PC Hunter Free --- Computer Examination Report
Examination Date: 2013-05-05 15:38
OS Information: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Internet Explorer: 8.0.6001.18702

Examination Items:
      Process
      Process Modules
      Process Threads
      Kernel Module
      Notify Routine
      Filter
      DPC Timer
      Worker Thread
      HalDispatchTable
      HalPrivateDispatchTable
      HalAcpiDispatchTable
      Filter
      File System
      Sfilter FileSystem Filter Callback
      ClassInitData Callback
      System Debug
      Object Hijack
      Direct IO
      GDT
      SSDT
      Shadow SSDT
      FSD
      Keyboard
      Mouclass
      Classpnp
      Atapi
      Acpi
      Scsi
      Kernel Hook
      PTE HOOK
      Object Type
      IDT
      Message Hook
      Process Hook
      KernelCallbackTable
      Port
      Tcpip
      Ndis Handler
      IE Plugin
      IE Shell
      Spi
      Hosts File
      Startup
      Service
      Schedule Task
      File Association
      IFEO
      IME
      Firewall Rule
      System User Name
      Scan MBR Rootkit

==========================================================================================

Process

       System - System - 
       explorer.exe - C:\WINDOWS\explorer.exe - Microsoft Corporation
       chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
       Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
       dllhost.exe - C:\WINDOWS\system32\dllhost.exe - Microsoft Corporation
       winlogon.exe - C:\WINDOWS\system32\winlogon.exe - Microsoft Corporation
       svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
       WinRAR.exe - C:\Program Files\WinRAR\WinRAR.exe - 
       svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
       lsass.exe - C:\WINDOWS\system32\lsass.exe - Microsoft Corporation
       AvastSvc.exe - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - AVAST Software
       csrss.exe - C:\WINDOWS\system32\csrss.exe - Microsoft Corporation
       afwServ.exe - C:\Program Files\Alwil Software\Avast5\afwServ.exe - AVAST Software
       svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
       svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
       spoolsv.exe - C:\WINDOWS\system32\spoolsv.exe - Microsoft Corporation
       postak.exe - C:\Program Files\Seznam.cz\bin\postak.exe - 
       PCHunter32.exe - C:\Documents and Settings\NoName.NO-4F6B2481B176\Local Settings\temp\Rar$EX01.437\PCHunter_free\PCHunter32.exe - ????(??)????????
       svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
       svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
       GrooveMonitor.exe - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - Microsoft Corporation
       GamerOSD.exe - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe - ASUSTeK Computer Inc.
       rundll32.exe - C:\WINDOWS\system32\rundll32.exe - Microsoft Corporation
       AvastUI.exe - C:\Program Files\Alwil Software\Avast5\AvastUI.exe - AVAST Software
       services.exe - C:\WINDOWS\system32\services.exe - Microsoft Corporation
       ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe - Microsoft Corporation
       ONENOTEM.EXE - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - Microsoft Corporation
       smss.exe - C:\WINDOWS\system32\smss.exe - Microsoft Corporation
       svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
       chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
       svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
       svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
       arservice.exe - C:\WINDOWS\arservice.exe - Microsoft
       ATKKBService.exe - C:\WINDOWS\ATKKBService.exe - ASUSTeK COMPUTER INC.
       ehRecvr.exe - C:\WINDOWS\ehome\ehRecvr.exe - Microsoft Corporation
       ehSched.exe - C:\WINDOWS\ehome\ehSched.exe - Microsoft Corporation
       svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
       jqs.exe - C:\Program Files\Java\jre6\bin\jqs.exe - Sun Microsystems, Inc.
       nvsvc32.exe - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Corporation
       alg.exe - C:\WINDOWS\system32\alg.exe - Microsoft Corporation
       HPZipm12.exe - C:\WINDOWS\system32\HPZipm12.exe - HP
       PSIService.exe - C:\WINDOWS\system32\PSIService.exe - 
       chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
       mcrdsvc.exe - C:\WINDOWS\ehome\mcrdsvc.exe - Microsoft Corporation
       wuauclt.exe - C:\WINDOWS\system32\wuauclt.exe - Microsoft Corporation
       wscntfy.exe - C:\WINDOWS\system32\wscntfy.exe - Microsoft Corporation
       Idle - Idle - 

==========================================================================================

