 0x80640B46 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - DebugObject - OK - 0x8056C6E4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - DebugObject - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - Adapter - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - WaitablePort - OK - 0x805A52D4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - WaitablePort - OK - 0x805A530C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - WaitablePort - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - Callback - OK - 0x8056C6E4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - Callback - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - FilterConnectionPort - OK - 0xBA5E86BC - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       DeleteProcedure - FilterConnectionPort - OK - 0xBA5E86DC - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       SeDefaultObjectMethod - FilterConnectionPort - OK - 0x805F6940 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x806353C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80635350 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x806353C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80635350 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x806353C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80635350 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x806353C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80635350 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x806353C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80635350 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x806353C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80635350 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x806353C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80635350 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x806353C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80635350 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x806353C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80635350 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x806353C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80635350 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x80635564 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x806353C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80635350 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x80635564 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x80639EBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x80639F0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x80639920 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063A46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063A346 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063A204 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation

==========================================================================================

IDT

       Divide error - 0x01 - OK - 0x80541190 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Debug - 0x01 - OK - 0x8054130C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Not used - 0x0B - idt hook - 0xBAB3C21E - unknown image - 
       Breakpoint - 0x01 - OK - 0x80541720 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Overflow - 0x01 - OK - 0x805418A0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Bounds check - 0x01 - OK - 0x80541A00 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Invalid opcode - 0x01 - OK - 0x80541B74 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Device not available - 0x01 - OK - 0x805421EC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Double fault - 0x0A - idt hook - 0xBAB3C208 - unknown image - 
       Coprocessor segment overrun - 0x01 - OK - 0x805425F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Invalid TSS - 0x01 - OK - 0x80542710 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Segment not present - 0x01 - OK - 0x80542850 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Stack segment fault - 0x01 - OK - 0x80542AB0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       General protection - 0x01 - OK - 0x80542D9C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Page Fault - 0x01 - OK - 0x80543498 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Floating-point error - 0x01 - OK - 0x805438F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Alignment check - 0x01 - OK - 0x80543A2C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Machine check - 0x14 - idt hook - 0x0A3788C0 - unknown image - 
       SIMD floating point exception - 0x01 - OK - 0x80543B94 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - 0x01 - OK - 0x806E410C - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       Not used - 0x01 - OK - 0x00000000 - - - 
       Not used - 0x01 - OK - 0x00000000 - - - 
       Not used - 0x01 - OK - 0x00000000 - - - 
       Not used - 0x01 - OK - 0x00000000 - - - 
       Not used - 0x01 - OK - 0x00000000 - - - 
       Not used - 0x01 - OK - 0x00000000 - - - 
       Not used - 0x01 - OK - 0x00000000 - - - 
       Not used - 0x01 - OK - 0x00000000 - - - 
       Not used - 0x01 - OK - 0x00000000 - - - 
       Not used - 0x01 - OK - 0x00000000 - - - 
       KiGetTickCount - 0x01 - OK - 0x805409BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiCallbackReturn - 0x01 - OK - 0x80540AC0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiSetLowWaitHighThread - 0x01 - OK - 0x80540C70 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiDebugService - 0x01 - OK - 0x805415FC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiSystemService - 0x01 - OK - 0x80540441 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved for APIC - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiStartUnexpectedRange - 0x01 - OK - 0x8053FB00 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt1 - 0x01 - OK - 0x8053FB0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt2 - 0x01 - OK - 0x8053FB14 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt3 - 0x01 - OK - 0x8053FB1E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt4 - 0x01 - OK - 0x8053FB28 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt5 - 0x01 - OK - 0x8053FB32 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt6 - 0x01 - OK - 0x8053FB3C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt7 - 0x01 - OK - 0x806E3864 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt8 - 0x01 - OK - 0x8053FB50 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt9 - 0x01 - OK - 0x8053FB5A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt10 - 0x01 - OK - 0x8053FB64 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt11 - 0x01 - OK - 0x8053FB6E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt12 - 0x01 - OK - 0x8053FB78 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt13 - 0x01 - OK - 0x806E4E2C - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt14 - 0x01 - OK - 0x8053FB8C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt15 - 0x01 - OK - 0x8053FB96 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt16 - 0x01 - OK - 0x8053FBA0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt17 - 0x01 - OK - 0x806E4C88 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt18 - 0x01 - OK - 0x8053FBB4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt19 - 0x01 - OK - 0x8053FBBE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt20 - 0x01 - OK - 0x8053FBC8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt21 - 0x01 - OK - 0x8053FBD2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt22 - 0x01 - OK - 0x8053FBDC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt23 - 0x01 - OK - 0x8053FBE6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt24 - 0x01 - OK - 0x8053FBF0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt25 - 0x01 - OK - 0x8053FBFA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt26 - 0x01 - OK - 0x8053FC04 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt27 - 0x01 - OK - 0x8053FC0E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt28 - 0x01 - OK - 0x8053FC18 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt29 - 0x01 - OK - 0x8053FC22 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt30 - 0x01 - OK - 0x8053FC2C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt31 - 0x01 - OK - 0x8053FC36 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt32 - 0x01 - OK - 0x806E393C - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt33 - 0x01 - OK - 0x8053FC4A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt34 - 0x01 - OK - 0x8053FC54 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt35 - 0x01 - OK - 0x8053FC5E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt36 - 0x01 - OK - 0x8053FC68 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt37 - 0x01 - OK - 0x8053FC72 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt38 - 0x01 - OK - 0x8053FC7C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt39 - 0x01 - OK - 0x8053FC86 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt40 - 0x01 - OK - 0x8053FC90 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt41 - 0x01 - OK - 0x8053FC9A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt42 - 0x01 - OK - 0x8053FCA4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt43 - 0x01 - OK - 0x8053FCAE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt44 - 0x01 - OK - 0x8053FCB8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt45 - 0x01 - OK - 0x8053FCC2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt46 - 0x01 - OK - 0x8053FCCC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt47 - 0x01 - OK - 0x8053FCD6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt48 - 0x01 - OK - 0x8053FCE0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt49 - 0x01 - OK - 0x8053FCEA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt50 - 0x01 - idt hook - 0x89E45E54 - unknown image - 
       KiUnexpectedInterrupt51 - 0x01 - idt hook - 0x89A4C2AC - unknown image - 
       KiUnexpectedInterrupt52 - 0x01 - OK - 0x8053FD08 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt53 - 0x01 - OK - 0x8053FD12 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt54 - 0x01 - OK - 0x8053FD1C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt55 - 0x01 - OK - 0x8053FD26 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt56 - 0x01 - OK - 0x8053FD30 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt57 - 0x01 - OK - 0x8053FD3A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt58 - 0x01 - OK - 0x8053FD44 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt59 - 0x01 - OK - 0x8053FD4E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt60 - 0x01 - OK - 0x8053FD58 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt61 - 0x01 - OK - 0x8053FD62 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt62 - 0x01 - OK - 0x8053FD6C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt63 - 0x01 - OK - 0x8053FD76 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt64 - 0x01 - OK - 0x8053FD80 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt65 - 0x01 - OK - 0x8053FD8A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt66 - 0x01 - OK - 0x8053FD94 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt67 - 0x01 - idt hook - 0x89B02E54 - unknown image - 
       KiUnexpectedInterrupt68 - 0x01 - OK - 0x8053FDA8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt69 - 0x01 - OK - 0x8053FDB2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt70 - 0x01 - OK - 0x8053FDBC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt71 - 0x01 - OK - 0x8053FDC6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt72 - 0x01 - OK - 0x8053FDD0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt73 - 0x01 - OK - 0x8053FDDA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt74 - 0x01 - OK - 0x8053FDE4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt75 - 0x01 - OK - 0x8053FDEE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt76 - 0x01 - OK - 0x8053FDF8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt77 - 0x01 - OK - 0x8053FE02 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt78 - 0x01 - OK - 0x8053FE0C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt79 - 0x01 - OK - 0x8053FE16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt80 - 0x01 - OK - 0x8053FE20 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt81 - 0x01 - OK - 0x8053FE2A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt82 - 0x01 - OK - 0x8053FE34 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt83 - 0x01 - idt hook - 0x89E4A3D4 - unknown image - 
       KiUnexpectedInterrupt84 - 0x01 - OK - 0x8053FE48 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt85 - 0x01 - OK - 0x8053FE52 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt86 - 0x01 - OK - 0x8053FE5C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt87 - 0x01 - OK - 0x8053FE66 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt88 - 0x01 - OK - 0x8053FE70 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt89 - 0x01 - OK - 0x8053FE7A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt90 - 0x01 - OK - 0x8053FE84 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt91 - 0x01 - OK - 0x8053FE8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt92 - 0x01 - OK - 0x8053FE98 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt93 - 0x01 - OK - 0x8053FEA2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt94 - 0x01 - OK - 0x8053FEAC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt95 - 0x01 - OK - 0x8053FEB6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt96 - 0x01 - OK - 0x8053FEC0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt97 - 0x01 - OK - 0x8053FECA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt98 - 0x01 - OK - 0x8053FED4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt99 - 0x01 - OK - 0x8053FEDE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt100 - 0x01 - idt hook - 0x89B07E54 - unknown image - 
       KiUnexpectedInterrupt101 - 0x01 - OK - 0x8053FEF2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt102 - 0x01 - OK - 0x8053FEFC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt103 - 0x01 - OK - 0x8053FF06 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt104 - 0x01 - OK - 0x8053FF10 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt105 - 0x01 - OK - 0x8053FF1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt106 - 0x01 - OK - 0x8053FF24 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt107 - 0x01 - OK - 0x8053FF2E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt108 - 0x01 - OK - 0x8053FF38 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt109 - 0x01 - OK - 0x8053FF42 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt110 - 0x01 - OK - 0x8053FF4C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt111 - 0x01 - OK - 0x8053FF56 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt112 - 0x01 - OK - 0x8053FF60 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt113 - 0x01 - OK - 0x8053FF6A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt114 - 0x01 - OK - 0x8053FF74 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt115 - 0x01 - idt hook - 0x89B1CAB4 - unknown image - 
       KiUnexpectedInterrupt116 - 0x01 - idt hook - 0x899C9E54 - unknown image - 
       KiUnexpectedInterrupt117 - 0x01 - OK - 0x8053FF92 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt118 - 0x01 - OK - 0x8053FF9C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt119 - 0x01 - OK - 0x8053FFA6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt120 - 0x01 - OK - 0x8053FFB0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt121 - 0x01 - OK - 0x8053FFBA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt122 - 0x01 - OK - 0x8053FFC4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt123 - 0x01 - OK - 0x8053FFCE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt124 - 0x01 - OK - 0x8053FFD8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt125 - 0x01 - OK - 0x8053FFE2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt126 - 0x01 - OK - 0x8053FFEC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt127 - 0x01 - OK - 0x8053FFF6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt128 - 0x01 - OK - 0x80540000 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt129 - 0x01 - idt hook - 0x89DC52AC - unknown image - 
       KiUnexpectedInterrupt130 - 0x01 - idt hook - 0x8971CE54 - unknown image - 
       KiUnexpectedInterrupt131 - 0x01 - OK - 0x8054001E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt132 - 0x01 - idt hook - 0x89B412AC - unknown image - 
       KiUnexpectedInterrupt133 - 0x01 - OK - 0x80540032 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt134 - 0x01 - OK - 0x8054003C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt135 - 0x01 - OK - 0x80540046 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt136 - 0x01 - OK - 0x80540050 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt137 - 0x01 - OK - 0x8054005A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt138 - 0x01 - OK - 0x80540064 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt139 - 0x01 - OK - 0x8054006E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt140 - 0x01 - OK - 0x80540078 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt141 - 0x01 - OK - 0x80540082 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt142 - 0x01 - OK - 0x8054008C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt143 - 0x01 - OK - 0x80540096 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt144 - 0x01 - OK - 0x805400A0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt145 - 0x01 - OK - 0x806E3AC0 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt146 - 0x01 - OK - 0x805400B4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt147 - 0x01 - OK - 0x805400BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt148 - 0x01 - OK - 0x805400C8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt149 - 0x01 - OK - 0x805400D2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt150 - 0x01 - OK - 0x805400DC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt151 - 0x01 - OK - 0x805400E6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt152 - 0x01 - OK - 0x805400F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt153 - 0x01 - OK - 0x805400FA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt154 - 0x01 - OK - 0x80540104 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt155 - 0x01 - OK - 0x8054010E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt156 - 0x01 - OK - 0x80540118 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt157 - 0x01 - OK - 0x80540122 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt158 - 0x01 - OK - 0x8054012C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt159 - 0x01 - OK - 0x80540136 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt160 - 0x01 - OK - 0x80540140 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt161 - 0x01 - OK - 0x806E32A0 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt162 - 0x01 - OK - 0x80540154 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt163 - 0x01 - OK - 0x8054015E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt164 - 0x01 - OK - 0x80540168 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt165 - 0x01 - OK - 0x80540172 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt166 - 0x01 - OK - 0x8054017C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt167 - 0x01 - OK - 0x80540186 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt168 - 0x01 - OK - 0x80540190 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt169 - 0x01 - OK - 0x8054019A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt170 - 0x01 - OK - 0x805401A4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt171 - 0x01 - OK - 0x805401AE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt172 - 0x01 - OK - 0x805401B8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt173 - 0x01 - OK - 0x805401C2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt174 - 0x01 - OK - 0x805401CC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt175 - 0x01 - OK - 0x805401D6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt176 - 0x01 - OK - 0x805401E0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt177 - 0x01 - OK - 0x806E4048 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt178 - 0x01 - OK - 0x805401F4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt179 - 0x01 - OK - 0x806E3DAC - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt180 - 0x01 - OK - 0x80540208 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt181 - 0x01 - OK - 0x80540212 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt182 - 0x01 - OK - 0x8054021C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt183 - 0x01 - OK - 0x80540226 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt184 - 0x01 - OK - 0x80540230 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt185 - 0x01 - OK - 0x8054023A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt186 - 0x01 - OK - 0x80540244 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt187 - 0x01 - OK - 0x8054024E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt188 - 0x01 - OK - 0x80540258 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt189 - 0x01 - OK - 0x80540262 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt190 - 0x01 - OK - 0x80540269 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt191 - 0x01 - OK - 0x80540270 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt192 - 0x01 - OK - 0x80540277 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt193 - 0x01 - OK - 0x8054027E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt194 - 0x01 - OK - 0x80540285 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt195 - 0x01 - OK - 0x8054028C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt196 - 0x01 - OK - 0x80540293 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt197 - 0x01 - OK - 0x8054029A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt198 - 0x01 - OK - 0x805402A1 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt199 - 0x01 - OK - 0x805402A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt200 - 0x01 - OK - 0x805402AF - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt201 - 0x01 - OK - 0x805402B6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt202 - 0x01 - OK - 0x805402BD - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt203 - 0x01 - OK - 0x805402C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt204 - 0x01 - OK - 0x805402CB - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt205 - 0x01 - OK - 0x806E45A8 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt206 - 0x01 - OK - 0x806E4748 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt207 - 0x01 - OK - 0x805402E0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation

==========================================================================================

Message Hook

       csrss.exe - C:\Windows\system32\csrss.exe - WH_MSGFILTER - winsrv.dll
       AvastUI.exe - C:\Program Files\AVAST Software\Avast\AvastUI.exe - WH_MSGFILTER - mfc90u.dll
       FsUsbExService.Exe - C:\Windows\system32\FsUsbExService.Exe - WH_MSGFILTER - FsUsbExService.Exe
       explorer.exe - C:\Windows\explorer.exe - WH_MOUSE - shell32.dll
       GoogleToolbarNotifier.exe - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - WH_MOUSE - MSCTF.dll
       GoogleToolbarNotifier.exe - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - WH_KEYBOARD - MSCTF.dll
       AdobeARM.exe - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - WH_MSGFILTER - AdobeARM.exe
       ctfmon.exe - C:\Windows\system32\ctfmon.exe - WH_SHELL - MSCTF.dll
       ctfmon.exe - C:\Windows\system32\ctfmon.exe - WH_GETMESSAGE - MSCTF.dll
       ctfmon.exe - C:\Windows\system32\ctfmon.exe - WH_CBT - MSCTF.dll
       msmsgs.exe - C:\Program Files\Messenger\msmsgs.exe - WH_KEYBOARD - MSCTF.dll
       msmsgs.exe - C:\Program Files\Messenger\msmsgs.exe - WH_MOUSE - MSCTF.dll
       ctfmon.exe - C:\Windows\system32\ctfmon.exe - WH_KEYBOARD - MSCTF.dll
       ctfmon.exe - C:\Windows\system32\ctfmon.exe - WH_MOUSE - MSCTF.dll
       NPSAgent.exe - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe - WH_MSGFILTER - mfc80u.dll
       hpqtra08.exe - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - WH_KEYBOARD - MSCTF.dll
       hpqtra08.exe - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - WH_MOUSE - MSCTF.dll
       NPSAgent.exe - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe - WH_KEYBOARD - MSCTF.dll
       NPSAgent.exe - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe - WH_MOUSE - MSCTF.dll
       NPSAgent.exe - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe - WH_CBT - mfc80u.dll
       RTHDCPL.exe - C:\Windows\RTHDCPL.exe - WH_MOUSE - MSCTF.dll
       RTHDCPL.exe - C:\Windows\RTHDCPL.exe - WH_KEYBOARD - MSCTF.dll
       AvastUI.exe - C:\Program Files\AVAST Software\Avast\AvastUI.exe - WH_KEYBOARD - MSCTF.dll
       AvastUI.exe - C:\Program Files\AVAST Software\Avast\AvastUI.exe - WH_MOUSE - MSCTF.dll
       AvastUI.exe - C:\Program Files\AVAST Software\Avast\AvastUI.exe - WH_CBT - mfc90u.dll
       explorer.exe - C:\Windows\explorer.exe - WH_KEYBOARD - MSCTF.dll
       explorer.exe - C:\Windows\explorer.exe - WH_KEYBOARD - shell32.dll
       explorer.exe - C:\Windows\explorer.exe - WH_MOUSE - MSCTF.dll
       hpcmpmgr.exe - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe - WH_KEYBOARD - MSCTF.dll
       explorer.exe - C:\Windows\explorer.exe - WH_MOUSE - MSCTF.dll
       hpcmpmgr.exe - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe - WH_MOUSE - MSCTF.dll
       explorer.exe - C:\Windows\explorer.exe - WH_KEYBOARD - MSCTF.dll
       GoogleToolbarNotifier.exe - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - WH_KEYBOARD - MSCTF.dll
       GoogleToolbarNotifier.exe - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - WH_MOUSE - MSCTF.dll
       hpqgalry.exe - C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe - WH_KEYBOARD - MSCTF.dll
       PCHunter32.exe - C:\Documents and Settings\win-xp\Plocha\PCHunter32.exe - WH_MSGFILTER - PCHunter32.exe
       AdobeARM.exe - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - WH_KEYBOARD - MSCTF.dll
       explorer.exe - C:\Windows\explorer.exe - WH_MOUSE - MSCTF.dll
       explorer.exe - C:\Windows\explorer.exe - WH_KEYBOARD - MSCTF.dll
       hpqgalry.exe - C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe - WH_MOUSE - MSCTF.dll
       hpqtra08.exe - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - WH_KEYBOARD - MSCTF.dll
       hpqtra08.exe - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - WH_MOUSE - MSCTF.dll
       hpqtra08.exe - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - WH_KEYBOARD - MSCTF.dll
       hpqtra08.exe - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - WH_MOUSE - MSCTF.dll
       hpqtra08.exe - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - WH_CBT - mfc42.dll
       hpqtra08.exe - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - WH_KEYBOARD - MSCTF.dll
       hpqtra08.exe - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - WH_MOUSE - MSCTF.dll
       hpqgalry.exe - C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe - WH_CBT - MFC71.DLL
       explorer.exe - C:\Windows\explorer.exe - WH_KEYBOARD - MSCTF.dll
       AdobeARM.exe - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - WH_MSGFILTER - AdobeARM.exe
       AdobeARM.exe - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - WH_CBT - AdobeARM.exe
       AdobeARM.exe - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - WH_MOUSE - MSCTF.dll
       explorer.exe - C:\Windows\explorer.exe - WH_MOUSE - shell32.dll
       PCHunter32.exe - C:\Documents and Settings\win-xp\Plocha\PCHunter32.exe - WH_CBT - PCHunter32.exe
       explorer.exe - C:\Windows\explorer.exe - WH_MOUSE - MSCTF.dll

==========================================================================================

Process Hook

      Image File Name[1688 spoolsv.exe]Process Hook
             Iat - spoolsv.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSACM32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[1876 browsemngr.exe]Process Hook
             Iat - browsemngr.exe->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - browsemngr.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             inline - len(5) ntdll.dll->LdrLoadDll - 0x7C9161CA->0x01661C10[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->NtCreateDirectoryObject - 0x7C90D643->0x01661670[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->NtCreateFile - 0x7C90D682->0x01661570[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->NtDeleteFile - 0x7C90D88F->0x016615F0[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->NtOpenDirectoryObject - 0x7C90DCBE->0x016616B0[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->NtOpenFile - 0x7C90DCFD->0x01661620[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->NtTerminateProcess - 0x7C90E88E->0x01662370[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->ZwCreateDirectoryObject - 0x7C90D643->0x01661670[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->ZwCreateFile - 0x7C90D682->0x01661570[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->ZwDeleteFile - 0x7C90D88F->0x016615F0[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->ZwOpenDirectoryObject - 0x7C90DCBE->0x016616B0[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->ZwOpenFile - 0x7C90DCFD->0x01661620[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->ZwTerminateProcess - 0x7C90E88E->0x01662370[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x018196F0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x01819680[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x01818F00[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x01819830[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0181D790[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x0181D580[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0181D6D0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x0181D5F0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x0181D660[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x0181D510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x01818EE0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x01819770[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x01818EC0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x0181D4A0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x0181D860[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x01819460[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x01818EC0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x0181D510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x0181D660[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x0181D5F0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x0181D860[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x0181D4A0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0181D6D0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0181D790[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x0181D580[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x018144C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x01819680[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x01818F00[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0181D6D0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0181D790[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x018196F0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x0181D510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0181D6D0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x01819680[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x01818F00[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0181D790[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x01819830[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x01818EC0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x0181D4A0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x01818F00[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x018196F0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x01819770[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x01818EE0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x01819460[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x01819830[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x0181D860[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x0181D510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x0181D810[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x0181D580[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x0181D5F0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0181D6D0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x0181D660[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x01819680[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0181D790[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             inline - len(5) ADVAPI32.dll->RegDeleteKeyW - 0x77DE9884->0x01663590[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ADVAPI32.dll->RegDeleteValueW - 0x77DCEEF1->0x01663530[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(7) ADVAPI32.dll->RegSetValueExW - 0x77DCD7CC->0x01663100[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ADVAPI32.dll->RegSetValueW - 0x77E25FC2->0x01663240[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x01818EE0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x01819770[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x0181D790[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x01819830[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0181D6D0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x0181D790[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x0181D810[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x0181D860[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x0181D660[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x0181D4A0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x0181D580[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x01818F00[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x018196F0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x018196F0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x0181D5F0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x0181D660[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0181D6D0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x0181D810[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x01819680[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x0181D790[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - WTSAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x018196F0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x01819680[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0181D790[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - WINHTTP.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - WINHTTP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - win32c~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - win32c~1.dll->ntdll.dll:NtClose - 0x7C90D586->0x0181D790[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - win32prop.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - win32prop.dll->ntdll.dll:NtClose - 0x7C90D586->0x0181D790[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - win32prop.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x01818F00[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - NTMARTA.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x018196F0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - NTMARTA.DLL->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x01819680[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - NTMARTA.DLL->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x01818F00[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - NTMARTA.DLL->ntdll.dll:NtClose - 0x7C90D586->0x0181D790[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - NTMARTA.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - WLDAP32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - browsemngr.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - browsemngr.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x01819510[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x01819770[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x018194C0[C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll]

------------------------------------------------------------------------------------------

      Image File Name[2028 nvsvc32.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) kernel32.dll - 0x7C8678BC->_

------------------------------------------------------------------------------------------

      Image File Name[1476 AvastSvc.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(4) kernel32.dll->SetUnhandledExceptionFilter - 0x7C810386->_
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryExW - 0x7C801AF1->0x64C8F6D0[C:\Program Files\AVAST Software\Avast\aswCmnBS.dll]
             Eat - algo.dll->engine_GlobalGetParameter - 0x63480DF0->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             Eat - algo.dll->engine_GlobalSetParameter - 0x63480F30->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             Eat - algo.dll->engine_GlobalSetParameters - 0x6347FB90->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             Eat - algo.dll->engine_GlobalStart - 0x6347FBA0->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             Eat - algo.dll->engine_GlobalStop - 0x63480450->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             Eat - algo.dll->engine_LoadUpdate - 0x634813D0->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             Eat - algo.dll->engine_Runner - 0x63481130->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             Eat - algo.dll->engine_SiteCorrect - 0x63481390->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             Eat - algo.dll->engine_ThreadGetParameter - 0x63480CC0->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             Eat - algo.dll->engine_ThreadSetParameter - 0x63480DA0->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             Eat - algo.dll->engine_ThreadSetParameters - 0x6347FB90->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             Eat - algo.dll->engine_ThreadStart - 0x634804D0->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             Eat - algo.dll->engine_ThreadStop - 0x63480880->0x63400000[C:\Program Files\AVAST Software\Avast\defs\13020900\algo.dll]
             inline - len(3) algo.dll - 0x63402000->_
             inline - len(78) algo.dll - 0x63416072->_
             inline - len(78) algo.dll - 0x634162B2->_
             inline - len(77) algo.dll - 0x63416F1F->_
             inline - len(2) algo.dll - 0x63417098->_
             inline - len(7) algo.dll - 0x6342BBCF->_
             inline - len(7) algo.dll - 0x6343F6F9->_
             inline - len(10) algo.dll - 0x6344D5F3->_
             inline - len(31) algo.dll - 0x63481227->_
             inline - len(27) algo.dll - 0x634962BA->_
             inline - len(79) algo.dll - 0x634962DA->_
             inline - len(28) algo.dll - 0x634A98D8->_
             inline - len(25) algo.dll - 0x634A9961->_
             inline - len(68) algo.dll - 0x634A997F->_
             inline - len(28) algo.dll - 0x634A99C8->_
             inline - len(9) algo.dll - 0x634C96C9->_
             inline - len(9) algo.dll - 0x634C96D7->_
             inline - len(63) algo.dll - 0x634C96E5->_
             inline - len(4) algo.dll - 0x634C97CC->_
             inline - len(4) algo.dll - 0x634D07D9->_

------------------------------------------------------------------------------------------

      Image File Name[564 svchost.exe]Process Hook
             Iat - svchost.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - svchost.exe->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - svchost.exe->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSACM32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - setupapi.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - setupapi.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - setupapi.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CLBCATQ.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[896 lsass.exe]Process Hook
             Iat - lsass.exe->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - LSASRV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SAMSRV.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SAMSRV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SAMSRV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SAMSRV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SAMSRV.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SAMSRV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SAMSRV.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SAMSRV.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SAMSRV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SAMSRV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - DNSAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2_32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSASN1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MPR.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NTDSAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WLDAP32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSACM32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[2100 hpcmpmgr.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) kernel32.dll - 0x7C8678BC->_

------------------------------------------------------------------------------------------