Process Modules

      Image File Name[System]Modules
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[explorer.exe]Modules
             Explorer.EXE - C:\WINDOWS\Explorer.EXE - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             BROWSEUI.dll - C:\WINDOWS\system32\BROWSEUI.dll - Spolenost Microsoft
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             SHDOCVW.dll - C:\WINDOWS\system32\SHDOCVW.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             CRYPTUI.dll - C:\WINDOWS\system32\CRYPTUI.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             appHelp.dll - C:\WINDOWS\system32\appHelp.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             ashShell.dll - C:\Program Files\Alwil Software\Avast5\ashShell.dll - AVAST Software
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation
             GrooveShellExtensions.dll - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - Microsoft Corporation
             GrooveUtil.DLL - C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL - Microsoft Corporation
             MSVCR80.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll - Microsoft Corporation
             GrooveNew.DLL - C:\Program Files\Microsoft Office\Office12\GrooveNew.DLL - Microsoft Corporation
             ATL80.DLL - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             MSImg32.dll - C:\WINDOWS\system32\MSImg32.dll - Microsoft Corporation
             cscui.dll - C:\WINDOWS\System32\cscui.dll - Microsoft Corporation
             CSCDLL.dll - C:\WINDOWS\System32\CSCDLL.dll - Microsoft Corporation
             themeui.dll - C:\WINDOWS\system32\themeui.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             actxprxy.dll - C:\WINDOWS\system32\actxprxy.dll - Microsoft Corporation
             GrooveSystemServices.dll - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - Microsoft Corporation
             msxml3.dll - C:\WINDOWS\system32\msxml3.dll - Microsoft Corporation
             ieframe.dll - C:\WINDOWS\system32\ieframe.dll - Microsoft Corporation
             msutb.dll - C:\WINDOWS\system32\msutb.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             LINKINFO.dll - C:\WINDOWS\system32\LINKINFO.dll - Microsoft Corporation
             ntshrui.dll - C:\WINDOWS\system32\ntshrui.dll - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             NETSHELL.dll - C:\WINDOWS\system32\NETSHELL.dll - Microsoft Corporation
             credui.dll - C:\WINDOWS\system32\credui.dll - Microsoft Corporation
             dot3api.dll - C:\WINDOWS\system32\dot3api.dll - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             dot3dlg.dll - C:\WINDOWS\system32\dot3dlg.dll - Microsoft Corporation
             OneX.DLL - C:\WINDOWS\system32\OneX.DLL - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             eappcfg.dll - C:\WINDOWS\system32\eappcfg.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             eappprxy.dll - C:\WINDOWS\system32\eappprxy.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             MLANG.dll - C:\WINDOWS\system32\MLANG.dll - Microsoft Corporation
             GrooveMisc.dll - C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - Microsoft Corporation
             webcheck.dll - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation
             wpdshserviceobj.dll - C:\WINDOWS\system32\wpdshserviceobj.dll - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             portabledevicetypes.dll - C:\WINDOWS\system32\portabledevicetypes.dll - Microsoft Corporation
             stobject.dll - C:\WINDOWS\system32\stobject.dll - Microsoft Corporation
             BatMeter.dll - C:\WINDOWS\system32\BatMeter.dll - Microsoft Corporation
             POWRPROF.dll - C:\WINDOWS\system32\POWRPROF.dll - Microsoft Corporation
             portabledeviceapi.dll - C:\WINDOWS\system32\portabledeviceapi.dll - Microsoft Corporation
             wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             msacm32.drv - C:\WINDOWS\system32\msacm32.drv - Microsoft Corporation
             midimap.dll - C:\WINDOWS\system32\midimap.dll - Microsoft Corporation
             MPR.dll - C:\WINDOWS\system32\MPR.dll - Microsoft Corporation
             nwprovau.dll - C:\WINDOWS\System32\nwprovau.dll - Microsoft Corporation
             drprov.dll - C:\WINDOWS\System32\drprov.dll - Microsoft Corporation
             ntlanman.dll - C:\WINDOWS\System32\ntlanman.dll - Microsoft Corporation
             NETUI0.dll - C:\WINDOWS\System32\NETUI0.dll - Microsoft Corporation
             NETUI1.dll - C:\WINDOWS\System32\NETUI1.dll - Microsoft Corporation
             NETRAP.dll - C:\WINDOWS\System32\NETRAP.dll - Microsoft Corporation
             davclnt.dll - C:\WINDOWS\System32\davclnt.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[chrome.exe]Modules
             chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             snxhk.dll - C:\Program Files\Alwil Software\Avast5\snxhk.dll - AVAST Software
             KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             aswJsFlt.dll - C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll - AVAST Software
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             USP10.dll - C:\WINDOWS\system32\USP10.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             OLEACC.dll - C:\WINDOWS\system32\OLEACC.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             dbghelp.dll - C:\WINDOWS\system32\dbghelp.dll - Microsoft Corporation
             icudt.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\icudt.dll - The ICU Project
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\System32\mswsock.dll - Microsoft Corporation
             IPHLPAPI.DLL - C:\WINDOWS\system32\IPHLPAPI.DLL - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\system32\rasadhlp.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             msftedit.dll - C:\WINDOWS\system32\msftedit.dll - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             RASAPI32.DLL - C:\WINDOWS\system32\RASAPI32.DLL - Microsoft Corporation
             rasman.dll - C:\WINDOWS\system32\rasman.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\system32\TAPI32.dll - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             cryptdll.dll - C:\WINDOWS\system32\cryptdll.dll - Microsoft Corporation
             portabledeviceapi.dll - C:\WINDOWS\system32\portabledeviceapi.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             cryptnet.dll - C:\WINDOWS\system32\cryptnet.dll - Microsoft Corporation
             SensApi.dll - C:\WINDOWS\system32\SensApi.dll - Microsoft Corporation
             mscms.dll - C:\WINDOWS\system32\mscms.dll - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             aswCmnBS.dll - C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll - AVAST Software
             aswCmnOS.dll - C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll - AVAST Software
             aswCmnIS.dll - C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll - AVAST Software
             MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             MSVCP90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll - Microsoft Corporation
             Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             AavmRpch.dll - C:\Program Files\Alwil Software\Avast5\AavmRpch.dll - AVAST Software
             ashBase.dll - C:\Program Files\Alwil Software\Avast5\ashBase.dll - AVAST Software
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             aswEngLdr.dll - C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll - AVAST Software
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             ashTask.dll - C:\Program Files\Alwil Software\Avast5\ashTask.dll - AVAST Software
             aswAux.dll - C:\Program Files\Alwil Software\Avast5\aswAux.dll - AVAST Software
             aswProperty.dll - C:\Program Files\Alwil Software\Avast5\aswProperty.dll - AVAST Software
             avastIP.dll - C:\Program Files\Alwil Software\Avast5\avastIP.dll - AVAST Software
             netman.dll - C:\WINDOWS\system32\netman.dll - Microsoft Corporation
             MPRAPI.dll - C:\WINDOWS\system32\MPRAPI.dll - Microsoft Corporation
             ACTIVEDS.dll - C:\WINDOWS\system32\ACTIVEDS.dll - Microsoft Corporation
             adsldpc.dll - C:\WINDOWS\system32\adsldpc.dll - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             netshell.dll - C:\WINDOWS\system32\netshell.dll - Microsoft Corporation
             credui.dll - C:\WINDOWS\system32\credui.dll - Microsoft Corporation
             dot3api.dll - C:\WINDOWS\system32\dot3api.dll - Microsoft Corporation
             dot3dlg.dll - C:\WINDOWS\system32\dot3dlg.dll - Microsoft Corporation
             OneX.DLL - C:\WINDOWS\system32\OneX.DLL - Microsoft Corporation
             eappcfg.dll - C:\WINDOWS\system32\eappcfg.dll - Microsoft Corporation
             eappprxy.dll - C:\WINDOWS\system32\eappprxy.dll - Microsoft Corporation
             WZCSAPI.DLL - C:\WINDOWS\system32\WZCSAPI.DLL - Microsoft Corporation
             WZCSvc.DLL - C:\WINDOWS\system32\WZCSvc.DLL - Microsoft Corporation
             WMI.dll - C:\WINDOWS\system32\WMI.dll - Microsoft Corporation
             DHCPCSVC.DLL - C:\WINDOWS\system32\DHCPCSVC.DLL - Microsoft Corporation
             EapolQec.dll - C:\WINDOWS\system32\EapolQec.dll - Microsoft Corporation
             QUtil.dll - C:\WINDOWS\system32\QUtil.dll - Microsoft Corporation
             ESENT.dll - C:\WINDOWS\system32\ESENT.dll - Microsoft Corporation
             wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             msacm32.drv - C:\WINDOWS\system32\msacm32.drv - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             midimap.dll - C:\WINDOWS\system32\midimap.dll - Microsoft Corporation
             devenum.dll - C:\WINDOWS\system32\devenum.dll - Microsoft Corporation
             msdmo.dll - C:\WINDOWS\system32\msdmo.dll - 
             appHelp.dll - C:\WINDOWS\system32\appHelp.dll - Microsoft Corporation
             ashShell.dll - C:\Program Files\Alwil Software\Avast5\ashShell.dll - AVAST Software
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation
             GrooveShellExtensions.dll - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - Microsoft Corporation
             GrooveUtil.DLL - C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL - Microsoft Corporation
             MSVCR80.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll - Microsoft Corporation
             GrooveNew.DLL - C:\Program Files\Microsoft Office\Office12\GrooveNew.DLL - Microsoft Corporation
             ATL80.DLL - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL - Microsoft Corporation
             MSImg32.dll - C:\WINDOWS\system32\MSImg32.dll - Microsoft Corporation
             cscui.dll - C:\WINDOWS\System32\cscui.dll - Microsoft Corporation
             CSCDLL.dll - C:\WINDOWS\System32\CSCDLL.dll - Microsoft Corporation
             shdocvw.dll - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation
             CRYPTUI.dll - C:\WINDOWS\system32\CRYPTUI.dll - Microsoft Corporation
             wuapi.dll - C:\WINDOWS\system32\wuapi.dll - Microsoft Corporation
             Cabinet.dll - C:\WINDOWS\system32\Cabinet.dll - Microsoft Corporation
             GrooveSystemServices.dll - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - Microsoft Corporation
             msxml3.dll - C:\WINDOWS\system32\msxml3.dll - Microsoft Corporation
             GrooveMisc.dll - C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[Skype.exe]Modules
             Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             oleaut32.dll - C:\WINDOWS\system32\oleaut32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             wintrust.dll - C:\WINDOWS\system32\wintrust.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             msimg32.dll - C:\WINDOWS\system32\msimg32.dll - Microsoft Corporation
             version.dll - C:\WINDOWS\system32\version.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             winspool.drv - C:\WINDOWS\system32\winspool.drv - Microsoft Corporation
             URLMON.DLL - C:\WINDOWS\system32\URLMON.DLL - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             wininet.dll - C:\WINDOWS\system32\wininet.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             shell32.dll - C:\WINDOWS\system32\shell32.dll - Microsoft Corporation
             comdlg32.dll - C:\WINDOWS\system32\comdlg32.dll - Microsoft Corporation
             oleacc.dll - C:\WINDOWS\system32\oleacc.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             d3d9.dll - C:\WINDOWS\system32\d3d9.dll - Microsoft Corporation
             d3d8thk.dll - C:\WINDOWS\system32\d3d8thk.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             SHFolder.dll - C:\WINDOWS\system32\SHFolder.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             pdh.dll - C:\WINDOWS\system32\pdh.dll - Microsoft Corporation
             ODBC32.dll - C:\WINDOWS\system32\ODBC32.dll - Microsoft Corporation
             odbcbcp.dll - C:\WINDOWS\system32\odbcbcp.dll - Microsoft Corporation
             odbcint.dll - C:\WINDOWS\system32\odbcint.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             POWRPROF.dll - C:\WINDOWS\system32\POWRPROF.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             gdiplus.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll - Microsoft Corporation
             olepro32.dll - C:\WINDOWS\system32\olepro32.dll - Microsoft Corporation
             Iphlpapi.dll - C:\WINDOWS\system32\Iphlpapi.dll - Microsoft Corporation
             cryptui.dll - C:\WINDOWS\system32\cryptui.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             mapi32.dll - C:\WINDOWS\system32\mapi32.dll - Microsoft Corporation
             wtsapi32.dll - C:\WINDOWS\system32\wtsapi32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             SXS.DLL - C:\WINDOWS\system32\SXS.DLL - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             wlanapi.dll - C:\WINDOWS\system32\wlanapi.dll - Microsoft Corporation
             WZCSAPI.DLL - C:\WINDOWS\system32\WZCSAPI.DLL - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             devenum.dll - C:\WINDOWS\system32\devenum.dll - Microsoft Corporation
             msdmo.dll - C:\WINDOWS\system32\msdmo.dll - 
             wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             msacm32.drv - C:\WINDOWS\system32\msacm32.drv - Microsoft Corporation
             midimap.dll - C:\WINDOWS\system32\midimap.dll - Microsoft Corporation
             qcap.dll - C:\WINDOWS\system32\qcap.dll - Microsoft Corporation
             MSVFW32.dll - C:\WINDOWS\system32\MSVFW32.dll - Microsoft Corporation
             quartz.dll - C:\WINDOWS\system32\quartz.dll - Microsoft Corporation
             ksproxy.ax - C:\WINDOWS\system32\ksproxy.ax - Microsoft Corporation
             ksuser.dll - C:\WINDOWS\system32\ksuser.dll - Microsoft Corporation
             winrnr.dll - C:\WINDOWS\System32\winrnr.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\system32\rasadhlp.dll - Microsoft Corporation
             MPRAPI.dll - C:\WINDOWS\system32\MPRAPI.dll - Microsoft Corporation
             ACTIVEDS.dll - C:\WINDOWS\system32\ACTIVEDS.dll - Microsoft Corporation
             adsldpc.dll - C:\WINDOWS\system32\adsldpc.dll - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             RASAPI32.DLL - C:\WINDOWS\system32\RASAPI32.DLL - Microsoft Corporation
             rasman.dll - C:\WINDOWS\system32\rasman.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\system32\TAPI32.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             cryptdll.dll - C:\WINDOWS\system32\cryptdll.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             sensapi.dll - C:\WINDOWS\system32\sensapi.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[dllhost.exe]Modules
             dllhost.exe - C:\WINDOWS\system32\dllhost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             COMSVCS.DLL - C:\WINDOWS\system32\COMSVCS.DLL - Microsoft Corporation
             colbact.DLL - C:\WINDOWS\system32\colbact.DLL - Microsoft Corporation
             MTXCLU.DLL - C:\WINDOWS\system32\MTXCLU.DLL - Microsoft Corporation
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             CLUSAPI.DLL - C:\WINDOWS\system32\CLUSAPI.DLL - Microsoft Corporation
             RESUTILS.DLL - C:\WINDOWS\system32\RESUTILS.DLL - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             txflog.dll - C:\WINDOWS\system32\txflog.dll - Microsoft Corporation
             ES.DLL - C:\WINDOWS\system32\ES.DLL - Microsoft Corporation
             wtsapi32.dll - C:\WINDOWS\system32\wtsapi32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             SXS.DLL - C:\WINDOWS\system32\SXS.DLL - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[winlogon.exe]Modules
             winlogon.exe - C:\WINDOWS\system32\winlogon.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             AUTHZ.dll - C:\WINDOWS\system32\AUTHZ.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             NDdeApi.dll - C:\WINDOWS\system32\NDdeApi.dll - Microsoft Corporation
             PROFMAP.dll - C:\WINDOWS\system32\PROFMAP.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             REGAPI.dll - C:\WINDOWS\system32\REGAPI.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             MSGINA.dll - C:\WINDOWS\system32\MSGINA.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             ODBC32.dll - C:\WINDOWS\system32\ODBC32.dll - Microsoft Corporation
             comdlg32.dll - C:\WINDOWS\system32\comdlg32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             odbcint.dll - C:\WINDOWS\system32\odbcint.dll - Microsoft Corporation
             SHSVCS.dll - C:\WINDOWS\system32\SHSVCS.dll - Microsoft Corporation
             sfc.dll - C:\WINDOWS\system32\sfc.dll - Microsoft Corporation
             sfc_os.dll - C:\WINDOWS\system32\sfc_os.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             WINSCARD.DLL - C:\WINDOWS\system32\WINSCARD.DLL - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             sxs.dll - C:\WINDOWS\system32\sxs.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             cscdll.dll - C:\WINDOWS\system32\cscdll.dll - Microsoft Corporation
             dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll - Microsoft Corporation
             WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll - Microsoft Corporation
             MPR.dll - C:\WINDOWS\system32\MPR.dll - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             cryptdll.dll - C:\WINDOWS\system32\cryptdll.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             wldap32.dll - C:\WINDOWS\system32\wldap32.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             cscui.dll - C:\WINDOWS\system32\cscui.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             msacm32.drv - C:\WINDOWS\system32\msacm32.drv - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             midimap.dll - C:\WINDOWS\system32\midimap.dll - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             lmhsvc.dll - c:\windows\system32\lmhsvc.dll - Microsoft Corporation
             iphlpapi.dll - c:\windows\system32\iphlpapi.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation
             regsvc.dll - c:\windows\system32\regsvc.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[WinRAR.exe]Modules
             WinRAR.exe - C:\Program Files\WinRAR\WinRAR.exe - 
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             COMDLG32.dll - C:\WINDOWS\system32\COMDLG32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             riched32.dll - C:\WINDOWS\system32\riched32.dll - Microsoft Corporation
             RICHED20.dll - C:\WINDOWS\system32\RICHED20.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             appHelp.dll - C:\WINDOWS\system32\appHelp.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             ashShell.dll - C:\Program Files\Alwil Software\Avast5\ashShell.dll - AVAST Software
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation
             GrooveShellExtensions.dll - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - Microsoft Corporation
             GrooveUtil.DLL - C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             MSVCR80.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll - Microsoft Corporation
             GrooveNew.DLL - C:\Program Files\Microsoft Office\Office12\GrooveNew.DLL - Microsoft Corporation
             ATL80.DLL - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             MSImg32.dll - C:\WINDOWS\system32\MSImg32.dll - Microsoft Corporation
             cscui.dll - C:\WINDOWS\System32\cscui.dll - Microsoft Corporation
             CSCDLL.dll - C:\WINDOWS\System32\CSCDLL.dll - Microsoft Corporation
             browseui.dll - C:\WINDOWS\system32\browseui.dll - Spolenost Microsoft
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             netapi32.dll - C:\WINDOWS\system32\netapi32.dll - Microsoft Corporation
             MPR.dll - C:\WINDOWS\system32\MPR.dll - Microsoft Corporation
             nwprovau.dll - C:\WINDOWS\System32\nwprovau.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\System32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\System32\WS2HELP.dll - Microsoft Corporation
             drprov.dll - C:\WINDOWS\System32\drprov.dll - Microsoft Corporation
             ntlanman.dll - C:\WINDOWS\System32\ntlanman.dll - Microsoft Corporation
             NETUI0.dll - C:\WINDOWS\System32\NETUI0.dll - Microsoft Corporation
             NETUI1.dll - C:\WINDOWS\System32\NETUI1.dll - Microsoft Corporation
             NETRAP.dll - C:\WINDOWS\System32\NETRAP.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\System32\SAMLIB.dll - Microsoft Corporation
             davclnt.dll - C:\WINDOWS\System32\davclnt.dll - Microsoft Corporation
             wpdshext.dll - C:\WINDOWS\system32\wpdshext.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             gdiplus.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll - Microsoft Corporation
             portabledeviceapi.dll - C:\WINDOWS\system32\portabledeviceapi.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             shgina.dll - C:\WINDOWS\system32\shgina.dll - Microsoft Corporation
             MSGINA.dll - C:\WINDOWS\system32\MSGINA.dll - Microsoft Corporation
             ODBC32.dll - C:\WINDOWS\system32\ODBC32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             odbcint.dll - C:\WINDOWS\system32\odbcint.dll - Microsoft Corporation
             audiodev.dll - C:\WINDOWS\system32\audiodev.dll - Microsoft Corporation
             WMVCore.DLL - C:\WINDOWS\system32\WMVCore.DLL - Microsoft Corporation
             WMASF.DLL - C:\WINDOWS\system32\WMASF.DLL - Microsoft Corporation
             wiashext.dll - C:\WINDOWS\system32\wiashext.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             sti.dll - C:\WINDOWS\system32\sti.dll - Microsoft Corporation
             CFGMGR32.dll - C:\WINDOWS\system32\CFGMGR32.dll - Microsoft Corporation
             GrooveSystemServices.dll - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - Microsoft Corporation
             msxml3.dll - C:\WINDOWS\system32\msxml3.dll - Microsoft Corporation
             SHDOCVW.dll - C:\WINDOWS\system32\SHDOCVW.dll - Microsoft Corporation
             CRYPTUI.dll - C:\WINDOWS\system32\CRYPTUI.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             ieframe.dll - C:\WINDOWS\system32\ieframe.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\System32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\System32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\System32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\System32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\System32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\System32\NTMARTA.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\System32\SAMLIB.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\System32\xpsp2res.dll - Microsoft Corporation
             shsvcs.dll - c:\windows\system32\shsvcs.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\System32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\System32\NETAPI32.dll - Microsoft Corporation
             dhcpcsvc.dll - c:\windows\system32\dhcpcsvc.dll - Microsoft Corporation
             DNSAPI.dll - c:\windows\system32\DNSAPI.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation
             iphlpapi.dll - c:\windows\system32\iphlpapi.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\System32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\System32\rsaenh.dll - Microsoft Corporation
             wzcsvc.dll - c:\windows\system32\wzcsvc.dll - Microsoft Corporation
             rtutils.dll - c:\windows\system32\rtutils.dll - Microsoft Corporation
             WMI.dll - c:\windows\system32\WMI.dll - Microsoft Corporation
             CRYPT32.dll - c:\windows\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - c:\windows\system32\MSASN1.dll - Microsoft Corporation
             EapolQec.dll - c:\windows\system32\EapolQec.dll - Microsoft Corporation
             ATL.DLL - c:\windows\system32\ATL.DLL - Microsoft Corporation
             QUtil.dll - c:\windows\system32\QUtil.dll - Microsoft Corporation
             MSVCP60.dll - c:\windows\system32\MSVCP60.dll - Microsoft Corporation
             dot3api.dll - c:\windows\system32\dot3api.dll - Microsoft Corporation
             WTSAPI32.dll - c:\windows\system32\WTSAPI32.dll - Microsoft Corporation
             ESENT.dll - c:\windows\system32\ESENT.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\System32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\System32\COMRes.dll - Microsoft Corporation
             rastls.dll - C:\WINDOWS\System32\rastls.dll - Microsoft Corporation
             CRYPTUI.dll - C:\WINDOWS\System32\CRYPTUI.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\System32\WINTRUST.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             MPRAPI.dll - C:\WINDOWS\System32\MPRAPI.dll - Microsoft Corporation
             ACTIVEDS.dll - C:\WINDOWS\System32\ACTIVEDS.dll - Microsoft Corporation
             adsldpc.dll - C:\WINDOWS\System32\adsldpc.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\System32\SETUPAPI.dll - Microsoft Corporation
             RASAPI32.dll - C:\WINDOWS\System32\RASAPI32.dll - Microsoft Corporation
             rasman.dll - C:\WINDOWS\System32\rasman.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\System32\TAPI32.dll - Microsoft Corporation
             SCHANNEL.dll - C:\WINDOWS\System32\SCHANNEL.dll - Microsoft Corporation
             WinSCard.dll - C:\WINDOWS\System32\WinSCard.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\System32\PSAPI.DLL - Microsoft Corporation
             raschap.dll - C:\WINDOWS\System32\raschap.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             cryptdll.dll - C:\WINDOWS\System32\cryptdll.dll - Microsoft Corporation
             schedsvc.dll - c:\windows\system32\schedsvc.dll - Microsoft Corporation
             NTDSAPI.dll - c:\windows\system32\NTDSAPI.dll - Microsoft Corporation
             MSIDLE.DLL - C:\WINDOWS\System32\MSIDLE.DLL - Microsoft Corporation
             audiosrv.dll - c:\windows\system32\audiosrv.dll - Microsoft Corporation
             wkssvc.dll - c:\windows\system32\wkssvc.dll - Microsoft Corporation
             nwwks.dll - c:\windows\system32\nwwks.dll - Microsoft Corporation
             NWPROVAU.dll - c:\windows\system32\NWPROVAU.dll - Microsoft Corporation
             MPR.dll - C:\WINDOWS\system32\MPR.dll - Microsoft Corporation
             NWAPI32.dll - c:\windows\system32\NWAPI32.dll - Microsoft Corporation
             cryptsvc.dll - c:\windows\system32\cryptsvc.dll - Microsoft Corporation
             certcli.dll - c:\windows\system32\certcli.dll - Microsoft Corporation
             dmserver.dll - c:\windows\system32\dmserver.dll - Microsoft Corp.
             ersvc.dll - c:\windows\system32\ersvc.dll - Microsoft Corporation
             es.dll - c:\windows\system32\es.dll - Microsoft Corporation
             pchsvc.dll - c:\windows\pchealth\helpctr\binaries\pchsvc.dll - Microsoft Corporation
             hidserv.dll - c:\windows\system32\hidserv.dll - Microsoft Corporation
             HID.DLL - c:\windows\system32\HID.DLL - Microsoft Corporation
             srvsvc.dll - c:\windows\system32\srvsvc.dll - Microsoft Corporation
             netman.dll - c:\windows\system32\netman.dll - Microsoft Corporation
             netshell.dll - c:\windows\system32\netshell.dll - Microsoft Corporation
             credui.dll - c:\windows\system32\credui.dll - Microsoft Corporation
             dot3dlg.dll - c:\windows\system32\dot3dlg.dll - Microsoft Corporation
             OneX.DLL - c:\windows\system32\OneX.DLL - Microsoft Corporation
             eappcfg.dll - c:\windows\system32\eappcfg.dll - Microsoft Corporation
             eappprxy.dll - c:\windows\system32\eappprxy.dll - Microsoft Corporation
             WZCSAPI.DLL - c:\windows\system32\WZCSAPI.DLL - Microsoft Corporation
             seclogon.dll - c:\windows\system32\seclogon.dll - Microsoft Corporation
             sens.dll - c:\windows\system32\sens.dll - Microsoft Corporation
             srsvc.dll - c:\windows\system32\srsvc.dll - Microsoft Corporation
             POWRPROF.dll - c:\windows\system32\POWRPROF.dll - Microsoft Corporation
             upnp.dll - C:\WINDOWS\system32\upnp.dll - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             SSDPAPI.dll - C:\WINDOWS\system32\SSDPAPI.dll - Microsoft Corporation
             wbemcomn.dll - C:\WINDOWS\system32\wbem\wbemcomn.dll - Microsoft Corporation
             trkwks.dll - c:\windows\system32\trkwks.dll - Microsoft Corporation
             SXS.DLL - C:\WINDOWS\System32\SXS.DLL - Microsoft Corporation
             w32time.dll - c:\windows\system32\w32time.dll - Microsoft Corporation
             wuauserv.dll - c:\windows\system32\wuauserv.dll - Microsoft Corporation
             browser.dll - c:\windows\system32\browser.dll - Microsoft Corporation
             wuaueng.dll - C:\WINDOWS\system32\wuaueng.dll - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\System32\WINSPOOL.DRV - Microsoft Corporation
             Cabinet.dll - C:\WINDOWS\System32\Cabinet.dll - Microsoft Corporation
             mspatcha.dll - C:\WINDOWS\System32\mspatcha.dll - Microsoft Corporation
             wmisvc.dll - c:\windows\system32\wbem\wmisvc.dll - Microsoft Corporation
             VSSAPI.DLL - C:\WINDOWS\system32\VSSAPI.DLL - Microsoft Corporation
             comsvcs.dll - C:\WINDOWS\system32\comsvcs.dll - Microsoft Corporation
             colbact.DLL - C:\WINDOWS\system32\colbact.DLL - Microsoft Corporation
             MTXCLU.DLL - C:\WINDOWS\system32\MTXCLU.DLL - Microsoft Corporation
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             CLUSAPI.DLL - C:\WINDOWS\System32\CLUSAPI.DLL - Microsoft Corporation
             RESUTILS.DLL - C:\WINDOWS\System32\RESUTILS.DLL - Microsoft Corporation
             sfc.dll - C:\WINDOWS\System32\sfc.dll - Microsoft Corporation
             sfc_os.dll - C:\WINDOWS\System32\sfc_os.dll - Microsoft Corporation
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation
             ipnathlp.dll - c:\windows\system32\ipnathlp.dll - Microsoft Corporation
             AUTHZ.dll - c:\windows\system32\AUTHZ.dll - Microsoft Corporation
             wscsvc.dll - c:\windows\system32\wscsvc.dll - Microsoft Corporation
             msi.dll - c:\windows\system32\msi.dll - Microsoft Corporation
             wbemcore.dll - C:\WINDOWS\system32\wbem\wbemcore.dll - Microsoft Corporation
             esscli.dll - C:\WINDOWS\system32\wbem\esscli.dll - Microsoft Corporation
             FastProx.dll - C:\WINDOWS\system32\wbem\FastProx.dll - Microsoft Corporation
             wmiutils.dll - C:\WINDOWS\system32\wbem\wmiutils.dll - Microsoft Corporation
             repdrvfs.dll - C:\WINDOWS\system32\wbem\repdrvfs.dll - Microsoft Corporation
             wmiprvsd.dll - C:\WINDOWS\system32\wbem\wmiprvsd.dll - Microsoft Corporation
             NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             wbemess.dll - C:\WINDOWS\system32\wbem\wbemess.dll - Microsoft Corporation
             wups2.dll - C:\WINDOWS\system32\wups2.dll - Microsoft Corporation
             tapisrv.dll - c:\windows\system32\tapisrv.dll - Microsoft Corporation
             RASDLG.dll - C:\WINDOWS\System32\RASDLG.dll - Microsoft Corporation
             netcfgx.dll - C:\WINDOWS\system32\netcfgx.dll - Microsoft Corporation
             rasmans.dll - c:\windows\system32\rasmans.dll - Microsoft Corporation
             WINIPSEC.DLL - c:\windows\system32\WINIPSEC.DLL - Microsoft Corporation
             rastapi.dll - C:\WINDOWS\System32\rastapi.dll - Microsoft Corporation
             unimdm.tsp - C:\WINDOWS\System32\unimdm.tsp - Microsoft Corporation
             uniplat.dll - C:\WINDOWS\System32\uniplat.dll - Microsoft Corporation
             ncprov.dll - C:\WINDOWS\system32\wbem\ncprov.dll - Microsoft Corporation
             kmddsp.tsp - C:\WINDOWS\System32\kmddsp.tsp - Microsoft Corporation
             ndptsp.tsp - C:\WINDOWS\System32\ndptsp.tsp - Microsoft Corporation
             ipconf.tsp - C:\WINDOWS\System32\ipconf.tsp - Microsoft Corporation
             wbemcons.dll - C:\WINDOWS\system32\wbem\wbemcons.dll - Microsoft Corporation
             h323.tsp - C:\WINDOWS\System32\h323.tsp - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\System32\rasadhlp.dll - Microsoft Corporation
             hidphone.tsp - C:\WINDOWS\System32\hidphone.tsp - Microsoft Corporation
             rasppp.dll - C:\WINDOWS\System32\rasppp.dll - Microsoft Corporation
             ntlsapi.dll - C:\WINDOWS\System32\ntlsapi.dll - Microsoft Corporation
             kerberos.dll - C:\WINDOWS\system32\kerberos.dll - Microsoft Corporation
             RASQEC.DLL - C:\WINDOWS\System32\RASQEC.DLL - Microsoft Corporation
             ipxwan.dll - C:\WINDOWS\System32\ipxwan.dll - Microsoft Corporation
             adptif.dll - C:\WINDOWS\System32\adptif.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[lsass.exe]Modules
             lsass.exe - C:\WINDOWS\system32\lsass.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             LSASRV.dll - C:\WINDOWS\system32\LSASRV.dll - Microsoft Corporation
             MPR.dll - C:\WINDOWS\system32\MPR.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             NTDSAPI.dll - C:\WINDOWS\system32\NTDSAPI.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             SAMSRV.dll - C:\WINDOWS\system32\SAMSRV.dll - Microsoft Corporation
             cryptdll.dll - C:\WINDOWS\system32\cryptdll.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             msprivs.dll - C:\WINDOWS\system32\msprivs.dll - Microsoft Corporation
             kerberos.dll - C:\WINDOWS\system32\kerberos.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             netlogon.dll - C:\WINDOWS\system32\netlogon.dll - Microsoft Corporation
             w32time.dll - C:\WINDOWS\system32\w32time.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             schannel.dll - C:\WINDOWS\system32\schannel.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             wdigest.dll - C:\WINDOWS\system32\wdigest.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             nwprovau.dll - C:\WINDOWS\system32\nwprovau.dll - Microsoft Corporation
             setupapi.dll - C:\WINDOWS\system32\setupapi.dll - Microsoft Corporation
             scecli.dll - C:\WINDOWS\system32\scecli.dll - Microsoft Corporation
             ipsecsvc.dll - C:\WINDOWS\system32\ipsecsvc.dll - Microsoft Corporation
             AUTHZ.dll - C:\WINDOWS\system32\AUTHZ.dll - Microsoft Corporation
             oakley.DLL - C:\WINDOWS\system32\oakley.DLL - Microsoft Corporation
             WINIPSEC.DLL - C:\WINDOWS\system32\WINIPSEC.DLL - Microsoft Corporation
             pstorsvc.dll - C:\WINDOWS\system32\pstorsvc.dll - Microsoft Corporation
             psbase.dll - C:\WINDOWS\system32\psbase.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             dssenh.dll - C:\WINDOWS\system32\dssenh.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[AvastSvc.exe]Modules
             AvastSvc.exe - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - AVAST Software
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             aswCmnBS.dll - C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll - AVAST Software
             aswCmnOS.dll - C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll - AVAST Software
             aswCmnIS.dll - C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll - AVAST Software
             MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             MSVCP90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             ashBase.dll - C:\Program Files\Alwil Software\Avast5\ashBase.dll - AVAST Software
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             aswEngLdr.dll - C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll - AVAST Software
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             dbghelp.dll - C:\Program Files\Alwil Software\Avast5\dbghelp.dll - Microsoft Corporation
             Base.dll - C:\Program Files\Alwil Software\Avast5\1029\Base.dll - AVAST Software
             ashServ.dll - C:\Program Files\Alwil Software\Avast5\ashServ.dll - AVAST Software
             aswAux.dll - C:\Program Files\Alwil Software\Avast5\aswAux.dll - AVAST Software
             ashTask.dll - C:\Program Files\Alwil Software\Avast5\ashTask.dll - AVAST Software
             ashTaskEx.dll - C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll - AVAST Software
             aswLog.dll - C:\Program Files\Alwil Software\Avast5\aswLog.dll - AVAST Software
             aswSqLt.dll - C:\Program Files\Alwil Software\Avast5\aswSqLt.dll - AVAST Software
             aswProperty.dll - C:\Program Files\Alwil Software\Avast5\aswProperty.dll - AVAST Software
             AavmRpch.dll - C:\Program Files\Alwil Software\Avast5\AavmRpch.dll - AVAST Software
             Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             avastIP.dll - C:\Program Files\Alwil Software\Avast5\avastIP.dll - AVAST Software
             IPHLPAPI.DLL - C:\WINDOWS\system32\IPHLPAPI.DLL - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             aswIdle.dll - C:\Program Files\Alwil Software\Avast5\aswIdle.dll - AVAST Software
             aswDld.dll - C:\Program Files\Alwil Software\Avast5\aswDld.dll - AVAST Software
             aswStrm.dll - C:\Program Files\Alwil Software\Avast5\aswStrm.dll - AVAST Software
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             aswEngin.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswEngin.dll - AVAST Software
             aswCmnIS.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswCmnIS.dll - AVAST Software
             aswCmnOS.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswCmnOS.dll - AVAST Software
             aswCmnBS.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswCmnBS.dll - AVAST Software
             aswScan.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswScan.dll - AVAST Software
             aswRep.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswRep.dll - AVAST Software
             aswFiDb.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswFiDb.dll - AVAST Software
             algo.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll - 
             FltLib.dll - C:\WINDOWS\system32\FltLib.dll - Microsoft Corporation
             Wtsapi32.dll - C:\WINDOWS\system32\Wtsapi32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             AhResBhv.dll - C:\Program Files\Alwil Software\Avast5\AhResBhv.dll - AVAST Software
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             AhResJs.dll - C:\Program Files\Alwil Software\Avast5\AhResJs.dll - AVAST Software
             AhResMai.dll - C:\Program Files\Alwil Software\Avast5\AhResMai.dll - AVAST Software
             AhResMes.dll - C:\Program Files\Alwil Software\Avast5\AhResMes.dll - AVAST Software
             AhResNS.dll - C:\Program Files\Alwil Software\Avast5\AhResNS.dll - AVAST Software
             AhResP2P.dll - C:\Program Files\Alwil Software\Avast5\AhResP2P.dll - AVAST Software
             AhResSPM.dll - C:\Program Files\Alwil Software\Avast5\AhResSPM.dll - AVAST Software
             AhResStd.dll - C:\Program Files\Alwil Software\Avast5\AhResStd.dll - AVAST Software
             AhResWS.dll - C:\Program Files\Alwil Software\Avast5\AhResWS.dll - AVAST Software
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             wlanapi.dll - C:\WINDOWS\system32\wlanapi.dll - Microsoft Corporation
             WZCSAPI.DLL - C:\WINDOWS\system32\WZCSAPI.DLL - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             winrnr.dll - C:\WINDOWS\System32\winrnr.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\system32\rasadhlp.dll - Microsoft Corporation
             NETSHELL.dll - C:\WINDOWS\system32\NETSHELL.dll - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             credui.dll - C:\WINDOWS\system32\credui.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             dot3api.dll - C:\WINDOWS\system32\dot3api.dll - Microsoft Corporation
             dot3dlg.dll - C:\WINDOWS\system32\dot3dlg.dll - Microsoft Corporation
             OneX.DLL - C:\WINDOWS\system32\OneX.DLL - Microsoft Corporation
             eappcfg.dll - C:\WINDOWS\system32\eappcfg.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             eappprxy.dll - C:\WINDOWS\system32\eappprxy.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             wintrust.dll - C:\WINDOWS\system32\wintrust.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             schannel.dll - C:\WINDOWS\system32\schannel.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             aswpatchmgt.dll - C:\Program Files\Alwil Software\Avast5\aswpatchmgt.dll - AVAST Software
             swhealthex.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\swhealthex.dll - AVAST Software
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             dssenh.dll - C:\WINDOWS\system32\dssenh.dll - Microsoft Corporation
             mpr.dll - C:\WINDOWS\system32\mpr.dll - Microsoft Corporation
             nwprovau.dll - C:\WINDOWS\System32\nwprovau.dll - Microsoft Corporation
             qmgrprxy.dll - C:\WINDOWS\system32\qmgrprxy.dll - Microsoft Corporation
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[csrss.exe]Modules
             csrss.exe - C:\WINDOWS\system32\csrss.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             basesrv.dll - C:\WINDOWS\system32\basesrv.dll - Microsoft Corporation
             winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             sxs.dll - C:\WINDOWS\system32\sxs.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[afwServ.exe]Modules
             afwServ.exe - C:\Program Files\Alwil Software\Avast5\afwServ.exe - AVAST Software
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             afwCore.dll - C:\Program Files\Alwil Software\Avast5\afwCore.dll - AVAST Software
             Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             AavmRpch.dll - C:\Program Files\Alwil Software\Avast5\AavmRpch.dll - AVAST Software
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             MSVCP90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll - Microsoft Corporation
             ashBase.dll - C:\Program Files\Alwil Software\Avast5\ashBase.dll - AVAST Software
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             aswEngLdr.dll - C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll - AVAST Software
             aswCmnOS.dll - C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll - AVAST Software
             aswCmnIS.dll - C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll - AVAST Software
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             aswCmnBS.dll - C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll - AVAST Software
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             ashTask.dll - C:\Program Files\Alwil Software\Avast5\ashTask.dll - AVAST Software
             aswAux.dll - C:\Program Files\Alwil Software\Avast5\aswAux.dll - AVAST Software
             aswProperty.dll - C:\Program Files\Alwil Software\Avast5\aswProperty.dll - AVAST Software
             avastIP.dll - C:\Program Files\Alwil Software\Avast5\avastIP.dll - AVAST Software
             IPHLPAPI.DLL - C:\WINDOWS\system32\IPHLPAPI.DLL - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             aswLog.dll - C:\Program Files\Alwil Software\Avast5\aswLog.dll - AVAST Software
             aswSqLt.dll - C:\Program Files\Alwil Software\Avast5\aswSqLt.dll - AVAST Software
             afwCoreServ.dll - C:\Program Files\Alwil Software\Avast5\afwCoreServ.dll - AVAST Software
             afwRpc.dll - C:\Program Files\Alwil Software\Avast5\afwRpc.dll - AVAST Software
             afwCoreClient.dll - C:\Program Files\Alwil Software\Avast5\afwCoreClient.dll - AVAST Software
             RASAPI32.dll - C:\WINDOWS\system32\RASAPI32.dll - Microsoft Corporation
             rasman.dll - C:\WINDOWS\system32\rasman.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\system32\TAPI32.dll - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             afwGeoIP.dll - C:\Program Files\Alwil Software\Avast5\afwGeoIP.dll - AVAST Software
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             dbghelp.dll - C:\Program Files\Alwil Software\Avast5\dbghelp.dll - Microsoft Corporation
             Base.dll - C:\Program Files\Alwil Software\Avast5\1029\Base.dll - AVAST Software
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             aswEngin.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswEngin.dll - AVAST Software
             aswCmnIS.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswCmnIS.dll - AVAST Software
             aswCmnOS.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswCmnOS.dll - AVAST Software
             aswCmnBS.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswCmnBS.dll - AVAST Software
             aswScan.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswScan.dll - AVAST Software
             aswRep.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswRep.dll - AVAST Software
             aswFiDb.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswFiDb.dll - AVAST Software
             fwAux.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\fwAux.dll - AVAST Software