      Image File Name[244 c2c_service.exe]Process Hook
             Iat - c2c_service.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - c2c_service.exe->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - msi.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - IPHLPAPI.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - IPHLPAPI.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - IPHLPAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2_32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINTRUST.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINTRUST.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CRYPT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSASN1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - IMAGEHLP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINHTTP.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINHTTP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CLBCATQ.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[1180 svchost.exe]Process Hook
             Iat - svchost.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - svchost.exe->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - svchost.exe->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSACM32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[884 services.exe]Process Hook
             Iat - services.exe->ADVAPI32.dll:CreateProcessAsUserW - 0x77DE7775->0x00740002
             Iat - services.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->KERNEL32.dll:CreateProcessW - 0x7C802332->0x00740000
             Iat - services.exe->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtDeleteFile - 0x7C90D88F->0x100097E0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - services.exe->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SCESRV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SCESRV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SCESRV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AUTHZ.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AUTHZ.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AUTHZ.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AUTHZ.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - umpnpmgr.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - umpnpmgr.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSACM32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[1952 jqs.exe]Process Hook
             Iat - jqs.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - WS2_32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSVCR100.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSVCR100.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - user32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - user32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - user32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - user32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - user32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - user32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - user32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - user32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - user32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - user32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - user32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) user32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - wshtcpip.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - wshtcpip.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NTMARTA.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NTMARTA.DLL->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NTMARTA.DLL->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NTMARTA.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NTMARTA.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SETUPAPI.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SETUPAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SETUPAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[620 wdfmgr.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SETUPAPI.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SETUPAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SETUPAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINTRUST.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINTRUST.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[2176 PCHunter32.exe]Process Hook
             inline - len(5) ntdll.dll->LdrLoadDll - 0x7C9161CA->0x003D01F8
             inline - len(5) ntdll.dll->LdrUnloadDll - 0x7C91718B->0x003D03FC
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(5) KERNEL32.dll->LoadLibraryExW - 0x7C801AF1->0x00430E70[C:\Documents and Settings\win-xp\Plocha\PCHunter32.exe]
             inline - len(1) KERNEL32.dll - 0x7C8678BC->_
             inline - len(5) USER32.dll->SetWinEventHook - 0x77D5E3D3->0x00FE01F8
             inline - len(5) USER32.dll->SetWindowsHookExA - 0x77D602B2->0x00FE0600
             inline - len(5) USER32.dll->SetWindowsHookExW - 0x77D5E621->0x00FE0804
             inline - len(5) USER32.dll->UnhookWinEvent - 0x77D5E544->0x00FE03FC
             inline - len(5) USER32.dll->UnhookWindowsHookEx - 0x77D5F29F->0x00FE0A08
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2A - 0x77E26F61->0x01190C0C
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2W - 0x77E26FE9->0x01190E10
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigA - 0x77E26CC9->0x01190804
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigW - 0x77E26E61->0x01190A08
             inline - len(5) ADVAPI32.dll->CreateServiceA - 0x77E27071->0x011901F8
             inline - len(5) ADVAPI32.dll->CreateServiceW - 0x77E27209->0x011903FC
             inline - len(5) ADVAPI32.dll->DeleteService - 0x77E27311->0x01190600
             inline - len(5) ADVAPI32.dll->SetServiceObjectSecurity - 0x77E26BE1->0x01191014

------------------------------------------------------------------------------------------

      Image File Name[764 smss.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_

------------------------------------------------------------------------------------------

      Image File Name[812 csrss.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) KERNEL32.dll - 0x7C8678BC->_

------------------------------------------------------------------------------------------

      Image File Name[836 winlogon.exe]Process Hook
             Iat - winlogon.exe->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - winlogon.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - winlogon.exe->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - winlogon.exe->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - winlogon.exe->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - winlogon.exe->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - winlogon.exe->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - winlogon.exe->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AUTHZ.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AUTHZ.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AUTHZ.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AUTHZ.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CRYPT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSASN1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - REGAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - REGAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SETUPAPI.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SETUPAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SETUPAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINTRUST.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINTRUST.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - IMAGEHLP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2_32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[1064 svchost.exe]Process Hook
             Iat - svchost.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - svchost.exe->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - svchost.exe->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSACM32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[1616 explorer.exe]Process Hook
             Iat - Explorer.EXE->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Explorer.EXE->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - BROWSEUI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - BROWSEUI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHDOCVW.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHDOCVW.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CRYPT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSASN1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CRYPTUI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CRYPTUI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINTRUST.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINTRUST.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - IMAGEHLP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WININET.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WININET.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WLDAP32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSACM32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[1136 svchost.exe]Process Hook
             Iat - svchost.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - svchost.exe->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - svchost.exe->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSACM32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[1272 svchost.exe]Process Hook
             Iat - svchost.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - svchost.exe->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - svchost.exe->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSACM32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[1304 svchost.exe]Process Hook
             Iat - svchost.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - svchost.exe->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - svchost.exe->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSACM32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[2152 AdobeARM.exe]Process Hook
             Iat - AdobeARM.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AdobeARM.exe->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - msi.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WININET.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WININET.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CRYPT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSASN1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - COMDLG32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - COMDLG32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - COMCTL32.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - COMCTL32.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINSPOOL.DRV->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINSPOOL.DRV->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - urlmon.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - urlmon.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINTRUST.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINTRUST.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - IMAGEHLP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - uxtheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CLBCATQ.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mlang.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mlang.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2_32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - mswsock.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - hnetcfg.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - wshtcpip.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - wshtcpip.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - netapi32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - netapi32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - netapi32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - netapi32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - netapi32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - schannel.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - schannel.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - schannel.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RASAPI32.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RASAPI32.DLL->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RASAPI32.DLL->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RASAPI32.DLL->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RASAPI32.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RASAPI32.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rasman.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rasman.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rtutils.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rtutils.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - iphlpapi.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - iphlpapi.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - iphlpapi.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rasadhlp.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rasadhlp.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - DNSAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rsaenh.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rsaenh.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rsaenh.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - dssenh.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - dssenh.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - dssenh.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[1792 browsemngr.exe]Process Hook
             inline - len(5) ntdll.dll->LdrLoadDll - 0x7C9161CA->0x013E1C10[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->NtCreateDirectoryObject - 0x7C90D643->0x013E1670[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->NtCreateFile - 0x7C90D682->0x013E1570[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->NtDeleteFile - 0x7C90D88F->0x013E15F0[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->NtOpenDirectoryObject - 0x7C90DCBE->0x013E16B0[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->NtOpenFile - 0x7C90DCFD->0x013E1620[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->NtTerminateProcess - 0x7C90E88E->0x013E2370[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->ZwCreateDirectoryObject - 0x7C90D643->0x013E1670[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->ZwCreateFile - 0x7C90D682->0x013E1570[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->ZwDeleteFile - 0x7C90D88F->0x013E15F0[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->ZwOpenDirectoryObject - 0x7C90DCBE->0x013E16B0[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->ZwOpenFile - 0x7C90DCFD->0x013E1620[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ntdll.dll->ZwTerminateProcess - 0x7C90E88E->0x013E2370[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             inline - len(5) ADVAPI32.dll->RegDeleteKeyW - 0x77DE9884->0x013E3590[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ADVAPI32.dll->RegDeleteValueW - 0x77DCEEF1->0x013E3530[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(7) ADVAPI32.dll->RegSetValueExW - 0x77DCD7CC->0x013E3100[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) ADVAPI32.dll->RegSetValueW - 0x77E25FC2->0x013E3240[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) WS2_32.dll->bind - 0x71A93E00->0x013E1900[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) WS2_32.dll->connect - 0x71A9406A->0x013E1900[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) WS2_32.dll->listen - 0x71A988D3->0x013E18F0[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) WS2_32.dll->socket - 0x71A93B91->0x013E1900[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(5) WS2_32.dll->WSAConnect - 0x71AA0C69->0x013E1910[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(7) WS2_32.dll->WSASocketW - 0x71A939CB->0x013E1940[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]
             inline - len(7) WS2_32.dll->WSAStartup - 0x71A9664D->0x013E1950[c:\docume~1\alluse~1\dataap~1\wincert\win32prop.dll]

------------------------------------------------------------------------------------------

      Image File Name[1836 FsUsbExService.Exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) kernel32.dll - 0x7C8678BC->_

------------------------------------------------------------------------------------------

      Image File Name[1924 PDVDServ.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) kernel32.dll - 0x7C8678BC->_

------------------------------------------------------------------------------------------

      Image File Name[1984 RTHDCPL.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) kernel32.dll - 0x7C8678BC->_

------------------------------------------------------------------------------------------

      Image File Name[3076 hpqgalry.exe]Process Hook
             C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe - Hijack on Module File
             inline - len(5) ntdll.dll->LdrLoadDll - 0x7C9161CA->0x003C01F8
             inline - len(5) ntdll.dll->LdrUnloadDll - 0x7C91718B->0x003C03FC
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - snxhk.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - snxhk.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) KERNEL32.dll - 0x7C8678BC->_
             Iat - mscoree.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2A - 0x77E26F61->0x00030C0C
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2W - 0x77E26FE9->0x00030E10
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigA - 0x77E26CC9->0x00030804
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigW - 0x77E26E61->0x00030A08
             inline - len(5) ADVAPI32.dll->CreateServiceA - 0x77E27071->0x000301F8
             inline - len(5) ADVAPI32.dll->CreateServiceW - 0x77E27209->0x000303FC
             inline - len(5) ADVAPI32.dll->DeleteService - 0x77E27311->0x00030600
             inline - len(5) ADVAPI32.dll->SetServiceObjectSecurity - 0x77E26BE1->0x00031014
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->SetWinEventHook - 0x77D5E3D3->0x00B001F8
             inline - len(5) USER32.dll->SetWindowsHookExA - 0x77D602B2->0x00B00600
             inline - len(5) USER32.dll->SetWindowsHookExW - 0x77D5E621->0x00B00804
             inline - len(5) USER32.dll->UnhookWinEvent - 0x77D5E544->0x00B003FC
             inline - len(5) USER32.dll->UnhookWindowsHookEx - 0x77D5F29F->0x00B00A08
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) mscorwks.dll - 0x791B193B->_
             inline - len(1) mscorwks.dll - 0x791B1975->_
             inline - len(1) mscorwks.dll - 0x791B19CA->_
             inline - len(1) mscorwks.dll - 0x791B1A5F->_
             inline - len(1) mscorwks.dll - 0x791B1A9C->_
             inline - len(1) mscorwks.dll - 0x791B1ACF->_
             inline - len(1) mscorwks.dll - 0x791B1B5C->_
             inline - len(1) mscorwks.dll - 0x791B1B6E->_
             inline - len(1) mscorwks.dll - 0x791B1BB7->_
             inline - len(1) mscorwks.dll - 0x791B1BF0->_
             inline - len(1) mscorwks.dll - 0x791B1C45->_
             c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll - Hijack on Module File
             c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9aa4175d\mscorlib.dll - Hijack on Module File
             Iat - rsaenh.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rsaenh.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rsaenh.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             c:\windows\assembly\gac\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll - Hijack on Module File
             c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll - Hijack on Module File
             c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_c10b5b9f\system.windows.forms.dll - Hijack on Module File
             c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll - Hijack on Module File
             c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_522428cf\system.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll - Hijack on Module File
             c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll - Hijack on Module File
             c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_6cb1aad3\system.drawing.dll - Hijack on Module File
             c:\program files\hp\digital imaging\bin\cs\hpqgalry.resources.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll - Hijack on Module File
             c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll - Hijack on Module File
             Iat - CLBCATQ.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll - Hijack on Module File
             c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_de9d4252\system.xml.dll - Hijack on Module File
             c:\windows\assembly\gac\lead\13.0.0.66__9cf889f53ea9b907\lead.dll - Hijack on Module File
             c:\windows\assembly\gac\lead.wrapper\13.0.0.66__9cf889f53ea9b907\lead.wrapper.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqtray.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqtray.resources.dll - Hijack on Module File
             c:\windows\assembly\gac\lead.windows.forms\13.0.0.66__9cf889f53ea9b907\lead.windows.forms.dll - Hijack on Module File
             c:\windows\assembly\gac\lead.drawing\13.0.0.66__9cf889f53ea9b907\lead.drawing.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqfmrsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqfmrsc.resources.dll - Hijack on Module File
             c:\windows\assembly\gac\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll - Hijack on Module File
             Iat - msi.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SXS.DLL->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SXS.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SXS.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             c:\windows\assembly\gac\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll - Hijack on Module File
             c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll - Hijack on Module File
             c:\program files\hp\digital imaging\bin\hpqmirsc.dll - Hijack on Module File
             c:\program files\hp\digital imaging\bin\cs\hpqmirsc.resources.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqietpz.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqietpz.resources.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_cs_a53cf5803f4c3827\hpqcprsc.resources.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_cs_a53cf5803f4c3827\hpqisrtb.resources.dll - Hijack on Module File
             c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll - Hijack on Module File

------------------------------------------------------------------------------------------

      Image File Name[2076 rundll32.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) kernel32.dll - 0x7C8678BC->_

------------------------------------------------------------------------------------------

      Image File Name[2088 hpwuSchd2.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) kernel32.dll - 0x7C8678BC->_

------------------------------------------------------------------------------------------

      Image File Name[2168 DATAMN~1.EXE]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) kernel32.dll - 0x7C8678BC->_

------------------------------------------------------------------------------------------

      Image File Name[2184 AvastUI.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryExW - 0x7C801AF1->0x64C8F6D0[C:\Program Files\AVAST Software\Avast\aswCmnBS.dll]

------------------------------------------------------------------------------------------

      Image File Name[2220 ctfmon.exe]Process Hook
             Iat - ctfmon.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSCTF.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSCTF.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSUTB.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSACM32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[2284 msmsgs.exe]Process Hook
             Iat - msmsgs.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msmsgs.exe->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2_32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - COMCTL32.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - COMCTL32.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comdlg32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comdlg32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - gdiplus.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - gdiplus.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WININET.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WININET.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CRYPT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSASN1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - iphlpapi.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - iphlpapi.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - iphlpapi.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CLBCATQ.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SXS.DLL->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SXS.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SXS.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - wtsapi32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - credui.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - credui.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - urlmon.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - urlmon.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[2320 GoogleToolbarNotifier.exe]Process Hook
             Iat - GoogleToolbarNotifier.exe->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GoogleToolbarNotifier.exe->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - kernel32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x009096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x00909680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x00908F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x00909830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x0090D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0090D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x0090D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x0090D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x0090D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x00908EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x00909770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x00908EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x0090D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x0090D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - kernel32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x00909460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) kernel32.dll - 0x7C8678BC->_
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x00908EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x0090D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x00908F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x009096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x00909770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x00908EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x00909460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x00909830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x0090D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x0090D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x0090D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x0090D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x0090D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0090D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x0090D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x00909680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x00908EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x00909770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - gtn.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - gtn.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x00908EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x0090D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x0090D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x0090D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x0090D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x0090D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0090D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x0090D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x009044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x00909680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x00908F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0090D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - IPHLPAPI.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x009096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - IPHLPAPI.DLL->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - IPHLPAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2_32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x00909680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x009096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x00909770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RASAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RASAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x0090D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RASAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0090D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RASAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x0090D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RASAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RASAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rasman.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rasman.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x009096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x00909680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - TAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rtutils.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rtutils.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x0090D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x0090D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0090D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WININET.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WININET.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CRYPT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSASN1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x00909830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0090D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x0090D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x0090D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwOpenKey - 0x7C90DD3C->0x0090D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x0090D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x0090D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x0090D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x00908F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x009096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x009096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x0090D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0090D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x00909680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x00908F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x00909830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x009096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x0090D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x0090D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0090D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x0090D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x00909680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - secur32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - secur32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - secur32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x0090D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x0090D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x0090D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x0090D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x0090D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - msv1_0.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - swg.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - swg.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CLBCATQ.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rsaenh.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rsaenh.dll->ntdll.dll:NtClose - 0x7C90D586->0x0090D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - rsaenh.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x009096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SXS.DLL->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x0090D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SXS.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SXS.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x009094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MPRAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x00909510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

------------------------------------------------------------------------------------------

      Image File Name[2392 NPSAgent.exe]Process Hook
             inline - len(5) ntdll.dll->LdrLoadDll - 0x7C9161CA->0x003D01F8
             inline - len(5) ntdll.dll->LdrUnloadDll - 0x7C91718B->0x003D03FC
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) KERNEL32.dll - 0x7C8678BC->_
             inline - len(5) USER32.dll->SetWinEventHook - 0x77D5E3D3->0x009E01F8
             inline - len(5) USER32.dll->SetWindowsHookExA - 0x77D602B2->0x009E0600
             inline - len(5) USER32.dll->SetWindowsHookExW - 0x77D5E621->0x009E0804
             inline - len(5) USER32.dll->UnhookWinEvent - 0x77D5E544->0x009E03FC
             inline - len(5) USER32.dll->UnhookWindowsHookEx - 0x77D5F29F->0x009E0A08
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2A - 0x77E26F61->0x00930C0C
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2W - 0x77E26FE9->0x00930E10
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigA - 0x77E26CC9->0x00930804
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigW - 0x77E26E61->0x00930A08
             inline - len(5) ADVAPI32.dll->CreateServiceA - 0x77E27071->0x009301F8
             inline - len(5) ADVAPI32.dll->CreateServiceW - 0x77E27209->0x009303FC
             inline - len(5) ADVAPI32.dll->DeleteService - 0x77E27311->0x00930600
             inline - len(5) ADVAPI32.dll->SetServiceObjectSecurity - 0x77E26BE1->0x00931014

------------------------------------------------------------------------------------------

      Image File Name[2472 hpqtra08.exe]Process Hook
             inline - len(5) ntdll.dll->LdrLoadDll - 0x7C9161CA->0x003C01F8
             inline - len(5) ntdll.dll->LdrUnloadDll - 0x7C91718B->0x003C03FC
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             inline - len(1) KERNEL32.dll - 0x7C8678BC->_
             inline - len(5) USER32.dll->SetWinEventHook - 0x77D5E3D3->0x00AE01F8
             inline - len(5) USER32.dll->SetWindowsHookExA - 0x77D602B2->0x00AE0600
             inline - len(5) USER32.dll->SetWindowsHookExW - 0x77D5E621->0x00AE0804
             inline - len(5) USER32.dll->UnhookWinEvent - 0x77D5E544->0x00AE03FC
             inline - len(5) USER32.dll->UnhookWindowsHookEx - 0x77D5F29F->0x00AE0A08
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2A - 0x77E26F61->0x01230C0C
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2W - 0x77E26FE9->0x01230E10
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigA - 0x77E26CC9->0x01230804
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigW - 0x77E26E61->0x01230A08
             inline - len(5) ADVAPI32.dll->CreateServiceA - 0x77E27071->0x012301F8
             inline - len(5) ADVAPI32.dll->CreateServiceW - 0x77E27209->0x012303FC
             inline - len(5) ADVAPI32.dll->DeleteService - 0x77E27311->0x01230600
             inline - len(5) ADVAPI32.dll->SetServiceObjectSecurity - 0x77E26BE1->0x01231014

------------------------------------------------------------------------------------------

      Image File Name[3644 wmiprvse.exe]Process Hook
             inline - len(5) ntdll.dll->LdrLoadDll - 0x7C9161CA->0x003001F8
             inline - len(5) ntdll.dll->LdrUnloadDll - 0x7C91718B->0x003003FC
             inline - len(1) ntdll.dll - 0x7C916FCA->_
             Iat - snxhk.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - snxhk.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - KERNEL32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(1) KERNEL32.dll - 0x7C8678BC->_
             Iat - msvcrt.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtFlushBuffersFile - 0x7C90D9CA->0x10009460[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ADVAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtReadFile - 0x7C90E27C->0x10008EE0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryKey - 0x7C90E099->0x10008EC0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->DialogBoxParamW - 0x77D46702->0x100044C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             inline - len(5) USER32.dll->SetWinEventHook - 0x77D5E3D3->0x004301F8
             inline - len(5) USER32.dll->SetWindowsHookExA - 0x77D602B2->0x00430600
             inline - len(5) USER32.dll->SetWindowsHookExW - 0x77D5E621->0x00430804
             inline - len(5) USER32.dll->UnhookWinEvent - 0x77D5E544->0x004303FC
             inline - len(5) USER32.dll->UnhookWindowsHookEx - 0x77D5F29F->0x00430A08
             Iat - GDI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - GDI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - wbemcomn.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwDeleteValueKey - 0x7C90D8CE->0x1000D860[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwEnumerateKey - 0x7C90D94C->0x1000D4A0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:ZwQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ole32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NTDSAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - DNSAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2_32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WS2HELP.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WLDAP32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->ntdll.dll:ZwClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - Secur32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - ShimEng.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - AcGenral.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtQueryValueKey - 0x7C90E1FE->0x1000D580[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - WINMM.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - MSACM32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - VERSION.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtEnumerateValueKey - 0x7C90D976->0x1000D510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtQueryInformationFile - 0x7C90DFDC->0x10008F00[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->ntdll.dll:NtSetInformationFile - 0x7C90E5D9->0x10009830[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHELL32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateFile - 0x7C90D682->0x100096F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtSetValueKey - 0x7C90E7BC->0x1000D5F0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtCreateKey - 0x7C90D6D6->0x1000D660[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenKey - 0x7C90DD3C->0x1000D6D0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtDeleteKey - 0x7C90D8A4->0x1000D810[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtOpenFile - 0x7C90DCFD->0x10009680[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->ntdll.dll:NtClose - 0x7C90D586->0x1000D790[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - USERENV.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - UxTheme.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - browse~1.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - imagehlp.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->ntdll.dll:NtWriteFile - 0x7C90E9F3->0x10009770[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - PSAPI.DLL->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - comctl32.dll->KERNEL32.dll:LoadLibraryA - 0x7C801D77->0x100094C0[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]
             Iat - CLBCATQ.DLL->KERNEL32.dll:LoadLibraryW - 0x7C80ACD3->0x10009510[c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll]

==========================================================================================

KernelCallbackTable

      Image File Name[4 System]KernelCallbackTable

------------------------------------------------------------------------------------------

      Image File Name[1688 spoolsv.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1876 browsemngr.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2028 nvsvc32.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1476 AvastSvc.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[564 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[896 lsass.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2100 hpcmpmgr.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[244 c2c_service.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1180 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[884 services.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1952 jqs.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\user32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\user32.dll
             fnDWORD - OK - C:\WINDOWS\system32\user32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\user32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\user32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\user32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\user32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\user32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\user32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\user32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\user32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\user32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\user32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\user32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\user32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\user32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\user32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\user32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\user32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\user32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\user32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\user32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\user32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\user32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\user32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\user32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\user32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\user32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\user32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\user32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\user32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\user32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\user32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\user32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\user32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\user32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\user32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\user32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\user32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\user32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\user32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\user32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\user32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\user32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\user32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\user32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\user32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\user32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\user32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\user32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\user32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\user32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\user32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\user32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\user32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\user32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\user32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\user32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\user32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\user32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\user32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\user32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\user32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\user32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\user32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\user32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\user32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\user32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\user32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\user32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\user32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\user32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\user32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\user32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\user32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\user32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\user32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\user32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\user32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\user32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\user32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\user32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\user32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\user32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\user32.dll

------------------------------------------------------------------------------------------

      Image File Name[620 wdfmgr.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2176 PCHunter32.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[764 smss.exe]KernelCallbackTable

------------------------------------------------------------------------------------------

      Image File Name[812 csrss.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1616 explorer.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[836 winlogon.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1064 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1136 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1272 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1304 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2472 hpqtra08.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2152 AdobeARM.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1792 browsemngr.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1836 FsUsbExService.Exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1924 PDVDServ.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1984 RTHDCPL.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2076 rundll32.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2088 hpwuSchd2.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2168 DATAMN~1.EXE]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2184 AvastUI.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2220 ctfmon.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2284 msmsgs.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2320 GoogleToolbarNotifier.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2392 NPSAgent.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[3076 hpqgalry.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[3644 wmiprvse.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[0 Idle]KernelCallbackTable

==========================================================================================

Port

       Tcp 127.0.0.1 : 1108 - 127.0.0.1 : 12080 - TIME_WAIT - 0 - 
       Tcp 192.168.1.196 : 1104 - 77.234.42.118 : 80 - TIME_WAIT - 0 - 
       Tcp 192.168.1.196 : 139 - 0.0.0.0 : 0 - LISTENING - 4 - System
       Tcp 127.0.0.1 : 12143 - 0.0.0.0 : 0 - LISTENING - 1476 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
       Tcp 0.0.0.0 : 445 - 0.0.0.0 : 0 - LISTENING - 4 - System
       Tcp 127.0.0.1 : 12465 - 0.0.0.0 : 0 - LISTENING - 1476 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
       Tcp 0.0.0.0 : 135 - 0.0.0.0 : 0 - LISTENING - 1136 - C:\Windows\system32\svchost.exe
       Tcp 127.0.0.1 : 27275 - 0.0.0.0 : 0 - LISTENING - 1476 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
       Tcp 127.0.0.1 : 12993 - 0.0.0.0 : 0 - LISTENING - 1476 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
       Tcp 127.0.0.1 : 12563 - 0.0.0.0 : 0 - LISTENING - 1476 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
       Tcp 127.0.0.1 : 12110 - 0.0.0.0 : 0 - LISTENING - 1476 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
       Tcp 127.0.0.1 : 12025 - 0.0.0.0 : 0 - LISTENING - 1476 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
       Tcp 127.0.0.1 : 12080 - 0.0.0.0 : 0 - LISTENING - 1476 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
       Tcp 127.0.0.1 : 5152 - 0.0.0.0 : 0 - LISTENING - 1952 - C:\Program Files\Java\jre7\bin\jqs.exe
       Tcp 127.0.0.1 : 12995 - 0.0.0.0 : 0 - LISTENING - 1476 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
       Tcp 127.0.0.1 : 12119 - 0.0.0.0 : 0 - LISTENING - 1476 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
       Udp 0.0.0.0 : 1035 - * : * - 1272 - C:\Windows\system32\svchost.exe
       Udp 0.0.0.0 : 500 - * : * - 896 - C:\Windows\system32\lsass.exe
       Udp 192.168.1.196 : 137 - * : * - 4 - System
       Udp 127.0.0.1 : 1107 - * : * - 2176 - C:\Documents and Settings\win-xp\Plocha\PCHunter32.exe
       Udp 127.0.0.1 : 123 - * : * - 1180 - C:\Windows\system32\svchost.exe
       Udp 192.168.1.196 : 138 - * : * - 4 - System
       Udp 0.0.0.0 : 1033 - * : * - 1272 - C:\Windows\system32\svchost.exe
       Udp 0.0.0.0 : 1064 - * : * - 1272 - C:\Windows\system32\svchost.exe
       Udp 192.168.1.196 : 123 - * : * - 1180 - C:\Windows\system32\svchost.exe
       Udp 0.0.0.0 : 1065 - * : * - 1272 - C:\Windows\system32\svchost.exe
       Udp 127.0.0.1 : 1900 - * : * - 1304 - C:\Windows\system32\svchost.exe
       Udp 0.0.0.0 : 1034 - * : * - 1272 - C:\Windows\system32\svchost.exe
       Udp 0.0.0.0 : 4500 - * : * - 896 - C:\Windows\system32\lsass.exe
       Udp 0.0.0.0 : 445 - * : * - 4 - System
       Udp 127.0.0.1 : 1036 - * : * - 2152 - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
       Udp 192.168.1.196 : 1900 - * : * - 1304 - C:\Windows\system32\svchost.exe
       Raw 4 - System
       Raw 4 - System
       Raw 896 - C:\Windows\system32\lsass.exe

==========================================================================================

Tcpip

       IRP_MJ_CREATE - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_CLOSE - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_READ - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0xA7A3159C - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SHUTDOWN - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_POWER - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SYSTEM_CONTROL - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CHANGE - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_PNP_POWER - OK - 0xA7A1ADDF - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation

==========================================================================================