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             rpcss.dll - c:\windows\system32\rpcss.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             termsrv.dll - c:\windows\system32\termsrv.dll - Microsoft Corporation
             ICAAPI.dll - c:\windows\system32\ICAAPI.dll - Microsoft Corporation
             SETUPAPI.dll - c:\windows\system32\SETUPAPI.dll - Microsoft Corporation
             WINTRUST.dll - c:\windows\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - c:\windows\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - c:\windows\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             AUTHZ.dll - c:\windows\system32\AUTHZ.dll - Microsoft Corporation
             mstlsapi.dll - c:\windows\system32\mstlsapi.dll - Microsoft Corporation
             ACTIVEDS.dll - c:\windows\system32\ACTIVEDS.dll - Microsoft Corporation
             adsldpc.dll - c:\windows\system32\adsldpc.dll - Microsoft Corporation
             NETAPI32.dll - c:\windows\system32\NETAPI32.dll - Microsoft Corporation
             ATL.DLL - c:\windows\system32\ATL.DLL - Microsoft Corporation
             REGAPI.dll - C:\WINDOWS\system32\REGAPI.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             rdpwsx.dll - C:\WINDOWS\system32\rdpwsx.dll - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             ssdpsrv.dll - c:\windows\system32\ssdpsrv.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[spoolsv.exe]Modules
             spoolsv.exe - C:\WINDOWS\system32\spoolsv.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             SPOOLSS.DLL - C:\WINDOWS\system32\SPOOLSS.DLL - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\system32\rasadhlp.dll - Microsoft Corporation
             localspl.dll - C:\WINDOWS\system32\localspl.dll - Microsoft Corporation
             sfc_os.dll - C:\WINDOWS\system32\sfc_os.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             winspool.drv - C:\WINDOWS\system32\winspool.drv - Microsoft Corporation
             netapi32.dll - C:\WINDOWS\system32\netapi32.dll - Microsoft Corporation
             cnbjmon.dll - C:\WINDOWS\system32\cnbjmon.dll - Microsoft Corporation
             HpTcpMon.dll - C:\WINDOWS\system32\HpTcpMon.dll - Hewlett Packard
             hpzjrd01.dll - C:\WINDOWS\system32\hpzjrd01.dll - Hewlett Packard
             HPTcpMUI.dll - C:\WINDOWS\system32\HPTcpMUI.dll - Microsoft Corporation
             hptcpmib.dll - C:\WINDOWS\system32\hptcpmib.dll - Hewlett Packard
             mgmtapi.dll - C:\WINDOWS\system32\mgmtapi.dll - Microsoft Corporation
             snmpapi.dll - C:\WINDOWS\system32\snmpapi.dll - Microsoft Corporation
             wsnmp32.dll - C:\WINDOWS\system32\wsnmp32.dll - Microsoft Corporation
             hpzll054.dll - C:\WINDOWS\system32\hpzll054.dll - Hewlett-Packard Company
             hpz3l054.dll - C:\WINDOWS\system32\hpz3l054.dll - Hewlett-Packard Company
             pjlmon.dll - C:\WINDOWS\system32\pjlmon.dll - Microsoft Corporation
             msonpmon.dll - C:\WINDOWS\system32\msonpmon.dll - Microsoft Corporation
             MSVCR80.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll - Microsoft Corporation
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation
             tcpmon.dll - C:\WINDOWS\system32\tcpmon.dll - Microsoft Corporation
             usbmon.dll - C:\WINDOWS\system32\usbmon.dll - Microsoft Corporation
             hpzpp054.dll - C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp054.dll - Hewlett-Packard Corporation
             filterpipelineprintproc.dll - C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll - Microsoft Corporation
             msonpppr.dll - C:\WINDOWS\System32\spool\PRTPROCS\W32X86\msonpppr.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\System32\mswsock.dll - Microsoft Corporation
             winrnr.dll - C:\WINDOWS\System32\winrnr.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             nwprovau.dll - C:\WINDOWS\system32\nwprovau.dll - Microsoft Corporation
             MPR.dll - C:\WINDOWS\system32\MPR.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             win32spl.dll - C:\WINDOWS\system32\win32spl.dll - Microsoft Corporation
             NETRAP.dll - C:\WINDOWS\system32\NETRAP.dll - Microsoft Corporation
             NTDSAPI.dll - C:\WINDOWS\system32\NTDSAPI.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             inetpp.dll - C:\WINDOWS\system32\inetpp.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[postak.exe]Modules
             postak.exe - C:\Program Files\Seznam.cz\bin\postak.exe - 
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             email.4.dll - C:\Program Files\Seznam.cz\bin\email.4.dll - 
             COMCTL32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             COMDLG32.dll - C:\WINDOWS\system32\COMDLG32.dll - Microsoft Corporation
             core.4.dll - C:\Program Files\Seznam.cz\bin\core.4.dll - 
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             Wtsapi32.dll - C:\WINDOWS\system32\Wtsapi32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             RASAPI32.dll - C:\WINDOWS\system32\RASAPI32.dll - Microsoft Corporation
             rasman.dll - C:\WINDOWS\system32\rasman.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\system32\TAPI32.dll - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             cryptdll.dll - C:\WINDOWS\system32\cryptdll.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             sensapi.dll - C:\WINDOWS\system32\sensapi.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\System32\mswsock.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\system32\rasadhlp.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[PCHunter32.exe]Modules
             PCHunter32.exe - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32.exe - ????(??)????????
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             MSIMG32.dll - C:\WINDOWS\system32\MSIMG32.dll - Microsoft Corporation
             COMDLG32.dll - C:\WINDOWS\system32\COMDLG32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             oledlg.dll - C:\WINDOWS\system32\oledlg.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             gdiplus.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             IPHLPAPI.DLL - C:\WINDOWS\system32\IPHLPAPI.DLL - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             OLEACC.dll - C:\WINDOWS\system32\OLEACC.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             IMM32.dll - C:\WINDOWS\system32\IMM32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             Psapi.dll - C:\WINDOWS\system32\Psapi.dll - Microsoft Corporation
             RICHED32.DLL - C:\WINDOWS\system32\RICHED32.DLL - Microsoft Corporation
             RICHED20.dll - C:\WINDOWS\system32\RICHED20.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             appHelp.dll - C:\WINDOWS\system32\appHelp.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             ashShell.dll - C:\Program Files\Alwil Software\Avast5\ashShell.dll - AVAST Software
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             RASAPI32.dll - C:\WINDOWS\system32\RASAPI32.dll - Microsoft Corporation
             rasman.dll - C:\WINDOWS\system32\rasman.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\system32\TAPI32.dll - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             sensapi.dll - C:\WINDOWS\system32\sensapi.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\System32\mswsock.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\system32\rasadhlp.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             webclnt.dll - c:\windows\system32\webclnt.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             rpcss.dll - c:\windows\system32\rpcss.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             wshisn.dll - C:\WINDOWS\System32\wshisn.dll - Microsoft Corporation
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             winrnr.dll - C:\WINDOWS\System32\winrnr.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             rasadhlp.dll - C:\WINDOWS\system32\rasadhlp.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[GrooveMonitor.exe]Modules
             GrooveMonitor.exe - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             GrooveUtil.DLL - C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             MSVCR80.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll - Microsoft Corporation
             GrooveNew.DLL - C:\Program Files\Microsoft Office\Office12\GrooveNew.DLL - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             ATL80.DLL - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             GrooveShellExtensions.dll - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - Microsoft Corporation
             MSImg32.dll - C:\WINDOWS\system32\MSImg32.dll - Microsoft Corporation
             GrooveSystemServices.dll - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[GamerOSD.exe]Modules
             GamerOSD.exe - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe - ASUSTeK Computer Inc.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             MFC42.DLL - C:\WINDOWS\system32\MFC42.DLL - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             MFC42LOC.DLL - C:\WINDOWS\system32\MFC42LOC.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             devenum.dll - C:\WINDOWS\system32\devenum.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             msdmo.dll - C:\WINDOWS\system32\msdmo.dll - 
             wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             msacm32.drv - C:\WINDOWS\system32\msacm32.drv - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             midimap.dll - C:\WINDOWS\system32\midimap.dll - Microsoft Corporation
             qcap.dll - C:\WINDOWS\system32\qcap.dll - Microsoft Corporation
             MSVFW32.dll - C:\WINDOWS\system32\MSVFW32.dll - Microsoft Corporation
             ImageTransform.dll - C:\Program Files\ASUS\GamerOSD\ImageTransform.dll - 
             quartz.dll - C:\WINDOWS\system32\quartz.dll - Microsoft Corporation
             ksproxy.ax - C:\WINDOWS\system32\ksproxy.ax - Microsoft Corporation
             ksuser.dll - C:\WINDOWS\system32\ksuser.dll - Microsoft Corporation
             imaadp32.acm - C:\WINDOWS\system32\imaadp32.acm - Microsoft Corporation
             msadp32.acm - C:\WINDOWS\system32\msadp32.acm - Microsoft Corporation
             msg711.acm - C:\WINDOWS\system32\msg711.acm - Microsoft Corporation
             msgsm32.acm - C:\WINDOWS\system32\msgsm32.acm - Microsoft Corporation
             tssoft32.acm - C:\WINDOWS\system32\tssoft32.acm - DSP GROUP, INC.
             tsd32.dll - C:\WINDOWS\system32\tsd32.dll - 
             msg723.acm - C:\WINDOWS\system32\msg723.acm - Microsoft Corporation
             msaud32.acm - C:\WINDOWS\system32\msaud32.acm - Microsoft Corporation
             sl_anet.acm - C:\WINDOWS\system32\sl_anet.acm - Sipro Lab Telecom Inc.
             iac25_32.ax - C:\WINDOWS\system32\iac25_32.ax - Intel Corporation
             l3codeca.acm - C:\WINDOWS\system32\l3codeca.acm - Fraunhofer Institut Integrierte Schaltungen IIS
             dsound.dll - C:\WINDOWS\system32\dsound.dll - Microsoft Corporation
             DDRAW.dll - C:\WINDOWS\system32\DDRAW.dll - Microsoft Corporation
             DCIMAN32.dll - C:\WINDOWS\system32\DCIMAN32.dll - Microsoft Corporation
             D3DIM700.DLL - C:\WINDOWS\system32\D3DIM700.DLL - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[rundll32.exe]Modules
             RUNDLL32.EXE - C:\WINDOWS\system32\RUNDLL32.EXE - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             NvMcTray.dll - C:\WINDOWS\system32\NvMcTray.dll - NVIDIA Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             nvapi.dll - C:\WINDOWS\system32\nvapi.dll - NVIDIA Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             NvUpdt.dll - C:\Program Files\NVIDIA Corporation\NvUpdate\NvUpdt.dll - NVIDIA Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             MSIMG32.dll - C:\WINDOWS\system32\MSIMG32.dll - Microsoft Corporation
             COMDLG32.dll - C:\WINDOWS\system32\COMDLG32.dll - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             OLEACC.dll - C:\WINDOWS\system32\OLEACC.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             gdiplus.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll - Microsoft Corporation
             NVUPDTR.DLL - C:\Program Files\NVIDIA Corporation\NvUpdate\NVUPDTR.DLL - NVIDIA Corporation
             NVRSCS.DLL - C:\WINDOWS\system32\NVRSCS.DLL - NVIDIA Corporation

------------------------------------------------------------------------------------------

      Image File Name[AvastUI.exe]Modules
             avastUI.exe - C:\Program Files\Alwil Software\Avast5\avastUI.exe - AVAST Software
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             aswUtil.dll - C:\Program Files\Alwil Software\Avast5\aswUtil.dll - AVAST Software
             ashBase.dll - C:\Program Files\Alwil Software\Avast5\ashBase.dll - AVAST Software
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             aswEngLdr.dll - C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll - AVAST Software
             aswCmnOS.dll - C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll - AVAST Software
             aswCmnIS.dll - C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll - AVAST Software
             MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             MSVCP90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll - Microsoft Corporation
             aswCmnBS.dll - C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll - AVAST Software
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             ashTask.dll - C:\Program Files\Alwil Software\Avast5\ashTask.dll - AVAST Software
             aswAux.dll - C:\Program Files\Alwil Software\Avast5\aswAux.dll - AVAST Software
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             avastIP.dll - C:\Program Files\Alwil Software\Avast5\avastIP.dll - AVAST Software
             IPHLPAPI.DLL - C:\WINDOWS\system32\IPHLPAPI.DLL - Microsoft Corporation
             aswProperty.dll - C:\Program Files\Alwil Software\Avast5\aswProperty.dll - AVAST Software
             AavmRpch.dll - C:\Program Files\Alwil Software\Avast5\AavmRpch.dll - AVAST Software
             aswLog.dll - C:\Program Files\Alwil Software\Avast5\aswLog.dll - AVAST Software
             aswSqLt.dll - C:\Program Files\Alwil Software\Avast5\aswSqLt.dll - AVAST Software
             CRYPTUI.dll - C:\WINDOWS\system32\CRYPTUI.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             mfc90u.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             MSIMG32.dll - C:\WINDOWS\system32\MSIMG32.dll - Microsoft Corporation
             COMDLG32.dll - C:\WINDOWS\system32\COMDLG32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             OLEACC.dll - C:\WINDOWS\system32\OLEACC.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             dbghelp.dll - C:\Program Files\Alwil Software\Avast5\dbghelp.dll - Microsoft Corporation
             Base.dll - C:\Program Files\Alwil Software\Avast5\1029\Base.dll - AVAST Software
             afwGeoIP.dll - C:\Program Files\Alwil Software\Avast5\afwGeoIP.dll - AVAST Software
             aswAra.dll - C:\Program Files\Alwil Software\Avast5\aswAra.dll - AVAST Software
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             SSLEAY32.dll - C:\Program Files\Alwil Software\Avast5\SSLEAY32.dll - The OpenSSL Project, http://www.openssl.org/
             LIBEAY32.dll - C:\Program Files\Alwil Software\Avast5\LIBEAY32.dll - The OpenSSL Project, http://www.openssl.org/
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             aswData.dll - C:\Program Files\Alwil Software\Avast5\aswData.dll - AVAST Software
             ashTaskEx.dll - C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll - AVAST Software
             Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             afwCore.dll - C:\Program Files\Alwil Software\Avast5\afwCore.dll - AVAST Software
             afwCoreClient.dll - C:\Program Files\Alwil Software\Avast5\afwCoreClient.dll - AVAST Software
             afwRpc.dll - C:\Program Files\Alwil Software\Avast5\afwRpc.dll - AVAST Software
             UILangRes.dll - C:\Program Files\Alwil Software\Avast5\1029\UILangRes.dll - AVAST Software
             CommonRes.dll - C:\Program Files\Alwil Software\Avast5\CommonRes.dll - AVAST Software
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             DSOUND.dll - C:\WINDOWS\system32\DSOUND.dll - Microsoft Corporation
             ieframe.dll - C:\WINDOWS\system32\ieframe.dll - Microsoft Corporation
             SXS.DLL - C:\WINDOWS\system32\SXS.DLL - Microsoft Corporation
             uiExt.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\uiExt.dll - AVAST Software
             Activeds.dll - C:\WINDOWS\system32\Activeds.dll - Microsoft Corporation
             adsldpc.dll - C:\WINDOWS\system32\adsldpc.dll - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             adsldp.dll - C:\WINDOWS\system32\adsldp.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[services.exe]Modules
             services.exe - C:\WINDOWS\system32\services.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             SCESRV.dll - C:\WINDOWS\system32\SCESRV.dll - Microsoft Corporation
             AUTHZ.dll - C:\WINDOWS\system32\AUTHZ.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             umpnpmgr.dll - C:\WINDOWS\system32\umpnpmgr.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcAdProc.dll - C:\WINDOWS\AppPatch\AcAdProc.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             eventlog.dll - C:\WINDOWS\system32\eventlog.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             wtsapi32.dll - C:\WINDOWS\system32\wtsapi32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[ctfmon.exe]Modules
             ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             MSUTB.dll - C:\WINDOWS\system32\MSUTB.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[ONENOTEM.EXE]Modules
             ONENOTEM.EXE - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             MSVCR80.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ONINTL.DLL - C:\Program Files\Microsoft Office\Office12\1029\ONINTL.DLL - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[smss.exe]Modules
             smss.exe - C:\WINDOWS\System32\smss.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             dnsrslvr.dll - c:\windows\system32\dnsrslvr.dll - Microsoft Corporation
             DNSAPI.dll - c:\windows\system32\DNSAPI.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation
             iphlpapi.dll - c:\windows\system32\iphlpapi.dll - Microsoft Corporation
             rsaenh.dll - C:\WINDOWS\system32\rsaenh.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[chrome.exe]Modules
             chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             snxhk.dll - C:\Program Files\Alwil Software\Avast5\snxhk.dll - AVAST Software
             KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             USP10.dll - C:\WINDOWS\system32\USP10.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             OLEACC.dll - C:\WINDOWS\system32\OLEACC.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             aswJsFlt.dll - C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll - AVAST Software
             dbghelp.dll - C:\WINDOWS\system32\dbghelp.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             icudt.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\icudt.dll - The ICU Project
             ffmpegsumo.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll - 
             pepflashplayer.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll - 
             gdiplus.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             wudfsvc.dll - c:\windows\system32\wudfsvc.dll - Microsoft Corporation
             SETUPAPI.dll - c:\windows\system32\SETUPAPI.dll - Microsoft Corporation
             WUDFPlatform.dll - c:\windows\system32\WUDFPlatform.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             wiaservc.dll - c:\windows\system32\wiaservc.dll - Microsoft Corporation
             CFGMGR32.dll - c:\windows\system32\CFGMGR32.dll - Microsoft Corporation
             setupapi.DLL - c:\windows\system32\setupapi.DLL - Microsoft Corporation
             mscms.dll - c:\windows\system32\mscms.dll - Microsoft Corporation
             WINSPOOL.DRV - c:\windows\system32\WINSPOOL.DRV - Microsoft Corporation
             WINSTA.dll - c:\windows\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - c:\windows\system32\NETAPI32.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             actxprxy.dll - C:\WINDOWS\system32\actxprxy.dll - Microsoft Corporation
             sti.dll - C:\WINDOWS\system32\sti.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[arservice.exe]Modules
             arservice.exe - C:\WINDOWS\arservice.exe - Microsoft
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             POWRPROF.dll - C:\WINDOWS\system32\POWRPROF.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             msacm32.drv - C:\WINDOWS\system32\msacm32.drv - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             midimap.dll - C:\WINDOWS\system32\midimap.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[ATKKBService.exe]Modules
             ATKKBService.exe - C:\WINDOWS\ATKKBService.exe - ASUSTeK COMPUTER INC.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             nvapi.dll - C:\WINDOWS\system32\nvapi.dll - NVIDIA Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[ehRecvr.exe]Modules
             ehRecvr.exe - C:\WINDOWS\eHome\ehRecvr.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             faultrep.DLL - C:\WINDOWS\system32\faultrep.DLL - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             ehTrace.dll - C:\WINDOWS\eHome\ehTrace.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             sbe.dll - C:\WINDOWS\system32\sbe.dll - 
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             msvidctl.dll - C:\WINDOWS\system32\msvidctl.dll - Microsoft Corporation
             quartz.dll - C:\WINDOWS\system32\quartz.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             devenum.dll - C:\WINDOWS\system32\devenum.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             msdmo.dll - C:\WINDOWS\system32\msdmo.dll - 