Ndis Handler

       0x89ADB5C0 - NdisProtocolBlock - 0xB6F29510 - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F29536 - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F2ABC0 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F2A8DE - (Wan)TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F2981C - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F29824 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F2A9F6 - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F2A278 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F29846 - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F2A278 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F2A948 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F2A120 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F29DBA - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89ADB5C0 - NdisProtocolBlock - 0xB6F29B76 - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xBA4F287B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xB6F2ABC0 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xB6F2A8DE - TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xB6F2A9F6 - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xB6F2A278 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xB6F29824 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xB6F2A948 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xB6F2981C - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xB6F29846 - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xB6F2A278 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xB6F39E22 - WSendHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89AA94E8 - NdisOpenBlock - 0xB6F3906A - WTransferDataHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3BA9A - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3BAE2 - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3BBC4 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3BB2A - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3BB5A - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3BBCC - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3BB32 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3BBB4 - StatusHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3BBBC - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3BBDA - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3D79E - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3D8A8 - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3D29E - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3BBE4 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3DA52 - CoSendCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3DA70 - CoStatusHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA3DAAA - CoReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89AFD2E8 - NdisProtocolBlock - 0xBAA41056 - CoAfRegisterNotifyHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBA4F287B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBAA3BBC4 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBAA3BBCC - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBAA3BB32 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBAA3BB5A - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBAA3BBDA - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBAA3BB2A - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBAA3BBB4 - StatusHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBAA3BBBC - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBA949B3E - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBA94CBAC - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBAA3DAC8 - CoCreateVcHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBAA3DAC8 - CoDeleteVcHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBAA3DAC8 - CmActivateVcCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89A40EB8 - NdisOpenBlock - 0xBAA3DBFC - CoRequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780F412 - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780F006 - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780E7E6 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780E06A - (Wan)TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780E5B0 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB78097C6 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780E2DC - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780E052 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780C1DE - StatusHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780B282 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780E26C - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB7809334 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780F3C8 - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780A154 - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B0C008 - NdisProtocolBlock - 0xB780C20C - UnloadHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xBA4F287B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xB780E7E6 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xB780E06A - TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xB780E2DC - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xB780E052 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xB78097C6 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xB780E26C - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xB780E5B0 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xB780C1DE - StatusHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xB780B282 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xB6F39E22 - WSendHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89B532B8 - NdisOpenBlock - 0xB6F3906A - WTransferDataHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A4B643 - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A4B662 - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A187A8 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A4B681 - (Wan)TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A4B6A3 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A1BF0B - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A1A141 - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A157ED - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A2C922 - StatusHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A2C81B - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A157FA - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A2A41B - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A4BBAD - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3D2D8 - NdisProtocolBlock - 0xA7A275D1 - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xBA4F287B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xA7A187A8 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xA7A4B681 - TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xA7A1A141 - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xA7A157ED - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xA7A1BF0B - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xA7A157FA - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xA7A4B6A3 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xA7A2C922 - StatusHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xA7A2C81B - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xB6F39E22 - WSendHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89941980 - NdisOpenBlock - 0xB6F3906A - WTransferDataHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605B942 - OpenAdapterCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605BD46 - CloseAdapterCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605B234 - (Wan)SendCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605AA50 - (Wan)TransferDataCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605A9DE - ResetCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605BD78 - RequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605C1B8 - ReceiveCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605C1B8 - StatusCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605B554 - BindAdapterHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605B96A - UnbindAdapterHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605C316 - PnPEventHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605C18A - UnloadHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605C5D0 - CoStatusHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605C1BC - CoReceivePacketHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B1C3D0 - NdisProtocolBlock - 0xB605BD90 - CoAfRegisterNotifyHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xBA4F287B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xB605B234 - SendCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xB605AA50 - TransferDataCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xB605C1B8 - ReceiveCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xB605BD78 - RequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xB605A9DE - ResetCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xB605C1B8 - StatusCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xB27C63CA - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xB605B06E - CoCreateVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xB605B06E - CoDeleteVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xB605B06E - CmActivateVcCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xB605A9DE - CmDeactivateVcCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89ADB440 - NdisOpenBlock - 0xB605B244 - CoRequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xBA4F287B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xB605B234 - SendCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xB605AA50 - TransferDataCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xB605C1B8 - ReceiveCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xB605BD78 - RequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xB605A9DE - ResetCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xB605C1B8 - StatusCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xB27C63CA - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xB605A300 - CoCreateVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xB605A300 - CoDeleteVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xB605A300 - CmActivateVcCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89B108A8 - NdisOpenBlock - 0xB605A3E8 - CoRequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xBA4F287B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xB605B234 - SendCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xB605AA50 - TransferDataCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xB605C1B8 - ReceiveCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xB605BD78 - RequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xB605A9DE - ResetCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xB605C1B8 - StatusCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xBA998305 - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xB605B06E - CoCreateVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xB605B06E - CoDeleteVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xB605B06E - CmActivateVcCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xB605A9DE - CmDeactivateVcCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89DD81F8 - NdisOpenBlock - 0xB605B244 - CoRequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xBA4F287B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xB605B234 - SendCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xB605AA50 - TransferDataCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xB605C1B8 - ReceiveCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xB605BD78 - RequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xB605A9DE - ResetCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xB605C1B8 - StatusCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xBA998305 - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xB605A300 - CoCreateVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xB605A300 - CoDeleteVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xB605A300 - CmActivateVcCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89CDB4E8 - NdisOpenBlock - 0xB605A3E8 - CoRequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F3145A - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F316FC - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F39B02 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F390B0 - (Wan)TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F38F4E - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F386A2 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F393BC - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F395E6 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F3ACB8 - StatusHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F3AD98 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F391C8 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F32CC4 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F3209E - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F38E1A - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F31734 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F39E02 - CoSendCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F38D7C - CoStatusHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F39656 - CoReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DA3C88 - NdisProtocolBlock - 0xB6F38F56 - CoAfRegisterNotifyHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xBA4F287B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xB6F39B02 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xB6F390B0 - TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xB6F393BC - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xB6F395E6 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xB6F386A2 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xB6F391C8 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xB6F38F4E - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xB6F3ACB8 - StatusHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xB6F3AD98 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C75860 - NdisOpenBlock - 0xB6FFC628 - WTransferDataHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89C75860 - NdisOpenBlock - 0xB6FF60F4 - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89C75860 - NdisOpenBlock - 0xB6FF6720 - CancelSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89C7C448 - NdisOpenBlock - 0x89C81220 - (Wan)SendHandler - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0x89C7D220 - TransferDataHandler - - - 
       0x89C7C448 - NdisOpenBlock - 0x89C801F8 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0x89C761A8 - TransferDataCompleteHandler - - - 
       0x89C7C448 - NdisOpenBlock - 0x89C751F8 - ReceiveHandler - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xB6F395E6 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xB6F386A2 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0x89C7F220 - ReceivePacketHandler - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0x89C6D1F8 - SendPacketsHandler - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xB6F38F4E - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xB6F3ACB8 - StatusHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xB6F3AD98 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xB6F73BBE - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xB6F73BEE - MiniportCoCreateVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xB6F6884A - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xB6F3B006 - CoCreateVcHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xB6F3B006 - CoDeleteVcHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xB6F3B006 - CmActivateVcCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89C7C448 - NdisOpenBlock - 0xB6F3B342 - CoRequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9AD4C0 - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9AD55E - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9AD680 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9AD6EC - (Wan)TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9AD4E6 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9ADD5C - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9AD7C4 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9AD8EC - StatusHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9AD6AA - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9ADF12 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9ADFE8 - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9AD90C - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89CDB388 - NdisProtocolBlock - 0xBA9AD49C - UnloadHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F690B8 - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F73C7D - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F74821 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F73CBD - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F68354 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F73D4B - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F73CE2 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F73CEA - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F73CE2 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F69122 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F74B43 - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F69AA7 - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F69B06 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F74896 - CoSendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F73EE8 - CoStatusHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F73FCC - CoReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89D76D48 - NdisProtocolBlock - 0xB6F68387 - CoAfRegisterNotifyHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xBA4F287B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xB6F74821 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xB6F73D4B - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xB6F73CE2 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xB6F68354 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xB6F73CBD - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xB6F73CEA - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xB6F73CE2 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xB27C63CA - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xB6F6A8E6 - CoCreateVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xB6F6A8E6 - CoDeleteVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xB6F6A8E6 - CmActivateVcCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B33DC8 - NdisOpenBlock - 0xB6F74313 - CoRequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xBA509122 - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xB6F74821 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xB6F73D4B - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xB6F73CE2 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xB6F68354 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xB6F73CBD - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xB6F73CEA - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xB6F73CE2 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A31420 - NdisOpenBlock - 0xBA9BDD9D - WSendHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xBA509122 - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xB6F74821 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xB6F73D4B - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xB6F73CE2 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xB6F68354 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xB6F73CBD - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xB6F73CEA - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xB6F73CE2 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89A41A68 - NdisOpenBlock - 0xBA9A8FE0 - WSendHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xBA4F287B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xBA508FD5 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xB6F74821 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xB6F73D4B - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xB6F73CE2 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xB6F68354 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xBA50AB56 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xBA5078B7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xB6F73CBD - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xB6F73CEA - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xB6F73CE2 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xBA998305 - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xB6F6A8E6 - CoCreateVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xB6F6A8E6 - CoDeleteVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xB6F6A8E6 - CmActivateVcCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89B053C0 - NdisOpenBlock - 0xB6F74313 - CoRequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89C8B948 - NdisMiniDriverBlock - 0xB27C67F8 - HaltHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x89C8B948 - NdisMiniDriverBlock - 0xB27C61FC - InitializeHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x89C8B948 - NdisMiniDriverBlock - 0xB27C5D4E - ResetHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x89C8B948 - NdisMiniDriverBlock - 0xB27C5D56 - ReturnPacketHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x89C8B948 - NdisMiniDriverBlock - 0xB27C5DB0 - CoActivateVcHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x89C8B948 - NdisMiniDriverBlock - 0xB27C5DB6 - CoDeactivateVcHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x89C8B948 - NdisMiniDriverBlock - 0xB27C680E - CoSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x89C8B948 - NdisMiniDriverBlock - 0xB27C63CA - CoRequestHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x89B3A380 - NdisMiniDriverBlock - 0xB6F37996 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89B3A380 - NdisMiniDriverBlock - 0xB6F32204 - HaltHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89B3A380 - NdisMiniDriverBlock - 0xB6F31E82 - InitializeHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89B3A380 - NdisMiniDriverBlock - 0xB6F38B3E - QueryInformationHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89B3A380 - NdisMiniDriverBlock - 0xB6F3173A - ResetHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89B3A380 - NdisMiniDriverBlock - 0xB6F39E22 - (Wan)SendHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89B3A380 - NdisMiniDriverBlock - 0xB6F38BCC - SetInformationHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89B3A380 - NdisMiniDriverBlock - 0xB6F3906A - (Wan)TransferDataHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89B3A380 - NdisMiniDriverBlock - 0xB6F39026 - ReturnPacketHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89ACF2D8 - NdisMiniDriverBlock - 0xBA9BDB16 - HaltHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x89ACF2D8 - NdisMiniDriverBlock - 0xBA9B8EE4 - InitializeHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x89ACF2D8 - NdisMiniDriverBlock - 0xBA9B87C6 - QueryInformationHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x89ACF2D8 - NdisMiniDriverBlock - 0xBA9BDC39 - ResetHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x89ACF2D8 - NdisMiniDriverBlock - 0xBA9BDD9D - (Wan)SendHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x89ACF2D8 - NdisMiniDriverBlock - 0xBA9BDC46 - SetInformationHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x89ADA4D8 - NdisMiniDriverBlock - 0xBA9A8306 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89ADA4D8 - NdisMiniDriverBlock - 0xBA9A8F24 - HaltHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89ADA4D8 - NdisMiniDriverBlock - 0xBA9A8E6E - InitializeHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89ADA4D8 - NdisMiniDriverBlock - 0xBA9A9AEE - QueryInformationHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89ADA4D8 - NdisMiniDriverBlock - 0xBA9A8FD2 - ResetHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89ADA4D8 - NdisMiniDriverBlock - 0xBA9A8FE0 - (Wan)SendHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89ADA4D8 - NdisMiniDriverBlock - 0xBA9A9EE0 - SetInformationHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F6E6F7 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F73A30 - HaltHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F695E5 - InitializeHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F73B35 - ReconfigureHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F73B59 - ResetHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F73BA5 - ReturnPacketHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F73BBE - SendPacketsHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F73BEE - CoCreateVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F73BF8 - CoDeleteVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F73C02 - CoActivateVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F73BF8 - CoDeactivateVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F73C0C - CoSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF3908 - NdisMiniDriverBlock - 0xB6F6884A - CoRequestHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89E351F0 - NdisMiniDriverBlock - 0xBA99D50C - HaltHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x89E351F0 - NdisMiniDriverBlock - 0xBA998A8E - InitializeHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x89E351F0 - NdisMiniDriverBlock - 0xBA99D2EA - ResetHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x89E351F0 - NdisMiniDriverBlock - 0xBA99D3B0 - ReturnPacketHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x89E351F0 - NdisMiniDriverBlock - 0xBA99D2F7 - CoActivateVcHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x89E351F0 - NdisMiniDriverBlock - 0xBA99D301 - CoDeactivateVcHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x89E351F0 - NdisMiniDriverBlock - 0xBA99D30B - CoSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x89E351F0 - NdisMiniDriverBlock - 0xBA998305 - CoRequestHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF5B74 - CheckForHangHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FFA958 - DisableInterruptHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FFA8DC - EnableInterruptHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF68C4 - HaltHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF6670 - HandleInterruptHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF58E8 - InitializeHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF640A - ISRHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF8BA4 - QueryInformationHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF5C4E - ResetHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF88A8 - SetInformationHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FFC628 - (Wan)TransferDataHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF6066 - ReturnPacketHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF60F4 - SendPacketsHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF6720 - CancelSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF6804 - PnPEventNotifyHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89CDB2A0 - NdisMiniDriverBlock - 0xB6FF62C8 - AdapterShutdownHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89DDAC70 - NdisMiniDriverBlock - 0xBA948306 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89DDAC70 - NdisMiniDriverBlock - 0xBA94C216 - HaltHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89DDAC70 - NdisMiniDriverBlock - 0xBA94BD7C - InitializeHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89DDAC70 - NdisMiniDriverBlock - 0xBA94BA76 - QueryInformationHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89DDAC70 - NdisMiniDriverBlock - 0xBA9499F0 - ResetHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89DDAC70 - NdisMiniDriverBlock - 0xBA94B854 - SetInformationHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89DDAC70 - NdisMiniDriverBlock - 0xBA951C36 - ReturnPacketHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89DDAC70 - NdisMiniDriverBlock - 0xBA949B3E - SendPacketsHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89DDAC70 - NdisMiniDriverBlock - 0xBA9499F0 - CoActivateVcHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89DDAC70 - NdisMiniDriverBlock - 0xBA9499FA - CoDeactivateVcHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89DDAC70 - NdisMiniDriverBlock - 0xBA94AEC4 - CoSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89DDAC70 - NdisMiniDriverBlock - 0xBA94CBAC - CoRequestHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA510770 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA507BA0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA50EA24 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA51008F - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA50BD89 - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA508997 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA515AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA5161F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA5141F8 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA515971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA516A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA5137FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA50CA5F - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA50CC9D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA508F44 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA50B907 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA50BCE3 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA50926D - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA50F8A1 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA50F941 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA4F287B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA50A24F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x899AB298 - NdisMiniportBlock - 0xBA510770 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA514B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA507BA0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA50EA24 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA51008F - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA50BD89 - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA508997 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA515AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA5161F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA5141F8 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA515971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA516A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA5137FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA50CA5F - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA50CC9D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA508F44 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA50B907 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA50BCE3 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA50926D - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA50F8A1 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA50F941 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA4F287B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA50A24F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8992CAD0 - NdisMiniportBlock - 0xBA514B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA514B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA507BA0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA50EA24 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA51008F - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA50BD89 - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA508997 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA515AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA5161F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA5141F8 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA515971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA516A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA5137FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA50CA5F - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA50CC9D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA508F44 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA50B907 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA50BCE3 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA50926D - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA50F8A1 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA50F941 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA4F287B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA50A24F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B1DAA0 - NdisMiniportBlock - 0xBA514B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA4F6A0B - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA507BA0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA50EA24 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA51008F - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA50BD89 - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA4F5DA2 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA515AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA5161F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA5141F8 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA515971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA516A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA5137FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA50CA5F - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA50CC9D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA508F44 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA50B907 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA50BCE3 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA50926D - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA50F8A1 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA50F941 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA509122 - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA50A24F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89ACC710 - NdisMiniportBlock - 0xBA4F6A0B - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA4F6A0B - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA507BA0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA50EA24 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA51008F - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA50BD89 - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA4F5DA2 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA515AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA5161F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA5141F8 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA515971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA516A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA5137FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA50CA5F - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA50CC9D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA508F44 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA50B907 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA50BCE3 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA50926D - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA50F8A1 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA50F941 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA509122 - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA50A24F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AD68F0 - NdisMiniportBlock - 0xBA4F6A0B - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA514B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA507BA0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA50EA24 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA51008F - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA50BD89 - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA50A495 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA515AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA5161F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA5141F8 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA515971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA516A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA5137FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA50CA5F - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA50CC9D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA508F44 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA50B907 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA50BCE3 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA50926D - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA50F8A1 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA50F941 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA4F287B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA50A24F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xB6F73BBE - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x89AF1A68 - NdisMiniportBlock - 0xBA514B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA510770 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA507BA0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA50EA24 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA51008F - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA50BD89 - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA508997 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA515AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA5161F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA5141F8 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA515971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA516A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA5137FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA50CA5F - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA50CC9D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA508F44 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA50B907 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA50BCE3 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA50926D - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA50F8A1 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA50F941 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA4F287B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA50A24F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B132A8 - NdisMiniportBlock - 0xBA510770 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA514B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA507BA0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA50EA24 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA51008F - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA50BD89 - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xB6FF6670 - HandleInterruptHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89B47AD0 - NdisMiniportBlock - 0xB6FFA958 - DisableInterruptHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89B47AD0 - NdisMiniportBlock - 0xB6FFA8DC - EnableInterruptHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89B47AD0 - NdisMiniportBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA50A495 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA515AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA5161F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA5141F8 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA515971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA516A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA5137FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA50CA5F - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA50CC9D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA508F44 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA50B907 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA50BCE3 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA50926D - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA50F8A1 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA50F941 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA4F287B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xBA50A24F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89B47AD0 - NdisMiniportBlock - 0xB6FF6720 - SavedCancelSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89B47AD0 - NdisMiniportBlock - 0xB6FF60F4 - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys - Realtek Semiconductor Corporation                           
       0x89B47AD0 - NdisMiniportBlock - 0xBA514B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA514B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA507BA0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA50EA24 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA51008F - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA50BD89 - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA50A24F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA50A495 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA515AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA5161F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA5141F8 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA515971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA516A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA5137FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA50CA5F - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA50CC9D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA508F44 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA50B907 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA50BCE3 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA50926D - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA50F8A1 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA50F941 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA4F287B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA50A24F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA949B3E - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89BF5758 - NdisMiniportBlock - 0xBA514B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation

==========================================================================================

IE Plugin

       Browser Helper Objects - Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - Adobe Systems Incorporated - {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
       Browser Helper Objects - Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll - Oracle Corporation - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
       Browser Helper Objects - Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll - Oracle Corporation - {DBC80044-A445-435b-BC74-9C25C1C588A9}
       Browser Extensions - Skype -  -  - {77BF5300-1474-4EC7-9980-D32B190E9B07}
       Browser Extensions - Messenger - C:\Program Files\Messenger\msmsgs.exe - Microsoft Corporation - {FB5F1910-F110-11d2-BB9E-00C04F795683}
       URLSearchHooks - Modul piazen adres URL - C:\Windows\system32\shdocvw.dll - Microsoft Corporation - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
       ActiveX - Microsoft Outlook 8.0 Object Library -  -  - {0006F033-0000-0000-C000-000000000046}
       ActiveX - Microsoft Outlook -  -  - {0006F03A-0000-0000-C000-000000000046}
       ActiveX - Google Script Object - c:\program files\Google\googletoolbar1.dll - Google Inc. - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB}
       ActiveX - Yahoo! Companion BHO -  -  - {02478D38-C3F9-4EFB-9B51-7695ECA05670}
       ActiveX -  -  -  - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
       ActiveX - Shockwave ActiveX Control - C:\Windows\system32\Adobe\Director\SwDir.dll - Adobe Systems, Inc. - {166B1BCA-3F9C-11CF-8075-444553540000}
       ActiveX - Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - Adobe Systems Incorporated - {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
       ActiveX -  -  -  - {22BF413B-C6D2-4D91-82A9-A0F997BA588C}
       ActiveX - Windows Media Player - C:\Windows\system32\wmpdxm.dll - Microsoft Corporation - {22D6F312-B0F6-11D0-94AB-0080C74C7E95}
       ActiveX - &Google - c:\program files\Google\googletoolbar1.dll - Google Inc. - {2318C2B1-4965-11D4-9B18-009027A5CD4F}
       ActiveX - Shockwave ActiveX Control - C:\Windows\system32\Adobe\Director\SwDir.dll - Adobe Systems, Inc. - {233C1507-6A77-46A4-9443-F871F945D258}
       ActiveX - HTML Document - C:\Windows\system32\mshtml.dll - Microsoft Corporation - {25336920-03F9-11CF-8FD0-00AA00686F13}
       ActiveX - DHTML Edit Control Safe for Scripting for IE5 - C:\Program Files\Common Files\Microsoft Shared\Triedit\DHTMLED.OCX - Microsoft Corporation - {2D360201-FFF5-11D1-8D03-00A0C959BC0A}
       ActiveX - XML Document - C:\Windows\system32\msxml3.dll - Microsoft Corporation - {48123BC4-99D9-11D1-A6B3-00C04FD91555}
       ActiveX - Microsoft Licensed Class Manager 1.0 - C:\Windows\system32\licmgr10.dll - Microsoft Corporation - {5220CB21-C88D-11CF-B347-00AA00A28331}
       ActiveX - Shell Name Space - C:\Windows\system32\shdocvw.dll - Microsoft Corporation - {55136805-B2DE-11D1-B9F2-00A0C98BC547}
       ActiveX - WUWebControl Class - C:\Windows\system32\wuweb.dll - Microsoft Corporation - {6414512B-B978-451D-A0D8-FCFDF33E833C}
       ActiveX - Windows Media Player - C:\Windows\system32\wmp.dll - Microsoft Corporation - {6BF52A52-394A-11D3-B153-00C04F79FAA6}
       ActiveX - Active Desktop Mover - C:\Windows\system32\shell32.dll - Microsoft Corporation - {72267F6A-A6F9-11D0-BC94-00C04FB67863}
       ActiveX - Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll - Oracle Corporation - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
       ActiveX -  -  -  - {77BF5300-1474-4EC7-9980-D32B190E9B07}
       ActiveX - Webov prohle spolenosti Microsoft - C:\Windows\system32\shdocvw.dll - Microsoft Corporation - {8856F961-340A-11D0-A96B-00C04FD705A2}
       ActiveX - Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll - Skype Technologies S.A. - {898EA8C8-E7FF-479B-8935-AEC46303B9E5}
       ActiveX - Java Plug-in 1.7.0_07 - C:\Program Files\Java\jre7\bin\npjpi170_07.dll - Oracle Corporation - {8AD9C840-044E-11D1-B3E9-00805F499D93}
       ActiveX -  -  -  - {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
       ActiveX - Google Toolbar Helper - c:\program files\Google\googletoolbar1.dll - Google Inc. - {AA58ED58-01DD-4D91-8333-CF10577473F7}
       ActiveX - Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll - Skype Technologies S.A. - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
       ActiveX - Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll - Google Inc. - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
       ActiveX - SearchAssistantOC - C:\Windows\system32\shdocvw.dll - Microsoft Corporation - {B45FF030-4447-11D2-85DE-00C04FA35C89}
       ActiveX - RDS.DataSpace - C:\Program Files\Common Files\System\msadc\msadco.dll - Microsoft Corporation - {BD96C556-65A3-11D0-983A-00C04FC29E36}
       ActiveX - DataMngr - C:\Program Files\Search Results Toolbar\Datamngr\BrowserConnection.dll - Bandoo Media Inc - {C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
       ActiveX - Google Update Plugin - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll - Google Inc. - {C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}
       ActiveX - Google Update Plugin - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll - Google Inc. - {C442AC41-9200-4770-8CC0-7CDB4F245C55}
       ActiveX - Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll - Adobe Systems, Inc. - {CA8A9780-280D-11CF-A24D-444553540000}
       ActiveX - Deployment Toolkit - C:\Windows\system32\deployJava1.dll - Oracle Corporation - {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}
       ActiveX - AUDIO__MID Moniker Class - C:\Windows\system32\wmp.dll - Microsoft Corporation - {CD3AFA74-B84F-48F0-9393-7EDC34128127}
       ActiveX - AUDIO__MP3 Moniker Class - C:\Windows\system32\wmp.dll - Microsoft Corporation - {CD3AFA76-B84F-48F0-9393-7EDC34128127}
       ActiveX - AUDIO__MPEGURL Moniker Class - C:\Windows\system32\wmp.dll - Microsoft Corporation - {CD3AFA78-B84F-48F0-9393-7EDC34128127}
       ActiveX - VIDEO__X_MS_ASF Moniker Class - C:\Windows\system32\wmp.dll - Microsoft Corporation - {CD3AFA8F-B84F-48F0-9393-7EDC34128127}
       ActiveX - VIDEO__X_MS_WMV Moniker Class - C:\Windows\system32\wmp.dll - Microsoft Corporation - {CD3AFA94-B84F-48F0-9393-7EDC34128127}
       ActiveX -  -  -  - {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}
       ActiveX - Shockwave Flash Object - C:\Windows\system32\Macromed\Flash\Flash10k.ocx - Adobe Systems, Inc. - {D27CDB6E-AE6D-11CF-96B8-444553540000}
       ActiveX - Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll - Oracle Corporation - {DBC80044-A445-435B-BC74-9C25C1C588A9}
       ActiveX -  -  -  - {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
       ActiveX -  -  -  - {E7E6F031-17CE-4C07-BC86-EABFE594F69C}
       ActiveX -  -  -  - {EF99BD32-C1FB-11D2-892F-0090271D4F88}
       ActiveX - Search-Results Toolbar - C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll - APN LLC - {F34C9277-6577-4DFF-B2D7-7D58092F272F}
       ActiveX -  -  -  - {FB5F1910-F110-11D2-BB9E-00C04F795683}
       Distribution Units - SwDir.dll - C:\Windows\system32\Adobe\Director\SwDir.dll - Adobe Systems, Inc. - {166B1BCA-3F9C-11CF-8075-444553540000}
       Distribution Units - SwDir.dll - C:\Windows\system32\Adobe\Director\SwDir.dll - Adobe Systems, Inc. - {233C1507-6A77-46A4-9443-F871F945D258}
       Distribution Units - npjpi170_07.dll - C:\Program Files\Java\jre7\bin\npjpi170_07.dll - Oracle Corporation - {8AD9C840-044E-11D1-B3E9-00805F499D93}
       Distribution Units -  -  -  - {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
       Distribution Units -  -  -  - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
       Distribution Units - npjpi160_33.dll - C:\Program Files\Java\jre6\bin\npjpi160_33.dll - Sun Microsystems, Inc. - {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
       Distribution Units - npjpi170_07.dll - C:\Program Files\Java\jre7\bin\npjpi170_07.dll - Oracle Corporation - {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}
       Distribution Units -  -  -  - {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