------------------------------------------------------------------------------------------

      Image File Name[ehSched.exe]Modules
             ehSched.exe - C:\WINDOWS\eHome\ehSched.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             ehProxy.dll - C:\WINDOWS\eHome\ehProxy.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Modules
             svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             qmgr.dll - c:\windows\system32\qmgr.dll - Microsoft Corporation
             CRYPT32.dll - c:\windows\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - c:\windows\system32\MSASN1.dll - Microsoft Corporation
             iphlpapi.dll - c:\windows\system32\iphlpapi.dll - Microsoft Corporation
             WS2_32.dll - c:\windows\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - c:\windows\system32\WS2HELP.dll - Microsoft Corporation
             MPR.dll - C:\WINDOWS\system32\MPR.dll - Microsoft Corporation
             SHFOLDER.dll - c:\windows\system32\SHFOLDER.dll - Microsoft Corporation
             WTSAPI32.dll - c:\windows\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - c:\windows\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - c:\windows\system32\NETAPI32.dll - Microsoft Corporation
             WINHTTP.dll - c:\windows\system32\WINHTTP.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             cryptdll.dll - C:\WINDOWS\system32\cryptdll.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             qmgrprxy.dll - C:\WINDOWS\system32\qmgrprxy.dll - Microsoft Corporation
             netman.dll - C:\WINDOWS\system32\netman.dll - Microsoft Corporation
             MPRAPI.dll - C:\WINDOWS\system32\MPRAPI.dll - Microsoft Corporation
             ACTIVEDS.dll - C:\WINDOWS\system32\ACTIVEDS.dll - Microsoft Corporation
             adsldpc.dll - C:\WINDOWS\system32\adsldpc.dll - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             netshell.dll - C:\WINDOWS\system32\netshell.dll - Microsoft Corporation
             credui.dll - C:\WINDOWS\system32\credui.dll - Microsoft Corporation
             dot3api.dll - C:\WINDOWS\system32\dot3api.dll - Microsoft Corporation
             dot3dlg.dll - C:\WINDOWS\system32\dot3dlg.dll - Microsoft Corporation
             OneX.DLL - C:\WINDOWS\system32\OneX.DLL - Microsoft Corporation
             eappcfg.dll - C:\WINDOWS\system32\eappcfg.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             eappprxy.dll - C:\WINDOWS\system32\eappprxy.dll - Microsoft Corporation
             RASAPI32.dll - C:\WINDOWS\system32\RASAPI32.dll - Microsoft Corporation
             rasman.dll - C:\WINDOWS\system32\rasman.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\system32\TAPI32.dll - Microsoft Corporation
             WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             Normaliz.dll - C:\WINDOWS\system32\Normaliz.dll - Microsoft Corporation
             urlmon.dll - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation
             iertutil.dll - C:\WINDOWS\system32\iertutil.dll - Microsoft Corporation
             WZCSAPI.DLL - C:\WINDOWS\system32\WZCSAPI.DLL - Microsoft Corporation
             WZCSvc.DLL - C:\WINDOWS\system32\WZCSvc.DLL - Microsoft Corporation
             WMI.dll - C:\WINDOWS\system32\WMI.dll - Microsoft Corporation
             DHCPCSVC.DLL - C:\WINDOWS\system32\DHCPCSVC.DLL - Microsoft Corporation
             DNSAPI.dll - C:\WINDOWS\system32\DNSAPI.dll - Microsoft Corporation
             EapolQec.dll - C:\WINDOWS\system32\EapolQec.dll - Microsoft Corporation
             QUtil.dll - C:\WINDOWS\system32\QUtil.dll - Microsoft Corporation
             ESENT.dll - C:\WINDOWS\system32\ESENT.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[jqs.exe]Modules
             jqs.exe - C:\Program Files\Java\jre6\bin\jqs.exe - Sun Microsystems, Inc.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             MSVCR71.dll - C:\Program Files\Java\jre6\bin\MSVCR71.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             psapi.dll - C:\WINDOWS\system32\psapi.dll - Microsoft Corporation
             pdh.dll - C:\WINDOWS\system32\pdh.dll - Microsoft Corporation
             comdlg32.dll - C:\WINDOWS\system32\comdlg32.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             ODBC32.dll - C:\WINDOWS\system32\ODBC32.dll - Microsoft Corporation
             odbcbcp.dll - C:\WINDOWS\system32\odbcbcp.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             odbcint.dll - C:\WINDOWS\system32\odbcint.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation
             netfxperf.dll - C:\WINDOWS\system32\netfxperf.dll - Microsoft Corporation
             mscoree.dll - C:\WINDOWS\system32\mscoree.dll - Microsoft Corporation
             perfcounter.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\perfcounter.dll - Microsoft Corporation
             MSVCR80.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll - Microsoft Corporation
             mscorwks.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - Microsoft Corporation
             CorperfmonExt.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CorperfmonExt.dll - Microsoft Corporation
             aspnet_perf.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll - Microsoft Corporation
             aspnet_isapi.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             query.dll - C:\WINDOWS\System32\query.dll - Microsoft Corporation
             msdtcuiu.DLL - C:\WINDOWS\system32\msdtcuiu.DLL - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             MFC42u.DLL - C:\WINDOWS\system32\MFC42u.DLL - Microsoft Corporation
             MPR.dll - C:\WINDOWS\system32\MPR.dll - Microsoft Corporation
             MSDTCPRX.dll - C:\WINDOWS\system32\MSDTCPRX.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             MTXCLU.DLL - C:\WINDOWS\system32\MTXCLU.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             MFC42LOC.DLL - C:\WINDOWS\system32\MFC42LOC.DLL - Microsoft Corporation
             CLUSAPI.DLL - C:\WINDOWS\system32\CLUSAPI.DLL - Microsoft Corporation
             RESUTILS.DLL - C:\WINDOWS\system32\RESUTILS.DLL - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             perfctrs.dll - C:\WINDOWS\system32\perfctrs.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             perfnw.dll - C:\WINDOWS\system32\perfnw.dll - Microsoft Corporation
             OLMAPI32.DLL - C:\PROGRA~1\MICROS~2\Office12\OLMAPI32.DLL - Microsoft Corporation
             mso.dll - C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll - Microsoft Corporation
             msi.dll - C:\WINDOWS\system32\msi.dll - Microsoft Corporation
             perfdisk.dll - C:\WINDOWS\system32\perfdisk.dll - Microsoft Corporation
             perfnet.dll - C:\WINDOWS\system32\perfnet.dll - Microsoft Corporation
             perfos.dll - C:\WINDOWS\system32\perfos.dll - Microsoft Corporation
             pschdprf.dll - C:\WINDOWS\system32\pschdprf.dll - Microsoft Corporation
             TRAFFIC.dll - C:\WINDOWS\system32\TRAFFIC.dll - Microsoft Corporation
             WMI.dll - C:\WINDOWS\system32\WMI.dll - Microsoft Corporation
             rasman.dll - C:\WINDOWS\system32\rasman.dll - Microsoft Corporation
             rsvpperf.dll - C:\WINDOWS\System32\rsvpperf.dll - Microsoft Corporation
             winspool.drv - C:\WINDOWS\system32\winspool.drv - Microsoft Corporation
             tapiperf.dll - C:\WINDOWS\system32\tapiperf.dll - Microsoft Corporation
             MPRAPI.dll - C:\WINDOWS\system32\MPRAPI.dll - Microsoft Corporation
             ACTIVEDS.dll - C:\WINDOWS\system32\ACTIVEDS.dll - Microsoft Corporation
             adsldpc.dll - C:\WINDOWS\system32\adsldpc.dll - Microsoft Corporation
             rtutils.dll - C:\WINDOWS\system32\rtutils.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             perfts.dll - C:\WINDOWS\system32\perfts.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             UTILDLL.dll - C:\WINDOWS\system32\UTILDLL.dll - Microsoft Corporation
             TAPI32.dll - C:\WINDOWS\system32\TAPI32.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             wmiaprpl.dll - C:\WINDOWS\system32\wbem\wmiaprpl.dll - Microsoft Corporation
             loadperf.dll - C:\WINDOWS\system32\loadperf.dll - Microsoft Corporation
             wbemcomn.dll - C:\WINDOWS\system32\wbem\wbemcomn.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[nvsvc32.exe]Modules
             nvsvc32.exe - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             POWRPROF.dll - C:\WINDOWS\system32\POWRPROF.dll - Microsoft Corporation
             SETUPAPI.dll - C:\WINDOWS\system32\SETUPAPI.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             nvapi.dll - C:\WINDOWS\system32\nvapi.dll - NVIDIA Corporation
             msv1_0.dll - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation
             cryptdll.dll - C:\WINDOWS\system32\cryptdll.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             Apphelp.dll - C:\WINDOWS\system32\Apphelp.dll - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[alg.exe]Modules
             alg.exe - C:\WINDOWS\System32\alg.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\System32\ATL.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             WSOCK32.dll - C:\WINDOWS\System32\WSOCK32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\System32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\System32\WS2HELP.dll - Microsoft Corporation
             MSWSOCK.DLL - C:\WINDOWS\System32\MSWSOCK.DLL - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\System32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\System32\WINMM.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\System32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\System32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\system32\comctl32.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\System32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\System32\COMRes.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\System32\xpsp2res.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[HPZipm12.exe]Modules
             HPZipm12.exe - C:\WINDOWS\system32\HPZipm12.exe - HP
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             WSOCK32.dll - C:\WINDOWS\system32\WSOCK32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             NTMARTA.DLL - C:\WINDOWS\system32\NTMARTA.DLL - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             SAMLIB.dll - C:\WINDOWS\system32\SAMLIB.dll - Microsoft Corporation
             WLDAP32.dll - C:\WINDOWS\system32\WLDAP32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[PSIService.exe]Modules
             PSIService.exe - C:\WINDOWS\system32\PSIService.exe - 
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             PSIKey.dll - C:\WINDOWS\system32\PSIKey.dll - Protexis Inc.
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             imagehlp.dll - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             COMCTL32.dll - C:\WINDOWS\system32\COMCTL32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             OLEACC.dll - C:\WINDOWS\system32\OLEACC.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             comdlg32.dll - C:\WINDOWS\system32\comdlg32.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[chrome.exe]Modules
             chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             snxhk.dll - C:\Program Files\Alwil Software\Avast5\snxhk.dll - AVAST Software
             KERNEL32.dll - C:\WINDOWS\system32\KERNEL32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             USP10.dll - C:\WINDOWS\system32\USP10.dll - Microsoft Corporation
             PSAPI.DLL - C:\WINDOWS\system32\PSAPI.DLL - Microsoft Corporation
             OLEACC.dll - C:\WINDOWS\system32\OLEACC.dll - Microsoft Corporation
             MSVCP60.dll - C:\WINDOWS\system32\MSVCP60.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             aswJsFlt.dll - C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll - AVAST Software
             dbghelp.dll - C:\WINDOWS\system32\dbghelp.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             icudt.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\icudt.dll - The ICU Project
             pdf.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll - 
             ppGoogleNaClPluginChrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll - 
             LPK.DLL - C:\WINDOWS\system32\LPK.DLL - Microsoft Corporation
             ffmpegsumo.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll - 

------------------------------------------------------------------------------------------

      Image File Name[mcrdsvc.exe]Modules
             mcrdsvc.exe - C:\WINDOWS\ehome\mcrdsvc.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ATL.DLL - C:\WINDOWS\system32\ATL.DLL - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             SSDPAPI.dll - C:\WINDOWS\system32\SSDPAPI.dll - Microsoft Corporation
             iphlpapi.dll - C:\WINDOWS\system32\iphlpapi.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             ehTrace.dll - C:\WINDOWS\eHome\ehTrace.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             wshtcpip.dll - C:\WINDOWS\System32\wshtcpip.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[wuauclt.exe]Modules
             wuauclt.exe - C:\WINDOWS\system32\wuauclt.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             OLEAUT32.dll - C:\WINDOWS\system32\OLEAUT32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             ShimEng.dll - C:\WINDOWS\system32\ShimEng.dll - Microsoft Corporation
             AcGenral.DLL - C:\WINDOWS\AppPatch\AcGenral.DLL - Microsoft Corporation
             WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             MSACM32.dll - C:\WINDOWS\system32\MSACM32.dll - Microsoft Corporation
             VERSION.dll - C:\WINDOWS\system32\VERSION.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             UxTheme.dll - C:\WINDOWS\system32\UxTheme.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             wuaueng.dll - C:\WINDOWS\system32\wuaueng.dll - Microsoft Corporation
             WS2_32.dll - C:\WINDOWS\system32\WS2_32.dll - Microsoft Corporation
             WS2HELP.dll - C:\WINDOWS\system32\WS2HELP.dll - Microsoft Corporation
             ESENT.dll - C:\WINDOWS\system32\ESENT.dll - Microsoft Corporation
             WTSAPI32.dll - C:\WINDOWS\system32\WTSAPI32.dll - Microsoft Corporation
             WINSTA.dll - C:\WINDOWS\system32\WINSTA.dll - Microsoft Corporation
             NETAPI32.dll - C:\WINDOWS\system32\NETAPI32.dll - Microsoft Corporation
             WINSPOOL.DRV - C:\WINDOWS\system32\WINSPOOL.DRV - Microsoft Corporation
             IPHLPAPI.DLL - C:\WINDOWS\system32\IPHLPAPI.DLL - Microsoft Corporation
             WINHTTP.dll - C:\WINDOWS\system32\WINHTTP.dll - Microsoft Corporation
             WINTRUST.dll - C:\WINDOWS\system32\WINTRUST.dll - Microsoft Corporation
             CRYPT32.dll - C:\WINDOWS\system32\CRYPT32.dll - Microsoft Corporation
             MSASN1.dll - C:\WINDOWS\system32\MSASN1.dll - Microsoft Corporation
             IMAGEHLP.dll - C:\WINDOWS\system32\IMAGEHLP.dll - Microsoft Corporation
             Cabinet.dll - C:\WINDOWS\system32\Cabinet.dll - Microsoft Corporation
             mspatcha.dll - C:\WINDOWS\system32\mspatcha.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             CLBCATQ.DLL - C:\WINDOWS\system32\CLBCATQ.DLL - Microsoft Corporation
             COMRes.dll - C:\WINDOWS\system32\COMRes.dll - Microsoft Corporation
             wups2.dll - C:\WINDOWS\system32\wups2.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[wscntfy.exe]Modules
             wscntfy.exe - C:\WINDOWS\system32\wscntfy.exe - Microsoft Corporation
             ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             USER32.dll - C:\WINDOWS\system32\USER32.dll - Microsoft Corporation
             GDI32.dll - C:\WINDOWS\system32\GDI32.dll - Microsoft Corporation
             SHELL32.dll - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation
             ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             Secur32.dll - C:\WINDOWS\system32\Secur32.dll - Microsoft Corporation
             SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             IMM32.DLL - C:\WINDOWS\system32\IMM32.DLL - Microsoft Corporation
             comctl32.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Microsoft Corporation
             xpsp2res.dll - C:\WINDOWS\system32\xpsp2res.dll - Microsoft Corporation
             uxtheme.dll - C:\WINDOWS\system32\uxtheme.dll - Microsoft Corporation
             MSCTF.dll - C:\WINDOWS\system32\MSCTF.dll - Microsoft Corporation
             msctfime.ime - C:\WINDOWS\system32\msctfime.ime - Microsoft Corporation
             ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[Idle]Modules

==========================================================================================