==========================================================================================

IE Shell

       Nothing

==========================================================================================

Spi

       MSAFD Tcpip [TCP/IP] - mswsock.dll - Microsoft Corporation - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
       MSAFD Tcpip [UDP/IP] - mswsock.dll - Microsoft Corporation - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
       MSAFD Tcpip [RAW/IP] - mswsock.dll - Microsoft Corporation - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
       RSVP UDP Service Provider - mswsock.dll - Microsoft Corporation - {9D60A9E0-337A-11D0-BD88-0000C082E69A}
       RSVP TCP Service Provider - mswsock.dll - Microsoft Corporation - {9D60A9E0-337A-11D0-BD88-0000C082E69A}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{CFB74167-B638-47B6-92C7-807D74F21E41}] SEQPACKET 3 - mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{CFB74167-B638-47B6-92C7-807D74F21E41}] DATAGRAM 3 - mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{E344B773-582E-4F82-94E7-510DB3A862F6}] SEQPACKET 0 - mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{E344B773-582E-4F82-94E7-510DB3A862F6}] DATAGRAM 0 - mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{39889FFF-D009-45E5-9E72-740DF90C13A2}] SEQPACKET 1 - mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{39889FFF-D009-45E5-9E72-740DF90C13A2}] DATAGRAM 1 - mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{6FF92151-1917-409B-8635-2DE1F9CFFEE9}] SEQPACKET 2 - mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{6FF92151-1917-409B-8635-2DE1F9CFFEE9}] DATAGRAM 2 - mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       Tcpip - mswsock.dll - Microsoft Corporation
       NTDS - C:\Windows\system32\winrnr.dll - Microsoft Corporation
       Obor nzv sluby Sledovn umstn v sti (NLA) - mswsock.dll - Microsoft Corporation

==========================================================================================

Hosts File

       

       127.0.0.1       localhost

       ::1             localhost


==========================================================================================

Startup

       NvCplDaemon - C:\Windows\system32\nvcpl.dll - NVIDIA Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run NvCplDaemon]
       nwiz - C:\WINDOWS\system32\nwiz.exe -  - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nwiz]
       NeroFilterCheck - C:\Windows\system32\NeroCheck.exe - Ahead Software Gmbh - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run NeroFilterCheck]
       RemoteControl - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe - Cyberlink Corp. - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run RemoteControl]
       RTHDCPL - C:\WINDOWS\RTHDCPL.EXE - Realtek Semiconductor Corp. - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run RTHDCPL]
       Alcmtr - C:\WINDOWS\ALCMTR.EXE - Realtek Semiconductor Corp. - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Alcmtr]
       NvMediaCenter - C:\Windows\system32\nvmctray.dll - NVIDIA Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run NvMediaCenter]
       HP Software Update - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe - Hewlett-Packard Company - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HP Software Update]
       HP Component Manager - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe - Hewlett-Packard Company - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HP Component Manager]
       Adobe Reader Speed Launcher - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe - Adobe Systems Incorporated - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Adobe Reader Speed Launcher]
       Adobe ARM - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - Adobe Systems Incorporated - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Adobe ARM]
       NPSStartup -  -  - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run NPSStartup]
       DATAMNGR - C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe - Bandoo Media Inc - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run DATAMNGR]
       avast - C:\Program Files\AVAST Software\Avast\AvastUI.exe - AVAST Software - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run avast]
       CTFMON.EXE - C:\Windows\system32\ctfmon.exe - Microsoft Corporation - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CTFMON.EXE]
       LaunchList - D:\Program Files\Pinnacle\Studio 11\LaunchList2.exe - Pinnacle Systems - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LaunchList]
       MSMSGS - C:\Program Files\Messenger\msmsgs.exe - Microsoft Corporation - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run MSMSGS]
       swg - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - Google Inc. - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run swg]
       cdoosoft - C:\DOCUME~1\win-xp\LOCALS~1\Temp\herss.exe - File not found - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run cdoosoft]
       Google Update - C:\Documents and Settings\win-xp\Local Settings\Data aplikac\Google\Update\GoogleUpdate.exe - Google Inc. - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Google Update]
       AutoStartNPSAgent - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe - Samsung Electronics Co., Ltd. - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run AutoStartNPSAgent]
       Microsoft Windows Service - C:\Documents and Settings\win-xp\M-15-0935-5960-5932\winsvc.exe - File not found - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Microsoft Windows Service]
       HotKeysCmds - C:\DOCUME~1\win-xp\LOCALS~1\Temp\4B7.EXE - File not found - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HotKeysCmds]
       MSConfig - C:\Documents and Settings\win-xp\wwfeqcpr.exe - File not found - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run MSConfig]
       pdoubrhgfjkxeiqndts - C:\Documents and Settings\win-xp\Data aplikac\pdoubrhgfjkxeiqndts.exe - File not found - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run pdoubrhgfjkxeiqndts]
       DAEMON Tools Lite - C:\Program Files\DAEMON Tools Lite\DTLite.exe - DT Soft Ltd - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run DAEMON Tools Lite]
       Microsoft Windows Manager - C:\Documents and Settings\win-xp\M-15-2553-5903-2352\winmgr.exe - File not found - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Microsoft Windows Manager]
       Classes - C:\Documents and Settings\win-xp\Data aplikac\4F5C7D\4F5C7D.exe - File not found - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run Classes]
       HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - Hewlett-Packard Co. - [C:\Documents and Settings\All Users\Nabdka Start\Programy\Po sputn\HP Digital Imaging Monitor.lnk]
       Microsoft Office.lnk - D:\Program Files\Microsoft Office\Office\OSA9.EXE - Microsoft Corporation - [C:\Documents and Settings\All Users\Nabdka Start\Programy\Po sputn\Microsoft Office.lnk]
       Rychl sputn aplikace HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe - Hewlett-Packard Co. - [C:\Documents and Settings\All Users\Nabdka Start\Programy\Po sputn\Rychl sputn aplikace HP Image Zone.lnk]
       c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll c:\docume~1\alluse~1\dataap~1\wincert\win32c~1.dll - c:\docume~1\alluse~1\dataap~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll -  - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs]
       wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 aux]
       logon.scr - C:\Windows\system32\logon.scr - Microsoft Corporation - [\REGISTRY\USER\S-1-5-21-1960408961-796845957-839522115-1003\Control Panel\Desktop SCRNSAVE.EXE]
       Shell - Explorer.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Shell]
       UIHost - logonui.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon UIHost]
       Userinit - C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\msupdt.exe,C:\WINDOWS\system32\msupdt.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit]
       crypt32chain - C:\WINDOWS\system32\crypt32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain DllName]
       cryptnet - C:\WINDOWS\system32\cryptnet.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet DllName]
       cscdll - C:\WINDOWS\system32\cscdll.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll DllName]
       ScCertProp - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp DllName]
       Schedule - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule DllName]
       sclgntfy - C:\WINDOWS\system32\sclgntfy.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy DllName]
       SensLogn - C:\WINDOWS\system32\WlNotify.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn DllName]
       termsrv - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv DllName]
       winopn32 - winopn32.dll -  - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winopn32 DllName]
       wlballoon - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon DllName]
       PostBootReminder - C:\Windows\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad PostBootReminder]
       CDBurn - C:\Windows\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad CDBurn]
       WebCheck - C:\Windows\system32\webcheck.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WebCheck]
       SysTray - C:\Windows\system32\stobject.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad SysTray]
       shell32.dll({AEB6717E-7E19-11d0-97EE-00C04FD91972}) - C:\WINDOWS\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {AEB6717E-7E19-11d0-97EE-00C04FD91972}]
       browseui.dll({438755C2-A8BA-11D1-B96B-00A0C90312E1}) - C:\Windows\system32\browseui.dll - Spolenost Microsoft - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler {438755C2-A8BA-11D1-B96B-00A0C90312E1}]
       browseui.dll({8C7461EF-2B13-11d2-BE35-3078302C2030}) - C:\Windows\system32\browseui.dll - Spolenost Microsoft - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler {8C7461EF-2B13-11d2-BE35-3078302C2030}]
       BJ Language Monitor - C:\WINDOWS\system32\cnbjmon.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors BJ Language Monitor]
       hpzsnt10 - C:\WINDOWS\system32\hpzsnt10.dll - HP - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors hpzsnt10]
       Local Port - C:\WINDOWS\system32\localspl.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors Local Port]
       PJL Language Monitor - C:\WINDOWS\system32\pjlmon.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors PJL Language Monitor]
       Standard TCP/IP Port - C:\WINDOWS\system32\tcpmon.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors Standard TCP/IP Port]
       USB Monitor - C:\WINDOWS\system32\usbmon.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors USB Monitor]
       Internet Print Provider - C:\WINDOWS\system32\inetpp.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Providers Internet Print Provider]
       LanMan Print Services - C:\WINDOWS\system32\win32spl.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Providers LanMan Print Services]
       advapi32 - C:\Windows\system32\advapi32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs advapi32]
       comdlg32 - C:\Windows\system32\comdlg32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs comdlg32]
       gdi32 - C:\Windows\system32\gdi32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs gdi32]
       imagehlp - C:\Windows\system32\imagehlp.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs imagehlp]
       kernel32 - C:\Windows\system32\kernel32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs kernel32]
       lz32 - C:\Windows\system32\lz32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs lz32]
       ole32 - C:\Windows\system32\ole32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs ole32]
       oleaut32 - C:\Windows\system32\oleaut32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs oleaut32]
       olecli32 - C:\Windows\system32\olecli32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs olecli32]
       olecnv32 - C:\Windows\system32\olecnv32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs olecnv32]
       olesvr32 - C:\Windows\system32\olesvr32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs olesvr32]
       olethk32 - C:\Windows\system32\olethk32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs olethk32]
       rpcrt4 - C:\Windows\system32\rpcrt4.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs rpcrt4]
       shell32 - C:\Windows\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs shell32]
       url - C:\Windows\system32\url.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs url]
       urlmon - C:\Windows\system32\urlmon.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs urlmon]
       user32 - C:\Windows\system32\user32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs user32]
       version - C:\Windows\system32\version.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs version]
       wininet - C:\Windows\system32\wininet.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs wininet]
       wldap32 - C:\Windows\system32\wldap32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs wldap32]
       ashShell.dll(avast) - C:\Program Files\AVAST Software\Avast\ashShell.dll - AVAST Software - [\Registry\Machine\SOFTWARE\Classes\*\shellex\ContextMenuHandlers avast]
       cscui.dll(Offline Files) - C:\Windows\system32\cscui.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Classes\*\shellex\ContextMenuHandlers Offline Files]
       shell32.dll(Open With) - C:\Windows\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Classes\*\shellex\ContextMenuHandlers Open With]
       shell32.dll(Open With EncryptionMenu) - C:\Windows\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Classes\*\shellex\ContextMenuHandlers Open With EncryptionMenu]
       ashShell.dll(00avast) - C:\Program Files\AVAST Software\Avast\ashShell.dll - AVAST Software - [\Registry\Machine\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers 00avast]
       shell32.dll(Send To) - C:\Windows\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers Send To]
       ashShell.dll(avast) - C:\Program Files\AVAST Software\Avast\ashShell.dll - AVAST Software - [\Registry\Machine\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers avast]
       Microsoft Windows Media Player(>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}) - C:\Windows\inf\unregmp2.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components >{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
       Internet Explorer(>{26923b43-4d38-484f-9b9e-de460746276c}) - C:\Windows\system32\shmgrate.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components >{26923b43-4d38-484f-9b9e-de460746276c}]
       Vlastn nastaven prohlee(>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS) - C:\WINDOWS\system32\IEDKCS32.DLL - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
       Outlook Express(>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}) - C:\Windows\system32\shmgrate.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components >{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
       ({2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}) -  -  - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
       Microsoft Windows Media Player 6.4({22d6f312-b0f6-11d0-94ab-0080c74c7e95}) -  -  - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
       Themes Setup({2C7339CF-2B09-4501-B3F3-F3508C9228ED}) - C:\Windows\system32\regsvr32.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
       Microsoft Outlook Express 6({44BBA840-CC51-11CF-AAFA-00AA00B6015C}) - C:\Program Files\Outlook Express\setup50.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
       NetMeeting 3.01({44BBA842-CC51-11CF-AAFA-00AA00B6015B}) - C:\WINDOWS\system32\advpack.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
       Windows Messenger 4.7({5945c046-1e7d-11d1-bc44-00c04fd912be}) - C:\WINDOWS\system32\advpack.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {5945c046-1e7d-11d1-bc44-00c04fd912be}]
       Microsoft Windows Media Player({6BF52A52-394A-11d3-B153-00C04F79FAA6}) - C:\WINDOWS\system32\advpack.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {6BF52A52-394A-11d3-B153-00C04F79FAA6}]
       Adres 6({7790769C-0471-11d2-AF11-00C04FA35D02}) - C:\Program Files\Outlook Express\setup50.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {7790769C-0471-11d2-AF11-00C04FA35D02}]
       Aktualizace plochy systmu Windows({89820200-ECBD-11cf-8B85-00AA005B4340}) - C:\WINDOWS\system32\regsvr32.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {89820200-ECBD-11cf-8B85-00AA005B4340}]
       Internet Explorer 6({89820200-ECBD-11cf-8B85-00AA005B4383}) - C:\Windows\system32\ie4uinit.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {89820200-ECBD-11cf-8B85-00AA005B4383}]
       ({89B4C1CD-B018-4511-B0A1-5476DBF70820}) - C:\Windows\system32\mscories.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {89B4C1CD-B018-4511-B0A1-5476DBF70820}]

==========================================================================================

Service

       Alerter - Stopped - Disabled - C:\WINDOWS\system32\svchost.exe -k LocalService - Microsoft Corporation -  - 
       ALG - Stopped - Manual - C:\Windows\system32\alg.exe - Microsoft Corporation -  - 
       AppMgmt - Stopped - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       aspnet_state - Stopped - Manual - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe - Microsoft Corporation -  - 
       AudioSrv - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       avast! Antivirus - Started - Automatic - "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" - AVAST Software -  - 
       Browser - Stopped - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       Browser Manager - Started - Automatic - C:\Documents and Settings\All Users\Data aplikac\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -  -  - 
       CiSvc - Stopped - Manual - C:\Windows\system32\cisvc.exe - Microsoft Corporation -  - 
       ClipSrv - Stopped - Disabled - C:\Windows\system32\clipsrv.exe - Microsoft Corporation -  - 
       clr_optimization_v2.0.50727_32 - Stopped - Manual - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - Microsoft Corporation -  - 
       COMSysApp - Stopped - Manual - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} - Microsoft Corporation -  - 
       CryptSvc - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       DcomLaunch - Started - Automatic - C:\WINDOWS\system32\svchost -k DcomLaunch - Microsoft Corporation -  - 
       Dhcp - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       dmadmin - Stopped - Manual - C:\WINDOWS\System32\dmadmin.exe /com - Microsoft Corp., Veritas Software -  - 
       dmserver - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       Dnscache - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k NetworkService - Microsoft Corporation -  - 
       ERSvc - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       Eventlog - Started - Automatic - C:\Windows\system32\services.exe - Microsoft Corporation -  - 
       EventSystem - Started - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       FastUserSwitchingCompatibility - Started - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       FsUsbExService - Started - Automatic - C:\Windows\system32\FsUsbExService.Exe - Teruten -  - 
       gupdate - Stopped - Automatic - "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc - Google Inc. -  - 
       gupdatem - Stopped - Manual - "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc - Google Inc. -  - 
       helpsvc - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       HidServ - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       HTTPFilter - Stopped - Manual - C:\WINDOWS\System32\svchost.exe -k HTTPFilter - Microsoft Corporation -  - 
       ImapiService - Stopped - Manual - C:\Windows\system32\imapi.exe - Microsoft Corporation -  - 
       JavaQuickStarterService - Started - Automatic - "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" - Oracle Corporation -  - 
       lanmanserver - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       lanmanworkstation - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       LmHosts - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k LocalService - Microsoft Corporation -  - 
       Messenger - Stopped - Disabled - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       mnmsrvc - Stopped - Manual - C:\Windows\system32\mnmsrvc.exe - Microsoft Corporation -  - 
       MSDTC - Stopped - Manual - C:\Windows\system32\msdtc.exe - Microsoft Corporation -  - 
       MSIServer - Stopped - Manual - C:\WINDOWS\system32\msiexec.exe /V - Microsoft Corporation -  - 
       NetDDE - Stopped - Disabled - C:\Windows\system32\netdde.exe - Microsoft Corporation -  - 
       NetDDEdsdm - Stopped - Disabled - C:\Windows\system32\netdde.exe - Microsoft Corporation -  - 
       Netlogon - Stopped - Manual - C:\Windows\system32\lsass.exe - Microsoft Corporation -  - 
       Netman - Started - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       Nla - Started - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       NtLmSsp - Stopped - Manual - C:\Windows\system32\lsass.exe - Microsoft Corporation -  - 
       NtmsSvc - Stopped - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       NVSvc - Started - Automatic - C:\Windows\system32\nvsvc32.exe - NVIDIA Corporation -  - 
       PCLEPCI - Stopped - Automatic - C:\Windows\system32\drivers\Pclepci.sys - Pinnacle Systems GmbH -  - 
       PlugPlay - Started - Automatic - C:\Windows\system32\services.exe - Microsoft Corporation -  - 
       Pml Driver HPZ12 - Stopped - Manual - C:\Windows\system32\HPZipm12.exe - HP -  - 
       PolicyAgent - Started - Automatic - C:\Windows\system32\lsass.exe - Microsoft Corporation -  - 
       ProtectedStorage - Started - Automatic - C:\Windows\system32\lsass.exe - Microsoft Corporation -  - 
       RasAuto - Stopped - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       RasMan - Started - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       RDSessMgr - Stopped - Manual - C:\Windows\system32\sessmgr.exe - Microsoft Corporation -  - 
       RemoteAccess - Stopped - Disabled - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       RemoteRegistry - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k LocalService - Microsoft Corporation -  - 
       RpcLocator - Stopped - Manual - C:\Windows\system32\locator.exe - Microsoft Corporation -  - 
       RpcSs - Started - Automatic - C:\WINDOWS\system32\svchost -k rpcss - Microsoft Corporation -  - 
       RSVP - Stopped - Manual - C:\Windows\system32\rsvp.exe - Microsoft Corporation -  - 
       SamSs - Started - Automatic - C:\Windows\system32\lsass.exe - Microsoft Corporation -  - 
       SCardSvr - Stopped - Manual - C:\Windows\system32\scardsvr.exe - Microsoft Corporation -  - 
       Schedule - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       seclogon - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       SENS - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       ServiceLayer - Stopped - Manual - "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" - Nokia. -  - 
       ShellHWDetection - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       Skype C2C Service - Started - Automatic - "C:\Documents and Settings\All Users\Data aplikac\Skype\Toolbars\Skype C2C Service\c2c_service.exe" - Skype Technologies S.A. -  - 
       SkypeUpdate - Stopped - Automatic - "C:\Program Files\Skype\Updater\Updater.exe" - Skype Technologies -  - 
       Spooler - Started - Automatic - C:\Windows\system32\spoolsv.exe - Microsoft Corporation -  - 
       srservice - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       SSDPSRV - Started - Manual - C:\WINDOWS\system32\svchost.exe -k LocalService - Microsoft Corporation -  - 
       stisvc - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k imgsvc - Microsoft Corporation -  - 
       SwPrv - Stopped - Manual - C:\WINDOWS\system32\dllhost.exe /Processid:{16F19441-3B94-456B-87AE-0C727F0E501B} - Microsoft Corporation -  - 
       SysmonLog - Stopped - Manual - C:\Windows\system32\smlogsvc.exe - Microsoft Corporation -  - 
       TapiSrv - Started - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       TermService - Started - Manual - C:\WINDOWS\System32\svchost -k DComLaunch - Microsoft Corporation -  - 
       Themes - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       TlntSvr - Stopped - Disabled - C:\Windows\system32\tlntsvr.exe - Microsoft Corporation -  - 
       TrkWks - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       UMWdf - Started - Automatic - C:\Windows\system32\wdfmgr.exe - Microsoft Corporation -  - 
       upnphost - Stopped - Manual - C:\WINDOWS\system32\svchost.exe -k LocalService - Microsoft Corporation -  - 
       UPS - Stopped - Manual - C:\Windows\system32\ups.exe - Microsoft Corporation -  - 
       VSS - Stopped - Manual - C:\Windows\system32\vssvc.exe - Microsoft Corporation -  - 
       W32Time - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       WebClient - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k LocalService - Microsoft Corporation -  - 
       winmgmt - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       WmdmPmSN - Stopped - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       Wmi - Stopped - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       WmiApSrv - Stopped - Manual - C:\Windows\system32\wbem\wmiapsrv.exe - Microsoft Corporation -  - 
       WZCSVC - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       xmlprov - Stopped - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 

==========================================================================================

Schedule Task

       GoogleUpdateTaskUserS-1-5-21-1960408961-796845957-839522115-1003UA.job - GoogleUpdateTaskUserS-1-5-21-1960408961-796845957-839522115-1003UA.job - C:\Documents and Settings\win-xp\Local Settings\Data aplikac\Google\Update\GoogleUpdate.exe - Udruje software Google aktualizovan. Je-li tato loha zakzna nebo zastavena, nebude v software Google udrovn v aktualizovanm stavu. To znamen, e nemus bt opravena zjitn slab msta v zabezpeen a urit funkce nemus fungovat. Pokud tuto lohu dn software Google nepouv, sama se odinstaluje. - Enable - Google Inc.
       GoogleUpdateTaskUserS-1-5-21-1960408961-796845957-839522115-1003Core.job - GoogleUpdateTaskUserS-1-5-21-1960408961-796845957-839522115-1003Core.job - C:\Documents and Settings\win-xp\Local Settings\Data aplikac\Google\Update\GoogleUpdate.exe - Udruje software Google aktualizovan. Je-li tato loha zakzna nebo zastavena, nebude v software Google udrovn v aktualizovanm stavu. To znamen, e nemus bt opravena zjitn slab msta v zabezpeen a urit funkce nemus fungovat. Pokud tuto lohu dn software Google nepouv, sama se odinstaluje. - Enable - Google Inc.
       GoogleUpdateTaskMachineUA.job - GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe - Udruje software Google aktualizovan. Je-li tato loha zakzna nebo zastavena, nebude v software Google udrovn v aktualizovanm stavu. To znamen, e nemus bt opravena zjitn slab msta v zabezpeen a urit funkce nemus fungovat. Pokud tuto lohu dn software Google nepouv, sama se odinstaluje. - Enable - Google Inc.
       GoogleUpdateTaskMachineCore.job - GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe - Udruje software Google aktualizovan. Je-li tato loha zakzna nebo zastavena, nebude v software Google udrovn v aktualizovanm stavu. To znamen, e nemus bt opravena zjitn slab msta v zabezpeen a urit funkce nemus fungovat. Pokud tuto lohu dn software Google nepouv, sama se odinstaluje. - Enable - Google Inc.
       avast! Emergency Update.job - avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe -  - Enable - AVAST Software

==========================================================================================

File Association

       .bat - "%1" %* - HKEY_CLASSES_ROOT\.bat
       .cmd - "%1" %* - HKEY_CLASSES_ROOT\.cmd
       .com - "%1" %* - HKEY_CLASSES_ROOT\.com
       .exe - "%1" %* - HKEY_CLASSES_ROOT\.exe
       .scr - "%1" /S - HKEY_CLASSES_ROOT\.scr
       .txt - %SystemRoot%\system32\NOTEPAD.EXE %1 - HKEY_CLASSES_ROOT\.txt
       .ini - %SystemRoot%\System32\NOTEPAD.EXE %1 - HKEY_CLASSES_ROOT\.ini
       .pif - "%1" %* - HKEY_CLASSES_ROOT\.pif
       .reg - regedit.exe "%1" - HKEY_CLASSES_ROOT\.reg
       .inf - %SystemRoot%\System32\NOTEPAD.EXE %1 - HKEY_CLASSES_ROOT\.inf
       .hlp - %SystemRoot%\System32\winhlp32.exe %1 - HKEY_CLASSES_ROOT\.hlp
       .chm - "C:\WINDOWS\hh.exe" %1 - HKEY_CLASSES_ROOT\.chm
       .vbs - %SystemRoot%\System32\WScript.exe "%1" %* - HKEY_CLASSES_ROOT\.vbs
       .js - %SystemRoot%\System32\WScript.exe "%1" %* - HKEY_CLASSES_ROOT\.js
       .lnk - lnkfile - HKEY_CLASSES_ROOT\.lnk
       batfile - "%1" %* - HKEY_CLASSES_ROOT\batfile\Shell\Open\Command
       cmdfile - "%1" %* - HKEY_CLASSES_ROOT\cmdfile\Shell\Open\Command
       comfile - "%1" %* - HKEY_CLASSES_ROOT\comfile\Shell\Open\Command
       exefile - "%1" %* - HKEY_CLASSES_ROOT\exefile\Shell\Open\Command
       scrfile - "%1" /S - HKEY_CLASSES_ROOT\scrfile\Shell\Open\Command
       txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1 - HKEY_CLASSES_ROOT\txtfile\Shell\Open\Command
       inifile - %SystemRoot%\System32\NOTEPAD.EXE %1 - HKEY_CLASSES_ROOT\inifile\Shell\Open\Command
       piffile - "%1" %* - HKEY_CLASSES_ROOT\piffile\Shell\Open\Command
       regfile - regedit.exe "%1" - HKEY_CLASSES_ROOT\regfile\Shell\Open\Command
       inffile - %SystemRoot%\System32\NOTEPAD.EXE %1 - HKEY_CLASSES_ROOT\inffile\Shell\Open\Command
       hlpfile - %SystemRoot%\System32\winhlp32.exe %1 - HKEY_CLASSES_ROOT\hlpfile\Shell\Open\Command
       chm.file - "C:\WINDOWS\hh.exe" %1 - HKEY_CLASSES_ROOT\chm.file\Shell\Open\Command
       vbsfile - %SystemRoot%\System32\WScript.exe "%1" %* - HKEY_CLASSES_ROOT\vbsfile\Shell\Open\Command
       jsfile - %SystemRoot%\System32\WScript.exe "%1" %* - HKEY_CLASSES_ROOT\jsfile\Shell\Open\Command
       HKCU .txt Progid - %SystemRoot%\system32\NOTEPAD.EXE %1 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
       HKCU .ini Progid - %SystemRoot%\System32\NOTEPAD.EXE %1 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
       HKCU .inf Progid - %SystemRoot%\System32\NOTEPAD.EXE %1 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
       HKCU .hlp Progid - %SystemRoot%\System32\winhlp32.exe %1 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hlp\OpenWithProgids
       HKCU .chm Progid - "C:\WINDOWS\hh.exe" %1 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.chm\OpenWithProgids

==========================================================================================

IFEO

       Nothing

==========================================================================================

IME

       Anglick (Spojen stty) -  -  - C:\WINDOWS\system32\KBDUS.DLL - Microsoft Corporation
       esk -  -  - C:\WINDOWS\system32\KBDCZ.DLL - Microsoft Corporation

==========================================================================================

Firewall Rule

       C:\Documents and Settings\win-xp\M-15-4675-3789-4574\winmgr.exe - Standard App - Enabled - 
       C:\Documents and Settings\win-xp\M-15-2553-5903-2352\winmgr.exe - Standard App - Enabled - 
       139:TCP - Open Port - Enabled - 
       445:TCP - Open Port - Enabled - 
       137:UDP - Open Port - Enabled - 
       138:UDP - Open Port - Enabled - 

==========================================================================================

Scan MBR Rootkit

       MBR OK!