Process Threads

      Image File Name[System]Threads
             8 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             12 - Terminate - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             16 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             20 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             24 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             28 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             32 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             36 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             40 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             44 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             48 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             52 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             56 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             60 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             64 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             68 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             72 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             76 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             80 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             84 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             88 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             92 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             96 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             100 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             104 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             108 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             112 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             116 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             120 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             124 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             128 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             132 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             136 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             140 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             144 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             148 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             152 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             156 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             160 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             164 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             168 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             172 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             176 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             180 - Wait - ACPI.sys - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
             184 - Wait - dmio.sys - C:\WINDOWS\system32\drivers\dmio.sys - Microsoft Corp., Veritas Software
             188 - Wait - NDIS.sys - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
             192 - Wait - aswNdis2.sys - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
             208 - Wait - aswKbd.SYS - C:\WINDOWS\System32\Drivers\aswKbd.SYS - AVAST Software
             212 - Wait - redbook.sys - C:\WINDOWS\system32\DRIVERS\redbook.sys - Microsoft Corporation
             216 - Wait - redbook.sys - C:\WINDOWS\system32\DRIVERS\redbook.sys - Microsoft Corporation
             232 - Wait - rdpdr.sys - C:\WINDOWS\system32\DRIVERS\rdpdr.sys - Microsoft Corporation
             236 - Wait - rdpdr.sys - C:\WINDOWS\system32\DRIVERS\rdpdr.sys - Microsoft Corporation
             240 - Wait - rdpdr.sys - C:\WINDOWS\system32\DRIVERS\rdpdr.sys - Microsoft Corporation
             244 - Wait - rdpdr.sys - C:\WINDOWS\system32\DRIVERS\rdpdr.sys - Microsoft Corporation
             248 - Wait - arpolicy.sys - C:\WINDOWS\system32\DRIVERS\arpolicy.sys - Microsoft Corporation
             436 - Wait - raspptp.sys - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
             440 - Wait - raspptp.sys - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
             444 - Wait - raspptp.sys - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
             532 - Wait - nv4_mini.sys - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - NVIDIA Corporation
             536 - Wait - nvhda32.sys - C:\WINDOWS\system32\drivers\nvhda32.sys - NVIDIA Corporation
             540 - Wait - nvhda32.sys - C:\WINDOWS\system32\drivers\nvhda32.sys - NVIDIA Corporation
             544 - Wait - nvhda32.sys - C:\WINDOWS\system32\drivers\nvhda32.sys - NVIDIA Corporation
             548 - Wait - nvhda32.sys - C:\WINDOWS\system32\drivers\nvhda32.sys - NVIDIA Corporation
             552 - Wait - USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
             556 - Wait - sthda.sys - C:\WINDOWS\system32\drivers\sthda.sys - IDT, Inc.
             592 - Wait - USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
             708 - Wait - USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
             712 - Wait - USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
             716 - Wait - USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
             720 - Wait - parport.sys - C:\WINDOWS\system32\DRIVERS\parport.sys - Microsoft Corporation
             728 - Wait - rasacd.sys - C:\WINDOWS\system32\DRIVERS\rasacd.sys - Microsoft Corporation
             796 - Wait - nwrdr.sys - C:\WINDOWS\system32\DRIVERS\nwrdr.sys - Microsoft Corporation
             808 - Wait - mrxdav.sys - C:\WINDOWS\system32\DRIVERS\mrxdav.sys - Microsoft Corporation
             812 - Wait - mrxdav.sys - C:\WINDOWS\system32\DRIVERS\mrxdav.sys - Microsoft Corporation
             816 - Wait - mrxdav.sys - C:\WINDOWS\system32\DRIVERS\mrxdav.sys - Microsoft Corporation
             820 - Wait - mrxdav.sys - C:\WINDOWS\system32\DRIVERS\mrxdav.sys - Microsoft Corporation
             860 - Wait - aswTdi.SYS - C:\WINDOWS\System32\Drivers\aswTdi.SYS - AVAST Software
             1036 - Wait - rdbss.sys - C:\WINDOWS\system32\DRIVERS\rdbss.sys - Microsoft Corporation
             1044 - Wait - rdbss.sys - C:\WINDOWS\system32\DRIVERS\rdbss.sys - Microsoft Corporation
             1048 - Wait - rdbss.sys - C:\WINDOWS\system32\DRIVERS\rdbss.sys - Microsoft Corporation
             1060 - Terminate - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             1064 - Wait - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             1068 - Wait - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             1072 - Wait - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             1076 - Wait - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             1080 - Wait - aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
             1084 - Wait - aswSnx.SYS - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
             1088 - Wait - aswSnx.SYS - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
             1092 - Wait - aswSnx.SYS - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
             1096 - Wait - aswSnx.SYS - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
             1100 - Wait - aswSnx.SYS - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
             1104 - Wait - ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
             1488 - Wait - aswMonFlt.sys - C:\WINDOWS\system32\drivers\aswMonFlt.sys - AVAST Software
             1492 - Terminate - aswMonFlt.sys - C:\WINDOWS\system32\drivers\aswMonFlt.sys - AVAST Software
             1496 - Terminate - aswMonFlt.sys - C:\WINDOWS\system32\drivers\aswMonFlt.sys - AVAST Software
             1968 - Wait - rdbss.sys - C:\WINDOWS\system32\DRIVERS\rdbss.sys - Microsoft Corporation
             2348 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2352 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2356 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2360 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2364 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2368 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2372 - Wait - HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
             2652 - Wait - srv.sys - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
             2660 - Wait - srv.sys - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
             2672 - Wait - srv.sys - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[explorer.exe]Threads
             196 - Wait - SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             228 - Wait - Explorer.EXE - C:\WINDOWS\Explorer.EXE - Microsoft Corporation
             320 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             448 - Wait - SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             460 - Wait - SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             476 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             484 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1316 - Wait - stobject.dll - C:\WINDOWS\system32\stobject.dll - Microsoft Corporation
             1384 - Wait - SHLWAPI.dll - C:\WINDOWS\system32\SHLWAPI.dll - Microsoft Corporation
             1528 - Wait - wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             1996 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2828 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             4088 - Wait - WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[chrome.exe]Threads
             200 - Wait - chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             452 - Wait - chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             1120 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             1292 - Wait - chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             1536 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1740 - Wait - ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             1976 - Wait - chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             2440 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             2700 - Wait - wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             2972 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             2980 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2984 - Wait - aswJsFlt.dll - C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll - AVAST Software
             2988 - Wait - aswJsFlt.dll - C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll - AVAST Software
             3072 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3076 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3080 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3084 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3096 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3144 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             3152 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3200 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3276 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3388 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3548 - Wait - mswsock.dll - C:\WINDOWS\System32\mswsock.dll - Microsoft Corporation
             3764 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3776 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3792 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3800 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3804 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3808 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3812 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3816 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3824 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3828 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3832 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3840 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3848 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[Skype.exe]Threads
             204 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             520 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             676 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             684 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             724 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             884 - Wait - gdiplus.dll - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll - Microsoft Corporation
             888 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             912 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             920 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             944 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             956 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             960 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             964 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             984 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             1016 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             1020 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             1056 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             1108 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             1112 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             1144 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             1432 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             1540 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             1544 - Wait - wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             1548 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             1736 - Wait - wininet.dll - C:\WINDOWS\system32\wininet.dll - Microsoft Corporation
             1796 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             2020 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2964 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             3252 - Wait - Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A.
             3280 - Wait - mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             3876 - Wait - ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[dllhost.exe]Threads
             224 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             252 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             260 - Wait - COMSVCS.DLL - C:\WINDOWS\system32\COMSVCS.DLL - Microsoft Corporation
             312 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             328 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             348 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             352 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             936 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1236 - Wait - COMSVCS.DLL - C:\WINDOWS\system32\COMSVCS.DLL - Microsoft Corporation
             1960 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             1972 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             4056 - Wait - dllhost.exe - C:\WINDOWS\system32\dllhost.exe - Microsoft Corporation
             4068 - Wait - ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             4076 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             4084 - Wait - ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[winlogon.exe]Threads
             264 - Wait - wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             276 - Wait - WINMM.dll - C:\WINDOWS\system32\WINMM.dll - Microsoft Corporation
             336 - Wait - cscdll.dll - C:\WINDOWS\system32\cscdll.dll - Microsoft Corporation
             340 - Wait - winlogon.exe - C:\WINDOWS\system32\winlogon.exe - Microsoft Corporation
             380 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1260 - Wait - winlogon.exe - C:\WINDOWS\system32\winlogon.exe - Microsoft Corporation
             1276 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             1280 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1288 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1296 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1308 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1376 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             1448 - Wait - sfc_os.dll - C:\WINDOWS\system32\sfc_os.dll - Microsoft Corporation
             1468 - Wait - sfc_os.dll - C:\WINDOWS\system32\sfc_os.dll - Microsoft Corporation
             1472 - Wait - sfc_os.dll - C:\WINDOWS\system32\sfc_os.dll - Microsoft Corporation
             1584 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1692 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1820 - Terminate - winlogon.exe - C:\WINDOWS\system32\winlogon.exe - Microsoft Corporation
             1844 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1864 - Terminate - WlNotify.dll - C:\WINDOWS\system32\WlNotify.dll - Microsoft Corporation
             1868 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             1932 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             2076 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3204 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             272 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             284 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             308 - Wait - lmhsvc.dll - c:\windows\system32\lmhsvc.dll - Microsoft Corporation
             2876 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[WinRAR.exe]Threads
             280 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             432 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1632 - Wait - ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             1636 - Wait - WinRAR.exe - C:\Program Files\WinRAR\WinRAR.exe - 
             1936 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2820 - Wait - WinRAR.exe - C:\Program Files\WinRAR\WinRAR.exe - 

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             304 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             324 - Wait - EapolQec.dll - c:\windows\system32\EapolQec.dll - Microsoft Corporation
             332 - Wait - QUtil.dll - c:\windows\system32\QUtil.dll - Microsoft Corporation
             356 - Wait - unimdm.tsp - C:\WINDOWS\System32\unimdm.tsp - Microsoft Corporation
             360 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             368 - Wait - wzcsvc.dll - c:\windows\system32\wzcsvc.dll - Microsoft Corporation
             384 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             388 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             516 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             524 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             560 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             588 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             596 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             600 - Wait - ndptsp.tsp - C:\WINDOWS\System32\ndptsp.tsp - Microsoft Corporation
             604 - Wait - schedsvc.dll - c:\windows\system32\schedsvc.dll - Microsoft Corporation
             608 - Wait - schedsvc.dll - c:\windows\system32\schedsvc.dll - Microsoft Corporation
             620 - Wait - schedsvc.dll - c:\windows\system32\schedsvc.dll - Microsoft Corporation
             624 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             660 - Wait - schedsvc.dll - c:\windows\system32\schedsvc.dll - Microsoft Corporation
             688 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             780 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             800 - Wait - nwwks.dll - c:\windows\system32\nwwks.dll - Microsoft Corporation
             804 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             832 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             896 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             996 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1220 - Wait - kmddsp.tsp - C:\WINDOWS\System32\kmddsp.tsp - Microsoft Corporation
             1232 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1508 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1588 - Wait - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             1640 - Wait - ncprov.dll - C:\WINDOWS\system32\wbem\ncprov.dll - Microsoft Corporation
             1648 - Wait - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             1656 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1700 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1720 - Wait - svchost.exe - C:\WINDOWS\System32\svchost.exe - Microsoft Corporation
             1724 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1728 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1732 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1764 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1792 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1908 - Wait - dhcpcsvc.dll - c:\windows\system32\dhcpcsvc.dll - Microsoft Corporation
             1948 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             2000 - Wait - schedsvc.dll - c:\windows\system32\schedsvc.dll - Microsoft Corporation
             2024 - Wait - uniplat.dll - C:\WINDOWS\System32\uniplat.dll - Microsoft Corporation
             2088 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             2140 - Wait - h323.tsp - C:\WINDOWS\System32\h323.tsp - Microsoft Corporation
             2192 - Wait - SSDPAPI.dll - C:\WINDOWS\system32\SSDPAPI.dll - Microsoft Corporation
             2228 - Wait - hidphone.tsp - C:\WINDOWS\System32\hidphone.tsp - Microsoft Corporation
             2232 - Wait - TAPI32.dll - C:\WINDOWS\System32\TAPI32.dll - Microsoft Corporation
             2252 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             2276 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2288 - Wait - wuaueng.dll - C:\WINDOWS\system32\wuaueng.dll - Microsoft Corporation
             2340 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2396 - Wait - hidserv.dll - c:\windows\system32\hidserv.dll - Microsoft Corporation
             2400 - Wait - hidserv.dll - c:\windows\system32\hidserv.dll - Microsoft Corporation
             2404 - Wait - hidserv.dll - c:\windows\system32\hidserv.dll - Microsoft Corporation
             2484 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2732 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2816 - Wait - ipxwan.dll - C:\WINDOWS\System32\ipxwan.dll - Microsoft Corporation
             2856 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             2860 - Wait - RASQEC.DLL - C:\WINDOWS\System32\RASQEC.DLL - Microsoft Corporation
             2900 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             2928 - Wait - rasppp.dll - C:\WINDOWS\System32\rasppp.dll - Microsoft Corporation
             2952 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3172 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3176 - Wait - ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             3180 - Wait - ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             3188 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3332 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             3336 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             3344 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3444 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3448 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3452 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             3456 - Wait - w32time.dll - c:\windows\system32\w32time.dll - Microsoft Corporation
             3476 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             3572 - Wait - shsvcs.dll - c:\windows\system32\shsvcs.dll - Microsoft Corporation
             3600 - Wait - SSDPAPI.dll - C:\WINDOWS\system32\SSDPAPI.dll - Microsoft Corporation
             3628 - Terminate - SSDPAPI.dll - C:\WINDOWS\system32\SSDPAPI.dll - Microsoft Corporation
             3640 - Terminate - hnetcfg.dll - C:\WINDOWS\System32\hnetcfg.dll - Microsoft Corporation
             3644 - Terminate - es.dll - c:\windows\system32\es.dll - Microsoft Corporation
             3704 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3744 - Wait - AUTHZ.dll - c:\windows\system32\AUTHZ.dll - Microsoft Corporation
             3752 - Terminate - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             3756 - Terminate - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             3784 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3820 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3836 - Wait - wbemcomn.dll - C:\WINDOWS\system32\wbem\wbemcomn.dll - Microsoft Corporation
             3852 - Wait - tapisrv.dll - c:\windows\system32\tapisrv.dll - Microsoft Corporation
             3856 - Wait - tapisrv.dll - c:\windows\system32\tapisrv.dll - Microsoft Corporation
             3860 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3864 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             3984 - Wait - wscsvc.dll - c:\windows\system32\wscsvc.dll - Microsoft Corporation
             3988 - Wait - wscsvc.dll - c:\windows\system32\wscsvc.dll - Microsoft Corporation
             4000 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             4004 - Terminate - es.dll - c:\windows\system32\es.dll - Microsoft Corporation
             4028 - Wait - rastapi.dll - C:\WINDOWS\System32\rastapi.dll - Microsoft Corporation
             4032 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             4060 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             4064 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[lsass.exe]Threads
             316 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1336 - Wait - LSASRV.dll - C:\WINDOWS\system32\LSASRV.dll - Microsoft Corporation
             1340 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1344 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1348 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1352 - Wait - LSASRV.dll - C:\WINDOWS\system32\LSASRV.dll - Microsoft Corporation
             1364 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1372 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1392 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1396 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1400 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1404 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1412 - Wait - LSASRV.dll - C:\WINDOWS\system32\LSASRV.dll - Microsoft Corporation
             1416 - Wait - LSASRV.dll - C:\WINDOWS\system32\LSASRV.dll - Microsoft Corporation
             1420 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1440 - Wait - LSASRV.dll - C:\WINDOWS\system32\LSASRV.dll - Microsoft Corporation
             1480 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2520 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             2792 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             3148 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             3156 - Terminate - hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             3160 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             3164 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation
             3168 - Wait - msvcrt.dll - C:\WINDOWS\system32\msvcrt.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[AvastSvc.exe]Threads
             364 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             376 - Wait - AvastSvc.exe - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - AVAST Software
             396 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             412 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             416 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             464 - Wait - ashServ.dll - C:\Program Files\Alwil Software\Avast5\ashServ.dll - AVAST Software
             468 - Wait - aswProperty.dll - C:\Program Files\Alwil Software\Avast5\aswProperty.dll - AVAST Software
             488 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             500 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             504 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             628 - Terminate - aswEngin.dll - C:\Program Files\Alwil Software\Avast5\defs\13050500\aswEngin.dll - AVAST Software
             632 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             656 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             692 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             696 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             704 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             736 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             740 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             744 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             748 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             752 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             756 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             760 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             764 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             768 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             772 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             784 - Wait - AhResBhv.dll - C:\Program Files\Alwil Software\Avast5\AhResBhv.dll - AVAST Software
             788 - Wait - AhResBhv.dll - C:\Program Files\Alwil Software\Avast5\AhResBhv.dll - AVAST Software
             792 - Wait - AhResBhv.dll - C:\Program Files\Alwil Software\Avast5\AhResBhv.dll - AVAST Software
             840 - Wait - AhResMai.dll - C:\Program Files\Alwil Software\Avast5\AhResMai.dll - AVAST Software
             844 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             848 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             852 - Wait - AhResSPM.dll - C:\Program Files\Alwil Software\Avast5\AhResSPM.dll - AVAST Software
             856 - Wait - AhResStd.dll - C:\Program Files\Alwil Software\Avast5\AhResStd.dll - AVAST Software
             864 - Wait - AhResWS.dll - C:\Program Files\Alwil Software\Avast5\AhResWS.dll - AVAST Software
             868 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             872 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             876 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             880 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             900 - Wait - wlanapi.dll - C:\WINDOWS\system32\wlanapi.dll - Microsoft Corporation
             904 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             916 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1664 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1680 - Wait - aswLog.dll - C:\Program Files\Alwil Software\Avast5\aswLog.dll - AVAST Software
             1704 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2112 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2184 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             2188 - Terminate - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             2408 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2412 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2420 - Wait - ashServ.dll - C:\Program Files\Alwil Software\Avast5\ashServ.dll - AVAST Software
             2488 - Terminate - ashServ.dll - C:\Program Files\Alwil Software\Avast5\ashServ.dll - AVAST Software
             2556 - Wait - ashServ.dll - C:\Program Files\Alwil Software\Avast5\ashServ.dll - AVAST Software
             2596 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             2600 - Wait - ashServ.dll - C:\Program Files\Alwil Software\Avast5\ashServ.dll - AVAST Software
             2608 - Wait - ashServ.dll - C:\Program Files\Alwil Software\Avast5\ashServ.dll - AVAST Software
             2676 - Terminate - ashServ.dll - C:\Program Files\Alwil Software\Avast5\ashServ.dll - AVAST Software
             2960 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             3036 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3048 - Wait - mswsock.dll - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
             3068 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             3712 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             3796 - Wait - ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[csrss.exe]Threads
             408 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             428 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             1240 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             1244 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             1248 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             1252 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             1264 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             1268 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             1272 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             1320 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation
             1368 - Wait - CSRSRV.dll - C:\WINDOWS\system32\CSRSRV.dll - Microsoft Corporation
             3536 - Wait - winsrv.dll - C:\WINDOWS\system32\winsrv.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[afwServ.exe]Threads
             424 - Wait - afwServ.exe - C:\Program Files\Alwil Software\Avast5\afwServ.exe - AVAST Software
             492 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             496 - Wait - aswProperty.dll - C:\Program Files\Alwil Software\Avast5\aswProperty.dll - AVAST Software
             508 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             512 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             564 - Wait - afwCoreServ.dll - C:\Program Files\Alwil Software\Avast5\afwCoreServ.dll - AVAST Software
             568 - Wait - afwCoreServ.dll - C:\Program Files\Alwil Software\Avast5\afwCoreServ.dll - AVAST Software
             572 - Wait - afwCoreServ.dll - C:\Program Files\Alwil Software\Avast5\afwCoreServ.dll - AVAST Software
             576 - Wait - afwCoreServ.dll - C:\Program Files\Alwil Software\Avast5\afwCoreServ.dll - AVAST Software
             580 - Wait - afwCoreServ.dll - C:\Program Files\Alwil Software\Avast5\afwCoreServ.dll - AVAST Software
             584 - Wait - afwCoreServ.dll - C:\Program Files\Alwil Software\Avast5\afwCoreServ.dll - AVAST Software
             636 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             640 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             644 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             652 - Wait - afwRpc.dll - C:\Program Files\Alwil Software\Avast5\afwRpc.dll - AVAST Software
             1652 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             472 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1168 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1504 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             1560 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1568 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1572 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3440 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3480 - Wait - termsrv.dll - c:\windows\system32\termsrv.dll - Microsoft Corporation
             3488 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3492 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3496 - Wait - termsrv.dll - c:\windows\system32\termsrv.dll - Microsoft Corporation
             3500 - Wait - termsrv.dll - c:\windows\system32\termsrv.dll - Microsoft Corporation
             3504 - Wait - termsrv.dll - c:\windows\system32\termsrv.dll - Microsoft Corporation
             3508 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3512 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3516 - Wait - USERENV.dll - C:\WINDOWS\system32\USERENV.dll - Microsoft Corporation
             3524 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3528 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3532 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3544 - Wait - termsrv.dll - c:\windows\system32\termsrv.dll - Microsoft Corporation
             3576 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3656 - Wait - rdpwsx.dll - C:\WINDOWS\system32\rdpwsx.dll - Microsoft Corporation
             3664 - Wait - rdpwsx.dll - C:\WINDOWS\system32\rdpwsx.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             528 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3008 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             3208 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             3220 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3224 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3228 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3292 - Terminate - hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             3308 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3312 - Wait - ssdpsrv.dll - c:\windows\system32\ssdpsrv.dll - Microsoft Corporation
             3432 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3632 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[spoolsv.exe]Threads
             616 - Wait - spoolsv.exe - C:\WINDOWS\system32\spoolsv.exe - Microsoft Corporation
             664 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             668 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             672 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             680 - Wait - spoolsv.exe - C:\WINDOWS\system32\spoolsv.exe - Microsoft Corporation
             1208 - Wait - spoolsv.exe - C:\WINDOWS\system32\spoolsv.exe - Microsoft Corporation
             1216 - Wait - spoolsv.exe - C:\WINDOWS\system32\spoolsv.exe - Microsoft Corporation
             1576 - Wait - usbmon.dll - C:\WINDOWS\system32\usbmon.dll - Microsoft Corporation
             1852 - Wait - localspl.dll - C:\WINDOWS\system32\localspl.dll - Microsoft Corporation
             1856 - Wait - localspl.dll - C:\WINDOWS\system32\localspl.dll - Microsoft Corporation
             1888 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1916 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             2016 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             2060 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[postak.exe]Threads
             732 - Wait - postak.exe - C:\Program Files\Seznam.cz\bin\postak.exe - 
             1148 - Wait - core.4.dll - C:\Program Files\Seznam.cz\bin\core.4.dll - 
             2968 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3120 - Wait - mswsock.dll - C:\WINDOWS\System32\mswsock.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[PCHunter32.exe]Threads
             776 - Wait - WININET.dll - C:\WINDOWS\system32\WININET.dll - Microsoft Corporation
             1436 - Run - PCHunter32.exe - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32.exe - ????(??)????????
             1800 - Wait - mswsock.dll - C:\WINDOWS\System32\mswsock.dll - Microsoft Corporation
             2844 - Wait - PCHunter32.exe - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32.exe - ????(??)????????
             3092 - Terminate - PCHunter32.exe - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32.exe - ????(??)????????
             3780 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3880 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             4020 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             828 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             924 - Wait - rpcss.dll - c:\windows\system32\rpcss.dll - Microsoft Corporation
             1596 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             1600 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1604 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1608 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1612 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1624 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1944 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2064 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2068 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[GrooveMonitor.exe]Threads
             972 - Wait - GrooveMonitor.exe - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[GamerOSD.exe]Threads
             980 - Wait - GamerOSD.exe - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe - ASUSTeK Computer Inc.
             1152 - Wait - wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             1192 - Wait - quartz.dll - C:\WINDOWS\system32\quartz.dll - Microsoft Corporation
             2036 - Wait - GamerOSD.exe - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe - ASUSTeK Computer Inc.
             2040 - Wait - GamerOSD.exe - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe - ASUSTeK Computer Inc.

------------------------------------------------------------------------------------------

      Image File Name[rundll32.exe]Threads
             1004 - Wait - RUNDLL32.EXE - C:\WINDOWS\system32\RUNDLL32.EXE - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[AvastUI.exe]Threads
             1032 - Wait - avastUI.exe - C:\Program Files\Alwil Software\Avast5\avastUI.exe - AVAST Software
             1140 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             1164 - Wait - avastUI.exe - C:\Program Files\Alwil Software\Avast5\avastUI.exe - AVAST Software
             1196 - Wait - avastUI.exe - C:\Program Files\Alwil Software\Avast5\avastUI.exe - AVAST Software
             1200 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             1204 - Wait - avastUI.exe - C:\Program Files\Alwil Software\Avast5\avastUI.exe - AVAST Software
             2096 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2100 - Wait - aswData.dll - C:\Program Files\Alwil Software\Avast5\aswData.dll - AVAST Software
             2104 - Wait - Aavm4h.dll - C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - AVAST Software
             2108 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             2124 - Terminate - avastUI.exe - C:\Program Files\Alwil Software\Avast5\avastUI.exe - AVAST Software
             2164 - Wait - avastUI.exe - C:\Program Files\Alwil Software\Avast5\avastUI.exe - AVAST Software
             2168 - Wait - avastUI.exe - C:\Program Files\Alwil Software\Avast5\avastUI.exe - AVAST Software
             2172 - Wait - avastUI.exe - C:\Program Files\Alwil Software\Avast5\avastUI.exe - AVAST Software
             2176 - Wait - avastUI.exe - C:\Program Files\Alwil Software\Avast5\avastUI.exe - AVAST Software
             2180 - Wait - avastUI.exe - C:\Program Files\Alwil Software\Avast5\avastUI.exe - AVAST Software
             2428 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             2432 - Wait - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             2436 - Terminate - MSVCR90.dll - C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll - Microsoft Corporation
             3304 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[services.exe]Threads
             1040 - Wait - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             1324 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1328 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1332 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1428 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1456 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1460 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             1476 - Wait - AUTHZ.dll - C:\WINDOWS\system32\AUTHZ.dll - Microsoft Corporation
             1484 - Terminate - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             1512 - Wait - services.exe - C:\WINDOWS\system32\services.exe - Microsoft Corporation
             1580 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1644 - Terminate - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             1668 - Wait - NCObjAPI.DLL - C:\WINDOWS\system32\NCObjAPI.DLL - Microsoft Corporation
             1748 - Wait - umpnpmgr.dll - C:\WINDOWS\system32\umpnpmgr.dll - Microsoft Corporation
             1752 - Wait - umpnpmgr.dll - C:\WINDOWS\system32\umpnpmgr.dll - Microsoft Corporation
             1880 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2784 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[ctfmon.exe]Threads
             1124 - Wait - ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[ONENOTEM.EXE]Threads
             1172 - Wait - ONENOTEM.EXE - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[smss.exe]Threads
             1180 - Wait - smss.exe - C:\WINDOWS\System32\smss.exe - Microsoft Corporation
             1184 - Wait - smss.exe - C:\WINDOWS\System32\smss.exe - Microsoft Corporation
             1188 - Wait - smss.exe - C:\WINDOWS\System32\smss.exe - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             1380 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1808 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             2028 - Wait - dnsrslvr.dll - c:\windows\system32\dnsrslvr.dll - Microsoft Corporation
             2032 - Wait - dnsrslvr.dll - c:\windows\system32\dnsrslvr.dll - Microsoft Corporation
             2156 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2160 - Terminate - hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             3244 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             4012 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[chrome.exe]Threads
             1516 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2196 - Wait - pepflashplayer.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll - 
             2304 - Wait - chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             2392 - Wait - chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             2444 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             2448 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             2452 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             2712 - Wait - pepflashplayer.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll - 
             2768 - Wait - chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             3056 - Wait - pepflashplayer.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll - 
             3592 - Wait - pepflashplayer.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll - 
             4008 - Wait - pepflashplayer.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll - 

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             1760 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             1776 - Wait - WUDFPlatform.dll - c:\windows\system32\WUDFPlatform.dll - Microsoft Corporation
             1780 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1784 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             1788 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             1836 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             1952 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3216 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             3316 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             3348 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3352 - Wait - ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             3356 - Wait - wiaservc.dll - c:\windows\system32\wiaservc.dll - Microsoft Corporation
             3472 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[arservice.exe]Threads
             2204 - Wait - arservice.exe - C:\WINDOWS\arservice.exe - Microsoft
             2208 - Wait - wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation
             2212 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[ATKKBService.exe]Threads
             2220 - Wait - ATKKBService.exe - C:\WINDOWS\ATKKBService.exe - ASUSTeK COMPUTER INC.
             2224 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2236 - Wait - ATKKBService.exe - C:\WINDOWS\ATKKBService.exe - ASUSTeK COMPUTER INC.
             2240 - Wait - ATKKBService.exe - C:\WINDOWS\ATKKBService.exe - ASUSTeK COMPUTER INC.
             2256 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[ehRecvr.exe]Threads
             2248 - Wait - ehRecvr.exe - C:\WINDOWS\eHome\ehRecvr.exe - Microsoft Corporation
             2260 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2380 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[ehSched.exe]Threads
             2268 - Wait - ehSched.exe - C:\WINDOWS\eHome\ehSched.exe - Microsoft Corporation
             2272 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2292 - Wait - ehSched.exe - C:\WINDOWS\eHome\ehSched.exe - Microsoft Corporation
             2296 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2300 - Wait - ole32.dll - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation
             2548 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2592 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[svchost.exe]Threads
             2328 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2336 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             3748 - Wait - svchost.exe - C:\WINDOWS\system32\svchost.exe - Microsoft Corporation
             3888 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3896 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[jqs.exe]Threads
             2388 - Wait - jqs.exe - C:\Program Files\Java\jre6\bin\jqs.exe - Sun Microsystems, Inc.
             2480 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2492 - Wait - MSVCR71.dll - C:\Program Files\Java\jre6\bin\MSVCR71.dll - Microsoft Corporation
             2500 - Wait - MSVCR71.dll - C:\Program Files\Java\jre6\bin\MSVCR71.dll - Microsoft Corporation
             2532 - Terminate - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2656 - Wait - CorperfmonExt.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CorperfmonExt.dll - Microsoft Corporation
             2664 - Wait - aspnet_perf.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll - Microsoft Corporation
             2668 - Wait - aspnet_perf.dll - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll - Microsoft Corporation
             2752 - Wait - aspnet_isapi.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - Microsoft Corporation
             2756 - Wait - aspnet_isapi.dll - C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - Microsoft Corporation
             3648 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             3652 - Wait - TRAFFIC.dll - C:\WINDOWS\system32\TRAFFIC.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[nvsvc32.exe]Threads
             2528 - Wait - nvsvc32.exe - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Corporation
             2584 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2588 - Wait - nvsvc32.exe - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Corporation
             3184 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             3360 - Wait - nvsvc32.exe - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Corporation

------------------------------------------------------------------------------------------

      Image File Name[alg.exe]Threads
             2620 - Wait - alg.exe - C:\WINDOWS\System32\alg.exe - Microsoft Corporation
             2624 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2628 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2636 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             2640 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             2644 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[HPZipm12.exe]Threads
             2748 - Wait - HPZipm12.exe - C:\WINDOWS\system32\HPZipm12.exe - HP
             2788 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[PSIService.exe]Threads
             2804 - Wait - PSIService.exe - C:\WINDOWS\system32\PSIService.exe - 
             2808 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             2812 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[chrome.exe]Threads
             3328 - Wait - chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             3464 - Wait - chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             3564 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3568 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3660 - Wait - chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - Google Inc.
             3668 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             3684 - Wait - chrome.dll - C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll - Google Inc.
             3688 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[mcrdsvc.exe]Threads
             3368 - Wait - mcrdsvc.exe - C:\WINDOWS\ehome\mcrdsvc.exe - Microsoft Corporation
             3396 - Wait - ADVAPI32.dll - C:\WINDOWS\system32\ADVAPI32.dll - Microsoft Corporation
             3404 - Wait - mcrdsvc.exe - C:\WINDOWS\ehome\mcrdsvc.exe - Microsoft Corporation
             3408 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3420 - Wait - RPCRT4.dll - C:\WINDOWS\system32\RPCRT4.dll - Microsoft Corporation
             3424 - Terminate - hnetcfg.dll - C:\WINDOWS\system32\hnetcfg.dll - Microsoft Corporation
             3428 - Wait - ntdll.dll - C:\WINDOWS\system32\ntdll.dll - Microsoft Corporation
             3436 - Wait - SSDPAPI.dll - C:\WINDOWS\system32\SSDPAPI.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[wuauclt.exe]Threads
             3696 - Wait - wuauclt.exe - C:\WINDOWS\system32\wuauclt.exe - Microsoft Corporation
             3720 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation
             3728 - Wait - ESENT.dll - C:\WINDOWS\system32\ESENT.dll - Microsoft Corporation
             3732 - Wait - ESENT.dll - C:\WINDOWS\system32\ESENT.dll - Microsoft Corporation
             3736 - Wait - ESENT.dll - C:\WINDOWS\system32\ESENT.dll - Microsoft Corporation
             3740 - Wait - ESENT.dll - C:\WINDOWS\system32\ESENT.dll - Microsoft Corporation
             3768 - Wait - kernel32.dll - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[wscntfy.exe]Threads
             4048 - Wait - wscntfy.exe - C:\WINDOWS\system32\wscntfy.exe - Microsoft Corporation

------------------------------------------------------------------------------------------

      Image File Name[Idle]Threads

==========================================================================================

Kernel Module

       ntkrnlpa.exe - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       hal.dll - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KDCOM.DLL - C:\WINDOWS\system32\KDCOM.DLL - Microsoft Corporation
       BOOTVID.dll - C:\WINDOWS\system32\BOOTVID.dll - Microsoft Corporation
       ACPI.sys - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       WMILIB.SYS - C:\WINDOWS\system32\DRIVERS\WMILIB.SYS - Microsoft Corporation
       pci.sys - C:\WINDOWS\system32\drivers\pci.sys - Microsoft Corporation
       isapnp.sys - C:\WINDOWS\system32\drivers\isapnp.sys - Microsoft Corporation
       ohci1394.sys - C:\WINDOWS\system32\drivers\ohci1394.sys - Microsoft Corporation
       1394BUS.SYS - C:\WINDOWS\system32\DRIVERS\1394BUS.SYS - Microsoft Corporation
       pciide.sys - C:\WINDOWS\system32\drivers\pciide.sys - Microsoft Corporation
       PCIIDEX.SYS - C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS - Microsoft Corporation
       MountMgr.sys - C:\WINDOWS\system32\drivers\MountMgr.sys - Microsoft Corporation
       ftdisk.sys - C:\WINDOWS\system32\drivers\ftdisk.sys - Microsoft Corporation
       dmload.sys - C:\WINDOWS\system32\drivers\dmload.sys - Microsoft Corp., Veritas Software.
       dmio.sys - C:\WINDOWS\system32\drivers\dmio.sys - Microsoft Corp., Veritas Software
       PartMgr.sys - C:\WINDOWS\system32\drivers\PartMgr.sys - Microsoft Corporation
       VolSnap.sys - C:\WINDOWS\system32\drivers\VolSnap.sys - Microsoft Corporation
       atapi.sys - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       disk.sys - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       CLASSPNP.SYS - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       fltMgr.sys - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       sr.sys - C:\WINDOWS\system32\drivers\sr.sys - Microsoft Corporation
       PxHelp20.sys - C:\WINDOWS\system32\drivers\PxHelp20.sys - Sonic Solutions
       KSecDD.sys - C:\WINDOWS\system32\drivers\KSecDD.sys - Microsoft Corporation
       WudfPf.sys - C:\WINDOWS\system32\drivers\WudfPf.sys - Microsoft Corporation
       Ntfs.sys - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       NDIS.sys - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       aswNdis2.sys - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       aswNdis.sys - C:\WINDOWS\system32\drivers\aswNdis.sys - ALWIL Software
       sfhlp02.sys - C:\WINDOWS\system32\drivers\sfhlp02.sys - Protection Technology (StarForce)
       sfhlp01.sys - C:\WINDOWS\system32\drivers\sfhlp01.sys - Protection Technology
       sfdrv01.sys - C:\WINDOWS\system32\drivers\sfdrv01.sys - Protection Technology (StarForce)
       prohlp02.sys - C:\WINDOWS\system32\drivers\prohlp02.sys - Protection Technology
       Mup.sys - C:\WINDOWS\system32\drivers\Mup.sys - Microsoft Corporation
       aswVmm.sys - C:\WINDOWS\system32\drivers\aswVmm.sys - 
       aswRvrt.sys - C:\WINDOWS\system32\drivers\aswRvrt.sys - 
       intelppm.sys - C:\WINDOWS\system32\DRIVERS\intelppm.sys - Microsoft Corporation
       nv4_mini.sys - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - NVIDIA Corporation
       VIDEOPRT.SYS - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       HDAudBus.sys - C:\WINDOWS\system32\DRIVERS\HDAudBus.sys - Windows (R) Server 2003 DDK provider
       e1e5132.sys - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       usbuhci.sys - C:\WINDOWS\system32\DRIVERS\usbuhci.sys - Microsoft Corporation
       USBPORT.SYS - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
       usbehci.sys - C:\WINDOWS\system32\DRIVERS\usbehci.sys - Microsoft Corporation
       nic1394.sys - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       fdc.sys - C:\WINDOWS\system32\DRIVERS\fdc.sys - Microsoft Corporation
       parport.sys - C:\WINDOWS\system32\DRIVERS\parport.sys - Microsoft Corporation
       i8042prt.sys - C:\WINDOWS\system32\DRIVERS\i8042prt.sys - Microsoft Corporation
       aswKbd.SYS - C:\WINDOWS\System32\Drivers\aswKbd.SYS - AVAST Software
       kbdclass.sys - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       arkbcfltr.sys - C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys - Microsoft Corporation
       serial.sys - C:\WINDOWS\system32\DRIVERS\serial.sys - Microsoft Corporation
       serenum.sys - C:\WINDOWS\system32\DRIVERS\serenum.sys - Microsoft Corporation
       pfc.sys - C:\WINDOWS\system32\drivers\pfc.sys - Padus, Inc.
       cdrom.sys - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       redbook.sys - C:\WINDOWS\system32\DRIVERS\redbook.sys - Microsoft Corporation
       ks.sys - C:\WINDOWS\system32\DRIVERS\ks.sys - Microsoft Corporation
       imapi.sys - C:\WINDOWS\system32\DRIVERS\imapi.sys - Microsoft Corporation
       aracpi.sys - C:\WINDOWS\system32\DRIVERS\aracpi.sys - Microsoft Corporation
       arpolicy.sys - C:\WINDOWS\system32\DRIVERS\arpolicy.sys - Microsoft Corporation
       atkkbnt.sys - C:\WINDOWS\system32\drivers\atkkbnt.sys - ASUSTeK COMPUTER INC.
       Video3D32.sys - C:\WINDOWS\System32\Drivers\Video3D32.sys - ASUSTeK COMPUTER INC.
       asusgsb.sys - C:\WINDOWS\system32\drivers\asusgsb.sys - ASUSTeK Computer Inc.
       audstub.sys - C:\WINDOWS\system32\DRIVERS\audstub.sys - Microsoft Corporation
       rasl2tp.sys - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       ndistapi.sys - C:\WINDOWS\system32\DRIVERS\ndistapi.sys - Microsoft Corporation
       ndiswan.sys - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       raspppoe.sys - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       raspptp.sys - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       TDI.SYS - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       psched.sys - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       msgpc.sys - C:\WINDOWS\system32\DRIVERS\msgpc.sys - Microsoft Corporation
       ptilink.sys - C:\WINDOWS\system32\DRIVERS\ptilink.sys - Parallel Technologies, Inc.
       raspti.sys - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       rdpdr.sys - C:\WINDOWS\system32\DRIVERS\rdpdr.sys - Microsoft Corporation
       termdd.sys - C:\WINDOWS\system32\DRIVERS\termdd.sys - Microsoft Corporation
       mouclass.sys - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       seehcri.sys - C:\WINDOWS\system32\DRIVERS\seehcri.sys - Sony Ericsson Mobile Communications
       swenum.sys - C:\WINDOWS\system32\DRIVERS\swenum.sys - Microsoft Corporation
       update.sys - C:\WINDOWS\system32\DRIVERS\update.sys - Microsoft Corporation
       mssmbios.sys - C:\WINDOWS\system32\DRIVERS\mssmbios.sys - Microsoft Corporation
       NDProxy.SYS - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       nvhda32.sys - C:\WINDOWS\system32\drivers\nvhda32.sys - NVIDIA Corporation
       portcls.sys - C:\WINDOWS\system32\drivers\portcls.sys - Microsoft Corporation
       drmk.sys - C:\WINDOWS\system32\drivers\drmk.sys - Microsoft Corporation
       usbhub.sys - C:\WINDOWS\system32\DRIVERS\usbhub.sys - Microsoft Corporation
       USBD.SYS - C:\WINDOWS\system32\DRIVERS\USBD.SYS - Microsoft Corporation
       sthda.sys - C:\WINDOWS\system32\drivers\sthda.sys - IDT, Inc.
       flpydisk.sys - C:\WINDOWS\system32\DRIVERS\flpydisk.sys - Microsoft Corporation
       Fs_Rec.SYS - C:\WINDOWS\System32\Drivers\Fs_Rec.SYS - Microsoft Corporation
       Null.SYS - C:\WINDOWS\System32\Drivers\Null.SYS - Microsoft Corporation
       Beep.SYS - C:\WINDOWS\System32\Drivers\Beep.SYS - Microsoft Corporation
       vga.sys - C:\WINDOWS\System32\drivers\vga.sys - Microsoft Corporation
       mnmdd.SYS - C:\WINDOWS\System32\Drivers\mnmdd.SYS - Microsoft Corporation
       RDPCDD.sys - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys - Microsoft Corporation
       Msfs.SYS - C:\WINDOWS\System32\Drivers\Msfs.SYS - Microsoft Corporation
       Npfs.SYS - C:\WINDOWS\System32\Drivers\Npfs.SYS - Microsoft Corporation
       rasacd.sys - C:\WINDOWS\system32\DRIVERS\rasacd.sys - Microsoft Corporation
       ipsec.sys - C:\WINDOWS\system32\DRIVERS\ipsec.sys - Microsoft Corporation
       tcpip.sys - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       aswFW.sys - C:\WINDOWS\system32\drivers\aswFW.sys - AVAST Software
       ipnat.sys - C:\WINDOWS\system32\DRIVERS\ipnat.sys - Microsoft Corporation
       aswTdi.SYS - C:\WINDOWS\System32\Drivers\aswTdi.SYS - AVAST Software
       netbt.sys - C:\WINDOWS\system32\DRIVERS\netbt.sys - Microsoft Corporation
       wanarp.sys - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       aswRdr.SYS - C:\WINDOWS\System32\Drivers\aswRdr.SYS - AVAST Software
       ws2ifsl.sys - C:\WINDOWS\System32\drivers\ws2ifsl.sys - Microsoft Corporation
       arp1394.sys - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       afd.sys - C:\WINDOWS\System32\drivers\afd.sys - Microsoft Corporation
       netbios.sys - C:\WINDOWS\system32\DRIVERS\netbios.sys - Microsoft Corporation
       rdbss.sys - C:\WINDOWS\system32\DRIVERS\rdbss.sys - Microsoft Corporation
       prodrv06.sys - C:\WINDOWS\System32\drivers\prodrv06.sys - Protection Technology
       nvport.sys - C:\WINDOWS\system32\Drivers\nvport.sys - NVIDIA Corporation.
       mrxsmb.sys - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - Microsoft Corporation
       Fips.SYS - C:\WINDOWS\System32\Drivers\Fips.SYS - Microsoft Corporation
       hidusb.sys - C:\WINDOWS\system32\DRIVERS\hidusb.sys - Microsoft Corporation
       HIDCLASS.SYS - C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS - Microsoft Corporation
       HIDPARSE.SYS - C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS - Microsoft Corporation
       arhidfltr.sys - C:\WINDOWS\system32\DRIVERS\arhidfltr.sys - Microsoft Corporation
       aswSP.SYS - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       aswSnx.SYS - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       usbccgp.sys - C:\WINDOWS\system32\DRIVERS\usbccgp.sys - Microsoft Corporation
       mouhid.sys - C:\WINDOWS\system32\DRIVERS\mouhid.sys - Microsoft Corporation
       armoucfltr.sys - C:\WINDOWS\system32\DRIVERS\armoucfltr.sys - Microsoft Corporation
       usbaudio.sys - C:\WINDOWS\system32\drivers\usbaudio.sys - Microsoft Corporation
       Cdfs.SYS - C:\WINDOWS\System32\Drivers\Cdfs.SYS - Microsoft Corporation
       dump_atapi.sys - C:\WINDOWS\System32\Drivers\dump_atapi.sys - File not found
       dump_WMILIB.SYS - C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS - File not found
       win32k.sys - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       Dxapi.sys - C:\WINDOWS\System32\drivers\Dxapi.sys - Microsoft Corporation
       watchdog.sys - C:\WINDOWS\System32\watchdog.sys - Microsoft Corporation
       dxg.sys - C:\WINDOWS\System32\drivers\dxg.sys - Microsoft Corporation
       dxgthk.sys - C:\WINDOWS\System32\drivers\dxgthk.sys - Microsoft Corporation
       atkdisp.dll - C:\WINDOWS\System32\atkdisp.dll - ASUSTeK Computer Inc.
       nv4_disp.dll - C:\WINDOWS\System32\nv4_disp.dll - NVIDIA Corporation
       ATMFD.DLL - C:\WINDOWS\System32\ATMFD.DLL - Adobe Systems Incorporated
       aswMonFlt.sys - C:\WINDOWS\system32\drivers\aswMonFlt.sys - AVAST Software
       aswFsBlk.SYS - C:\WINDOWS\System32\Drivers\aswFsBlk.SYS - AVAST Software
       nwlnkipx.sys - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       nwlnknb.sys - C:\WINDOWS\system32\DRIVERS\nwlnknb.sys - Microsoft Corporation
       ndisuio.sys - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       nwrdr.sys - C:\WINDOWS\system32\DRIVERS\nwrdr.sys - Microsoft Corporation
       mrxdav.sys - C:\WINDOWS\system32\DRIVERS\mrxdav.sys - Microsoft Corporation
       nwlnkspx.sys - C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys - Microsoft Corporation
       wdmaud.sys - C:\WINDOWS\system32\drivers\wdmaud.sys - Microsoft Corporation
       sysaudio.sys - C:\WINDOWS\system32\drivers\sysaudio.sys - Microsoft Corporation
       ParVdm.SYS - C:\WINDOWS\System32\Drivers\ParVdm.SYS - Microsoft Corporation
       HTTP.sys - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
       srv.sys - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
       TDTCP.SYS - C:\WINDOWS\System32\Drivers\TDTCP.SYS - Microsoft Corporation
       RDPWD.SYS - C:\WINDOWS\System32\Drivers\RDPWD.SYS - Microsoft Corporation
       PCHunter32aa.sys - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       Suspicious DriverObject - Suspicious DriverObject - 
       Suspicious DriverObject - Suspicious DriverObject - 
      
       [UnloadDriver] catchme.sys - C:\ComboFix\catchme.sys - File not found
       [UnloadDriver] cpuz_x32.sys - C:\DOCUME~1\NoName\LOCALS~1\Temp\cpuz130\cpuz_x32.sys - File not found
       [UnloadDriver] WinRing0.sys - C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys - File not found
       [UnloadDriver] wdf01000.sys - C:\WINDOWS\System32\Drivers\wdf01000.sys - Microsoft Corporation
       [UnloadDriver] dmboot.sys - C:\WINDOWS\System32\drivers\dmboot.sys - Microsoft Corp., Veritas Software
       [UnloadDriver] CCDECODE.sys - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys - Microsoft Corporation
       [UnloadDriver] HPZid412.sys - C:\WINDOWS\system32\DRIVERS\HPZid412.sys - HP
       [UnloadDriver] HPZipr12.sys - C:\WINDOWS\system32\DRIVERS\HPZipr12.sys - HP
       [UnloadDriver] HPZius12.sys - C:\WINDOWS\system32\DRIVERS\HPZius12.sys - HP
       [UnloadDriver] Ip6Fw.sys - C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys - Microsoft Corporation
       [UnloadDriver] NABTSFEC.sys - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys - Microsoft Corporation
       [UnloadDriver] NdisIP.sys - C:\WINDOWS\system32\DRIVERS\NdisIP.sys - Microsoft Corporation
       [UnloadDriver] SLIP.sys - C:\WINDOWS\system32\DRIVERS\SLIP.sys - Microsoft Corporation
       [UnloadDriver] StreamIP.sys - C:\WINDOWS\system32\DRIVERS\StreamIP.sys - Microsoft Corporation
       [UnloadDriver] USBSTOR.SYS - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Microsoft Corporation
       [UnloadDriver] WSTCODEC.SYS - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS - Microsoft Corporation
       [UnloadDriver] asyncmac.sys - C:\WINDOWS\system32\DRIVERS\asyncmac.sys - Microsoft Corporation
       [UnloadDriver] atmarpc.sys - C:\WINDOWS\system32\DRIVERS\atmarpc.sys - Microsoft Corporation
       [UnloadDriver] ggflt.sys - C:\WINDOWS\system32\DRIVERS\ggflt.sys - Sony Ericsson Mobile Communications
       [UnloadDriver] ggsemc.sys - C:\WINDOWS\system32\DRIVERS\ggsemc.sys - Sony Ericsson Mobile Communications
       [UnloadDriver] ipfltdrv.sys - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys - Microsoft Corporation
       [UnloadDriver] ipinip.sys - C:\WINDOWS\system32\DRIVERS\ipinip.sys - Microsoft Corporation
       [UnloadDriver] irenum.sys - C:\WINDOWS\system32\DRIVERS\irenum.sys - Microsoft Corporation
       [UnloadDriver] k750bus.sys - C:\WINDOWS\system32\DRIVERS\k750bus.sys - File not found
       [UnloadDriver] k750mdfl.sys - C:\WINDOWS\system32\DRIVERS\k750mdfl.sys - File not found
       [UnloadDriver] k750mdm.sys - C:\WINDOWS\system32\DRIVERS\k750mdm.sys - File not found
       [UnloadDriver] k750mgmt.sys - C:\WINDOWS\system32\DRIVERS\k750mgmt.sys - File not found
       [UnloadDriver] k750obex.sys - C:\WINDOWS\system32\DRIVERS\k750obex.sys - File not found
       [UnloadDriver] nwlnkflt.sys - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys - Microsoft Corporation
       [UnloadDriver] nwlnkfwd.sys - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys - Microsoft Corporation
       [UnloadDriver] s1018bus.sys - C:\WINDOWS\system32\DRIVERS\s1018bus.sys - MCCI Corporation
       [UnloadDriver] s1018mdfl.sys - C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys - MCCI Corporation
       [UnloadDriver] s1018mdm.sys - C:\WINDOWS\system32\DRIVERS\s1018mdm.sys - MCCI Corporation
       [UnloadDriver] s1018mgmt.sys - C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys - MCCI Corporation
       [UnloadDriver] s1018nd5.sys - C:\WINDOWS\system32\DRIVERS\s1018nd5.sys - MCCI Corporation
       [UnloadDriver] s1018obex.sys - C:\WINDOWS\system32\DRIVERS\s1018obex.sys - MCCI Corporation
       [UnloadDriver] s1018unic.sys - C:\WINDOWS\system32\DRIVERS\s1018unic.sys - MCCI Corporation
       [UnloadDriver] secdrv.sys - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
       [UnloadDriver] usbprint.sys - C:\WINDOWS\system32\DRIVERS\usbprint.sys - Microsoft Corporation
       [UnloadDriver] usbscan.sys - C:\WINDOWS\system32\DRIVERS\usbscan.sys - Microsoft Corporation
       [UnloadDriver] wpdusb.sys - C:\WINDOWS\system32\DRIVERS\wpdusb.sys - Microsoft Corporation
       [UnloadDriver] wudfrd.sys - C:\WINDOWS\system32\DRIVERS\wudfrd.sys - Microsoft Corporation
       [UnloadDriver] 3wfq.sys - C:\WINDOWS\system32\drivers\3wfq.sys - File not found
       [UnloadDriver] DMusic.sys - C:\WINDOWS\system32\drivers\DMusic.sys - Microsoft Corporation
       [UnloadDriver] IOMap.sys - C:\WINDOWS\system32\drivers\IOMap.sys - ASUSTeK Computer Inc.
       [UnloadDriver] MSKSSRV.sys - C:\WINDOWS\system32\drivers\MSKSSRV.sys - Microsoft Corporation
       [UnloadDriver] MSPCLOCK.sys - C:\WINDOWS\system32\drivers\MSPCLOCK.sys - Microsoft Corporation
       [UnloadDriver] MSPQM.sys - C:\WINDOWS\system32\drivers\MSPQM.sys - Microsoft Corporation
       [UnloadDriver] MSTEE.sys - C:\WINDOWS\system32\drivers\MSTEE.sys - Microsoft Corporation
       [UnloadDriver] aec.sys - C:\WINDOWS\system32\drivers\aec.sys - Microsoft Corporation
       [UnloadDriver] drmkaud.sys - C:\WINDOWS\system32\drivers\drmkaud.sys - Microsoft Corporation
       [UnloadDriver] kmixer.sys - C:\WINDOWS\system32\drivers\kmixer.sys - Microsoft Corporation
       [UnloadDriver] splitter.sys - C:\WINDOWS\system32\drivers\splitter.sys - Microsoft Corporation
       [UnloadDriver] swmidi.sys - C:\WINDOWS\system32\drivers\swmidi.sys - Microsoft Corporation

==========================================================================================

Notify Routine

       CreateProcess - 0xB7D7AFCC - C:\WINDOWS\system32\drivers\aswVmm.sys - 
       CreateProcess - 0xB63131E0 - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - NVIDIA Corporation
       CreateProcess - 0xB363097A - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       CreateProcess - 0xB3574CDA - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       CreateThread - 0xB833C232 - C:\WINDOWS\system32\drivers\sfhlp02.sys - Protection Technology (StarForce)
       CreateThread - 0xB85B05C0 - C:\WINDOWS\system32\drivers\sfhlp01.sys - Protection Technology
       CreateThread - 0xB36306D6 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       CreateThread - 0xB356AD18 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       LoadImage - 0xB36305B4 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       LoadImage - 0xB3573148 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       BugCheckCallback - 0xB7DF95EF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       BugCheckCallback - 0xB7DF95EF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       BugCheckCallback - 0xB7DF95EF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       BugCheckCallback - 0xB7DF95EF - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       BugCheckCallback - 0x806ECC14 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       BugCheckReasonCallback - 0xB6CC5AB8 - C:\WINDOWS\system32\DRIVERS\mssmbios.sys - Microsoft Corporation
       BugCheckReasonCallback - 0xB6CC5A70 - C:\WINDOWS\system32\DRIVERS\mssmbios.sys - Microsoft Corporation
       BugCheckReasonCallback - 0xB6CC5A28 - C:\WINDOWS\system32\DRIVERS\mssmbios.sys - Microsoft Corporation
       BugCheckReasonCallback - 0xB5FE21BE - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
       BugCheckReasonCallback - 0xB5FE211E - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
       BugCheckReasonCallback - 0xB605F522 - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       SeFileSystem - 0xB366F2F9 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - Microsoft Corporation
       Shutdown - 0xB816BC74 - C:\WINDOWS\System32\Drivers\Cdfs.SYS - Microsoft Corporation
       Shutdown - 0xB606BC6A - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       Shutdown - 0xB606BC6A - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       Shutdown - 0xB606BC6A - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       Shutdown - 0xB85F05BE - C:\WINDOWS\System32\Drivers\Fs_Rec.SYS - Microsoft Corporation
       Shutdown - 0xB85F05BE - C:\WINDOWS\System32\Drivers\Fs_Rec.SYS - Microsoft Corporation
       Shutdown - 0xB85F05BE - C:\WINDOWS\System32\Drivers\Fs_Rec.SYS - Microsoft Corporation
       Shutdown - 0xB85F05BE - C:\WINDOWS\System32\Drivers\Fs_Rec.SYS - Microsoft Corporation
       Shutdown - 0xB85F05BE - C:\WINDOWS\System32\Drivers\Fs_Rec.SYS - Microsoft Corporation
       Shutdown - 0xB606BC6A - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       Shutdown - 0xB813B154 - C:\WINDOWS\system32\drivers\aswRvrt.sys - 
       Shutdown - 0xB7D76770 - C:\WINDOWS\system32\drivers\aswVmm.sys - 
       Shutdown - 0xB7DAA96B - C:\WINDOWS\system32\drivers\Mup.sys - Microsoft Corporation
       Shutdown - 0xB7F4A2BE - C:\WINDOWS\system32\drivers\ftdisk.sys - Microsoft Corporation
       Shutdown - 0xB80D873A - C:\WINDOWS\system32\drivers\MountMgr.sys - Microsoft Corporation
       Shutdown - 0x805D7CF2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Shutdown - 0x806002CA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PlugPlay - 0xB241AFCC - C:\WINDOWS\system32\drivers\sysaudio.sys - Microsoft Corporation
       PlugPlay - 0xB68E4C40 - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - NVIDIA Corporation
       PlugPlay - 0x805C8F42 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PlugPlay - 0x805C8F42 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PlugPlay - 0xBF8A7390 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       PlugPlay - 0xB63DF3E0 - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - NVIDIA Corporation
       PlugPlay - 0x805C8F42 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PlugPlay - 0xB232344E - C:\WINDOWS\system32\drivers\wdmaud.sys - Microsoft Corporation
       PlugPlay - 0xB232344E - C:\WINDOWS\system32\drivers\wdmaud.sys - Microsoft Corporation
       PlugPlay - 0xB232344E - C:\WINDOWS\system32\drivers\wdmaud.sys - Microsoft Corporation
       PlugPlay - 0xB232344E - C:\WINDOWS\system32\drivers\wdmaud.sys - Microsoft Corporation
       PlugPlay - 0xB232344E - C:\WINDOWS\system32\drivers\wdmaud.sys - Microsoft Corporation
       PlugPlay - 0xB232344E - C:\WINDOWS\system32\drivers\wdmaud.sys - Microsoft Corporation
       PlugPlay - 0xB842B898 - C:\WINDOWS\system32\DRIVERS\aracpi.sys - Microsoft Corporation
       PlugPlay - 0xB7CDC66A - C:\WINDOWS\system32\DRIVERS\arpolicy.sys - Microsoft Corporation
       PlugPlay - 0xBF8A7390 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       PlugPlay - 0xB7CDC452 - C:\WINDOWS\system32\DRIVERS\arpolicy.sys - Microsoft Corporation
       PlugPlay - 0xBF8A7FAF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       PlugPlay - 0xB64E08C0 - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - NVIDIA Corporation
       PlugPlay - 0xB7CD865C - C:\WINDOWS\system32\drivers\atkkbnt.sys - ASUSTeK COMPUTER INC.
       PlugPlay - 0xB7CDB452 - C:\WINDOWS\system32\DRIVERS\arpolicy.sys - Microsoft Corporation
       PlugPlay - 0xB81BBAC0 - C:\WINDOWS\system32\DRIVERS\redbook.sys - Microsoft Corporation
       PlugPlay - 0xB81BBAC0 - C:\WINDOWS\system32\DRIVERS\redbook.sys - Microsoft Corporation
       PlugPlay - 0xB80E0C26 - C:\WINDOWS\system32\drivers\MountMgr.sys - Microsoft Corporation
       PlugPlay - 0xB80F0544 - C:\WINDOWS\system32\drivers\VolSnap.sys - Microsoft Corporation
       PlugPlay - 0xBF8A7390 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       PlugPlay - 0x805C8F42 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PlugPlay - 0xB833185E - C:\WINDOWS\system32\drivers\PartMgr.sys - Microsoft Corporation
       PlugPlay - 0xB241AFCC - C:\WINDOWS\system32\drivers\sysaudio.sys - Microsoft Corporation
       FsNotifyChange - 0xB7EE4876 - C:\WINDOWS\system32\drivers\sr.sys - Microsoft Corporation
       FsNotifyChange - 0xB7EFB4B8 - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       ShutdownWorkItem - 0xB7EA56A0 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IopTimer - 0xB7F11D6A - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IopTimer - 0xB811859C - C:\WINDOWS\system32\drivers\PxHelp20.sys - Sonic Solutions
       IopTimer - 0xB7F11D6A - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IopTimer - 0xB7F11D6A - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IopTimer - 0xB8108406 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IopTimer - 0xB8108406 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IopTimer - 0xB80EDDE0 - C:\WINDOWS\system32\drivers\VolSnap.sys - Microsoft Corporation
       IopTimer - 0xB80EDDE0 - C:\WINDOWS\system32\drivers\VolSnap.sys - Microsoft Corporation
       IopTimer - 0xB7D99305 - C:\WINDOWS\system32\drivers\Mup.sys - Microsoft Corporation
       IopTimer - 0xB8108406 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IopTimer - 0xB8108406 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IopTimer - 0xB606005C - C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS - Microsoft Corporation
       IopTimer - 0xB3C78385 - C:\WINDOWS\system32\drivers\portcls.sys - Microsoft Corporation
       IopTimer - 0xB3C78385 - C:\WINDOWS\system32\drivers\portcls.sys - Microsoft Corporation
       IopTimer - 0xB3C78385 - C:\WINDOWS\system32\drivers\portcls.sys - Microsoft Corporation
       IopTimer - 0xB3C78385 - C:\WINDOWS\system32\drivers\portcls.sys - Microsoft Corporation
       IopTimer - 0xB3C78385 - C:\WINDOWS\system32\drivers\portcls.sys - Microsoft Corporation
       IopTimer - 0xB84124D6 - C:\WINDOWS\system32\DRIVERS\fdc.sys - Microsoft Corporation
       IopTimer - 0xB7D1D130 - C:\WINDOWS\system32\DRIVERS\rasacd.sys - Microsoft Corporation
       IopTimer - 0xB365A405 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - Microsoft Corporation

==========================================================================================

Filter

       File - \FileSystem\sr->\FileSystem\Ntfs - 0x8A367C10[] - C:\WINDOWS\system32\drivers\sr.sys - Microsoft Corporation
       File - \FileSystem\FltMgr->\FileSystem\sr - 0x89D544A8[] - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       Disk - \Driver\PartMgr->\Driver\Disk - 0x8A38B580[] - C:\WINDOWS\system32\drivers\PartMgr.sys - Microsoft Corporation
       Raw - \FileSystem\FltMgr->\FileSystem\RAW - 0x89D01020[] - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       Raw - \FileSystem\FltMgr->\FileSystem\RAW - 0x89D54700[] - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       Volume - \Driver\VolSnap->\Driver\Ftdisk - 0x8A362D80[] - C:\WINDOWS\system32\drivers\VolSnap.sys - Microsoft Corporation
       Keyboard - \Driver\arkbcfltr->\Driver\Kbdclass - 0x8A1EC808[] - C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys - Microsoft Corporation
       I8042prt - \Driver\aswKbd->\Driver\i8042prt - 0x8A22F750[] - C:\WINDOWS\System32\Drivers\aswKbd.SYS - AVAST Software
       I8042prt - \Driver\Kbdclass->\Driver\aswKbd - 0x8A22F568[KeyboardClass0] - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       I8042prt - \Driver\arkbcfltr->\Driver\Kbdclass - 0x8A1EC808[] - C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys - Microsoft Corporation
       Tcpip - \Driver\aswFW->\Driver\Tcpip - 0x8985C6B8[AswFwUdp] - C:\WINDOWS\system32\drivers\aswFW.sys - AVAST Software
       Tcpip - \Driver\aswTdi->\Driver\aswFW - 0x898295E0[AswUdpFilter] - C:\WINDOWS\System32\Drivers\aswTdi.SYS - AVAST Software
       Tcpip - \Driver\aswFW->\Driver\Tcpip - 0x8985D6B8[AswFwTcp] - C:\WINDOWS\system32\drivers\aswFW.sys - AVAST Software
       Tcpip - \Driver\aswTdi->\Driver\aswFW - 0x898299C8[AswTcpTdi4Filter] - C:\WINDOWS\System32\Drivers\aswTdi.SYS - AVAST Software
       Tcpip - \Driver\aswRdr->\Driver\aswTdi - 0x89820490[AswRdrTcp4Filter] - C:\WINDOWS\System32\Drivers\aswRdr.SYS - AVAST Software
       Mouse - \Driver\armoucfltr->\Driver\Mouclass - 0x8A193740[] - C:\WINDOWS\system32\DRIVERS\armoucfltr.sys - Microsoft Corporation
       PnpManager - \Driver\mssmbios->\Driver\PnpManager - 0x8A174750[] - C:\WINDOWS\system32\DRIVERS\mssmbios.sys - Microsoft Corporation
       PnpManager - \Driver\Update->\Driver\PnpManager - 0x8A175808[Processor] - C:\WINDOWS\system32\DRIVERS\update.sys - Microsoft Corporation
       PnpManager - \Driver\swenum->\Driver\PnpManager - 0x8A176478[] - C:\WINDOWS\system32\DRIVERS\swenum.sys - Microsoft Corporation
       PnpManager - \Driver\aswNdis->\Driver\PnpManager - 0x8A37D030[{C5A0F183-FD29-4C70-BCA8-99B919D97D33}] - C:\WINDOWS\system32\drivers\aswNdis.sys - ALWIL Software
       PnpManager - \Driver\aswNdis->\Driver\PnpManager - 0x8A362030[{3013C5B2-5CED-4385-B928-9BCAE81706BD}] - C:\WINDOWS\system32\drivers\aswNdis.sys - ALWIL Software
       PnpManager - \Driver\aswNdis->\Driver\PnpManager - 0x8A369030[{1A8D37AE-0494-4A5A-9002-ABCC182BC48A}] - C:\WINDOWS\system32\drivers\aswNdis.sys - ALWIL Software
       PnpManager - \Driver\aswNdis->\Driver\PnpManager - 0x8A373030[{DF1AE659-8B79-4EF2-8624-12FF3F8E3EAC}] - C:\WINDOWS\system32\drivers\aswNdis.sys - ALWIL Software
       PnpManager - \Driver\aswNdis->\Driver\PnpManager - 0x8A37F030[{DF2A42E4-6A78-495C-B406-EB02663CCB7B}] - C:\WINDOWS\system32\drivers\aswNdis.sys - ALWIL Software
       PnpManager - \Driver\seehcri->\Driver\PnpManager - 0x8A176E88[] - C:\WINDOWS\system32\DRIVERS\seehcri.sys - Sony Ericsson Mobile Communications
       PnpManager - \Driver\TermDD->\Driver\PnpManager - 0x8A177848[RDP_CONSOLE1] - C:\WINDOWS\system32\DRIVERS\termdd.sys - Microsoft Corporation
       PnpManager - \Driver\Mouclass->\Driver\TermDD - 0x8A177660[PointerClass0] - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       PnpManager - \Driver\TermDD->\Driver\PnpManager - 0x8A186030[RDP_CONSOLE0] - C:\WINDOWS\system32\DRIVERS\termdd.sys - Microsoft Corporation
       PnpManager - \Driver\Kbdclass->\Driver\TermDD - 0x8A17A030[KeyboardClass1] - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       PnpManager - \Driver\rdpdr->\Driver\PnpManager - 0x8A189B00[RdpDrDvMgr] - C:\WINDOWS\system32\DRIVERS\rdpdr.sys - Microsoft Corporation
       PnpManager - \Driver\Raspti->\Driver\PnpManager - 0x8A1829D0[{7963DCC8-B7FA-416F-A38D-B4C91C4B7CB2}] - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       PnpManager - \Driver\PSched->\Driver\PnpManager - 0x8A1839D0[{FC995D5E-2405-475E-9EF4-1452FB10536A}] - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       PnpManager - \Driver\PSched->\Driver\PnpManager - 0x8A1809D0[{151AB962-9D4A-444D-A5AE-8A19EAAE9FE0}] - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       PnpManager - \Driver\PSched->\Driver\PnpManager - 0x8A17C9D0[{F2AD70B3-BEA4-4D0D-9424-46A3D2FA7CF2}] - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       PnpManager - \Driver\PptpMiniport->\Driver\PnpManager - 0x8A181310[{D4A93FCF-5604-4F5C-A710-DC2E5038BD8B}] - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       PnpManager - \Driver\RasPppoe->\Driver\PnpManager - 0x8A182030[{93993CC7-ACE5-4FC9-AFDF-27F353793738}] - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       PnpManager - \Driver\NdisWan->\Driver\PnpManager - 0x8A185158[NdisWanIpx] - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       PnpManager - \Driver\NdisWan->\Driver\PnpManager - 0x8A185950[NdisWanIp] - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       PnpManager - \Driver\Rasl2tp->\Driver\PnpManager - 0x8A187810[{943EA335-68BD-4FDD-AB10-9AF7BAD65A42}] - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       PnpManager - \Driver\audstub->\Driver\PnpManager - 0x8A1915F0[] - C:\WINDOWS\system32\DRIVERS\audstub.sys - Microsoft Corporation
       PnpManager - \Driver\audstub->\Driver\PnpManager - 0x8A1922E0[] - C:\WINDOWS\system32\DRIVERS\audstub.sys - Microsoft Corporation
       PnpManager - \Driver\audstub->\Driver\PnpManager - 0x8A193A78[] - C:\WINDOWS\system32\DRIVERS\audstub.sys - Microsoft Corporation
       PnpManager - \Driver\audstub->\Driver\PnpManager - 0x8A195910[] - C:\WINDOWS\system32\DRIVERS\audstub.sys - Microsoft Corporation
       PnpManager - \Driver\audstub->\Driver\PnpManager - 0x8A197120[] - C:\WINDOWS\system32\DRIVERS\audstub.sys - Microsoft Corporation
       PnpManager - \Driver\asusgsb->\Driver\PnpManager - 0x8A194E00[] - C:\WINDOWS\system32\drivers\asusgsb.sys - ASUSTeK Computer Inc.
       PnpManager - \Driver\asusgsb->\Driver\PnpManager - 0x8A196EA8[] - C:\WINDOWS\system32\drivers\asusgsb.sys - ASUSTeK Computer Inc.
       PnpManager - \Driver\Ftdisk->\Driver\PnpManager - 0x8A3AC030[FtControl] - C:\WINDOWS\system32\drivers\ftdisk.sys - Microsoft Corporation
       PnpManager - \Driver\dmio->\Driver\PnpManager - 0x8A38ADA8[DmPnP] - C:\WINDOWS\system32\drivers\dmio.sys - Microsoft Corp., Veritas Software
       PnpManager - \Driver\Video3D->\Driver\PnpManager - 0x8A202828[Video3DDevice] - C:\WINDOWS\System32\Drivers\Video3D32.sys - ASUSTeK COMPUTER INC.
       PnpManager - \Driver\asuskbnt->\Driver\PnpManager - 0x8A1B1030[ATK_KBFilter] - C:\WINDOWS\system32\drivers\atkkbnt.sys - ASUSTeK COMPUTER INC.
       PnpManager - \Driver\ARPolicy->\Driver\PnpManager - 0x8A1EC5B0[ARPolicy] - C:\WINDOWS\system32\DRIVERS\arpolicy.sys - Microsoft Corporation
       PnpManager - \Driver\aracpi->\Driver\PnpManager - 0x8A29C568[] - C:\WINDOWS\system32\DRIVERS\aracpi.sys - Microsoft Corporation
       PnpManager - \Driver\ACPI_HAL->\Driver\PnpManager - 0x8A3E8F00[] -  - 

==========================================================================================

DPC Timer

       0x8A074950 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x8A1775D8 - 0xB7E0E6BC - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x805637C0 - 0x8052B46E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x896CF858 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x8A29A940 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x80564960 - 0x805385B4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x8055AC50 - 0x804F4F6E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89D013D8 - 0xB83806C4 - C:\WINDOWS\System32\watchdog.sys - Microsoft Corporation
       0x89DA7918 - 0xB83806C4 - C:\WINDOWS\System32\watchdog.sys - Microsoft Corporation
       0x89D8AA00 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x894ACAB0 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x8A17F8D0 - 0xB84303F0 - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       0x89825CD0 - 0xB82BAD8E - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x8A1FF020 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0xB38ADD70 - 0xB389E3E7 - C:\WINDOWS\system32\DRIVERS\ipsec.sys - Microsoft Corporation
       0xB38ADD08 - 0xB389E3E7 - C:\WINDOWS\system32\DRIVERS\ipsec.sys - Microsoft Corporation
       0xB38AE1C0 - 0xB389E471 - C:\WINDOWS\system32\DRIVERS\ipsec.sys - Microsoft Corporation
       0x89D92940 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89E55570 - 0xB37DF48A - C:\WINDOWS\system32\DRIVERS\netbt.sys - Microsoft Corporation
       0xB381ED60 - 0xB3816266 - C:\WINDOWS\system32\DRIVERS\ipnat.sys - Microsoft Corporation
       0x8A253BB0 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0xB7E422D0 - 0xB7E243D8 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       0x89484B70 - 0xB372D85A - C:\WINDOWS\System32\drivers\afd.sys - Microsoft Corporation
       0x8A24E9C8 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x8A292E20 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0xB1C9B4E0 - 0xB1C8CAB2 - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
       0xB1C98C10 - 0xB1C811D0 - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
       0x89639D78 - 0xB1B0D464 - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
       0x89639B38 - 0xB1B0D464 - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
       0xB247CB00 - 0xB24796DE - C:\WINDOWS\system32\DRIVERS\nwrdr.sys - Microsoft Corporation
       0x89CC4F90 - 0xB3B33156 - C:\WINDOWS\system32\drivers\sthda.sys - IDT, Inc.
       0x89D3D0D0 - 0xB3B33156 - C:\WINDOWS\system32\drivers\sthda.sys - IDT, Inc.
       0x89CC53D0 - 0xB3B33156 - C:\WINDOWS\system32\drivers\sthda.sys - IDT, Inc.
       0xB36FC2A0 - 0xB36F2385 - C:\WINDOWS\system32\DRIVERS\rdbss.sys - Microsoft Corporation
       0x8A1852C8 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185AC0 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187980 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0xB25F9790 - 0xB25F8E90 - C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys - Microsoft Corporation
       0xB388E068 - 0xB38453DD - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0xB388E010 - 0xB38453DD - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x8A3621A0 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A3731A0 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A1821A0 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182B40 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180B40 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A1D3730 - 0xB5FD96DC - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
       0x8A181480 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A405D90 - 0xB7ED992E - C:\WINDOWS\system32\drivers\sr.sys - Microsoft Corporation
       0x80563040 - 0x8052797C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x8A1C8730 - 0xB5FD96DC - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
       0x89615020 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89494D48 - 0xB372D85A - C:\WINDOWS\System32\drivers\afd.sys - Microsoft Corporation
       0x8A383928 - 0xB7DCAE20 - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x896576B0 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x8055AD80 - 0x804F479C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x8A1E9730 - 0xB5FD96DC - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
       0x8A1BD730 - 0xB5FD96DC - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
       0x89859890 - 0xB84303F0 - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       0x8A0A6880 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89D394F8 - 0xB84303F0 - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       0x89E3F4E8 - 0xB84303F0 - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       0x8A1DE730 - 0xB5FD96DC - C:\WINDOWS\system32\DRIVERS\USBPORT.SYS - Microsoft Corporation
       0x80559608 - 0x804E6A76 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0xB7E42270 - 0xB7E241B4 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       0x8A0AA980 - 0xB372D85A - C:\WINDOWS\System32\drivers\afd.sys - Microsoft Corporation
       0x805649E0 - 0x80538600 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x80564A60 - 0x805385DA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0xB7EF5A68 - 0xB7EEF226 - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       0x89DAC020 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x8989B700 - 0xB7E0DF1A - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C7C0 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CB40 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D1A0 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8956B970 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x8055D620 - 0x8050D5BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x8948C3B0 - 0xB372D85A - C:\WINDOWS\System32\drivers\afd.sys - Microsoft Corporation
       0xB1B20B58 - 0xB1B0D385 - C:\WINDOWS\system32\DRIVERS\srv.sys - Microsoft Corporation
       0x89473B20 - 0xB372D85A - C:\WINDOWS\System32\drivers\afd.sys - Microsoft Corporation
       0x8981F228 - 0xB371D385 - C:\WINDOWS\System32\drivers\afd.sys - Microsoft Corporation
       0x896E3AC0 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89835838 - 0xB84303F0 - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       0xB38892D0 - 0xB84303F0 - C:\WINDOWS\system32\DRIVERS\TDI.SYS - Microsoft Corporation
       0x89835578 - 0xB37DF48A - C:\WINDOWS\system32\DRIVERS\netbt.sys - Microsoft Corporation
       0x8A246B40 - 0xB7E0DF6F - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x897D6020 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89E0B960 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x89D05370 - 0xB3623F20 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       0x89E4D1A0 - 0xB7EEF23C - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       0xB1C9B440 - 0xB1C8EC66 - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
       0xB1C98E60 - 0xB1C886BC - C:\WINDOWS\System32\Drivers\HTTP.sys - Microsoft Corporation
       0x89DF1020 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       0x895D1108 - 0x80538A40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation

==========================================================================================

Worker Thread

       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CriticalWorkQueue - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       DelayedWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DelayedWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DelayedWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DelayedWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       HyperCriticalWorkQueue - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DelayedWorkQueue - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation

==========================================================================================

HalDispatchTable

       0 - 0x806FBFBA - HaliQuerySystemInformation - C:\WINDOWS\system32\hal.dll
       1 - 0x806FE9C6 - HalpSetSystemInformation - C:\WINDOWS\system32\hal.dll
       2 - 0x80571E7E - xHalQueryBusSlots - C:\WINDOWS\system32\ntkrnlpa.exe
       3 - 0x00000000 - - - 
       4 - 0x804EDF8C - HalExamineMBR - C:\WINDOWS\system32\ntkrnlpa.exe
       5 - 0x80571596 - IoAssignDriveLetters - C:\WINDOWS\system32\ntkrnlpa.exe
       6 - 0x80570C58 - IoReadPartitionTable - C:\WINDOWS\system32\ntkrnlpa.exe
       7 - 0x805702D6 - IoSetPartitionInformation - C:\WINDOWS\system32\ntkrnlpa.exe
       8 - 0x8057053E - IoWritePartitionTable - C:\WINDOWS\system32\ntkrnlpa.exe
       9 - 0x804EE186 - xHalHandlerForBus - C:\WINDOWS\system32\ntkrnlpa.exe
       10 - 0x804EE876 - xHalReferenceHandler - C:\WINDOWS\system32\ntkrnlpa.exe
       11 - 0x804EE876 - xHalReferenceHandler - C:\WINDOWS\system32\ntkrnlpa.exe
       12 - 0x806FDDE6 - HaliInitPnpDriver - C:\WINDOWS\system32\hal.dll
       13 - 0x806FE834 - HaliInitPowerManagement - C:\WINDOWS\system32\hal.dll
       14 - 0x806E9940 - HaliGetDmaAdapter - C:\WINDOWS\system32\hal.dll
       15 - 0x806FE2B8 - HalacpiGetInterruptTranslator - C:\WINDOWS\system32\hal.dll
       16 - 0x80571E9A - xHalStartMirroring - C:\WINDOWS\system32\ntkrnlpa.exe
       17 - 0x804EE1A8 - xHalEndMirroring - C:\WINDOWS\system32\ntkrnlpa.exe
       18 - 0x804EE1B6 - xHalMirrorPhysicalMemory - C:\WINDOWS\system32\ntkrnlpa.exe
       19 - 0x806FE9B4 - HalpEndOfBoot - C:\WINDOWS\system32\hal.dll
       20 - 0x804EE1B6 - xHalMirrorPhysicalMemory - C:\WINDOWS\system32\ntkrnlpa.exe

==========================================================================================

HalPrivateDispatchTable

       0 - 0x804EE186 - xHalHandlerForBus - C:\WINDOWS\system32\ntkrnlpa.exe
       1 - 0x804EE186 - xHalHandlerForBus - C:\WINDOWS\system32\ntkrnlpa.exe
       2 - 0x806FDE1E - HaliLocateHiberRanges - C:\WINDOWS\system32\hal.dll
       3 - 0x80571E8C - xHalRegisterBusHandler - C:\WINDOWS\system32\ntkrnlpa.exe
       4 - 0x806FA3F2 - xHalSetWakeEnable - C:\WINDOWS\system32\hal.dll
       5 - 0x806FA3AC - xHalSetWakeAlarm - C:\WINDOWS\system32\hal.dll
       6 - 0xB7F6A12E - xHalTranslateBusAddress - C:\WINDOWS\system32\drivers\pci.sys
       7 - 0xB7F69F82 - xHalTranslateBusAddress - C:\WINDOWS\system32\drivers\pci.sys
       8 - 0x806E9108 - HaliHaltSystem - C:\WINDOWS\system32\hal.dll
       9 - 0x806ED5BE - HalpBiosDisplayReset - C:\WINDOWS\system32\hal.dll
       10 - 0x806EC54C - HalpAllocateMapRegisters - C:\WINDOWS\system32\hal.dll
       11 - 0x806FFDDE - xKdSetupPciDeviceForDebugging - C:\WINDOWS\system32\hal.dll
       12 - 0x806FF2A6 - xKdReleasePciDeviceForDebugging - C:\WINDOWS\system32\hal.dll
       13 - 0x807022BE - xKdGetAcpiTablePhase0 - C:\WINDOWS\system32\hal.dll
       14 - 0x806E9026 - xHalReferenceHandler - C:\WINDOWS\system32\hal.dll
       15 - 0x804EE208 - xHalVectorToIDTEntry - C:\WINDOWS\system32\ntkrnlpa.exe
       16 - 0x806EC958 - MatchAll - C:\WINDOWS\system32\hal.dll
       17 - 0x806ECAB0 - xKdUnmapVirtualAddress - C:\WINDOWS\system32\hal.dll

==========================================================================================

HalAcpiDispatchTable

       HaliAcpiTimerInit - 0x806FE312 - - - 0x806FE312 - C:\WINDOWS\system32\hal.dll
       HalAcpiTimerCarry/HalAcpiBrokenPiix4TimerCarry - 0x806EDFD0 - - - - - C:\WINDOWS\system32\hal.dll
       HaliAcpiMachineStateInit - 0x806FE35E - - - 0x806FE35E - C:\WINDOWS\system32\hal.dll
       HaliAcpiQueryFlags - 0x806FE50C - - - 0x806FE50C - C:\WINDOWS\system32\hal.dll
       HalpAcpiPicStateIntact - 0x806FBACE - - - 0x806FBACE - C:\WINDOWS\system32\hal.dll
       HalpRestoreInterruptControllerState - 0x806FB8D0 - - - 0x806FB8D0 - C:\WINDOWS\system32\hal.dll
       HaliPciInterfaceReadConfig - 0x806EC0BA - - - 0x806EC0BA - C:\WINDOWS\system32\hal.dll
       HaliPciInterfaceWriteConfig - 0x806EC11A - - - 0x806EC11A - C:\WINDOWS\system32\hal.dll
       HaliSetVectorState - 0x806FEB06 - - - 0x806FEB06 - C:\WINDOWS\system32\hal.dll
       HalpGetApicVersion - 0x806FBADA - - - 0x806FBADA - C:\WINDOWS\system32\hal.dll
       HaliSetMaxLegacyPciBusNumber - 0x806EC15C - - - 0x806EC15C - C:\WINDOWS\system32\hal.dll
       HaliIsVectorValid - 0x806FEBCE - - - 0x806FEBCE - C:\WINDOWS\system32\hal.dll

==========================================================================================

Filter

       [0x897923D0]InstanceSetup - 0xB83A2F86 - C:\WINDOWS\System32\Drivers\aswFsBlk.SYS
       [0x897923D0]IRP_MJ_CREATE PreFun - 0xB83A316C - C:\WINDOWS\System32\Drivers\aswFsBlk.SYS
       [0x897923D0]IRP_MJ_CREATE PostFun - 0xB83A332A - C:\WINDOWS\System32\Drivers\aswFsBlk.SYS
       [0x897923D0]IRP_MJ_SET_INFORMATION PreFun - 0xB83A3404 - C:\WINDOWS\System32\Drivers\aswFsBlk.SYS
       [0x8A22E008]InstanceSetup - 0xB277804C - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x8A22E008]InstanceQueryTeardown - 0xB275D108 - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x8A22E008]InstanceTeardownStart - 0xB275D116 - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x8A22E008]IRP_MJ_CREATE PreFun - 0xB2778BEC - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x8A22E008]IRP_MJ_CREATE PostFun - 0xB2778D02 - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x8A22E008]IRP_MJ_WRITE PostFun - 0xB275D74A - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x8A22E008]IRP_MJ_CLEANUP PreFun - 0xB27795E2 - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x8A22E008]IRP_MJ_CLEANUP PostFun - 0xB275D7E2 - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x8A22E008]IRP_MJ_CLOSE PostFun - 0xB275D7E2 - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x8A22E008]IRP_MJ_SET_INFORMATION PreFun - 0xB27797F2 - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x8A22E008]IRP_MJ_SET_INFORMATION PostFun - 0xB277990C - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x8A22E008]IRP_MJ_ACQUIRE_FOR_SECTION_SYNCHRONIZATION PostFun - 0xB275D78C - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x8A22E008]IRP_MJ_FILE_SYSTEM_CONTROL PreFun - 0xB275D136 - C:\WINDOWS\system32\drivers\aswMonFlt.sys
       [0x89D58190]InstanceSetup - 0xB3544B3A - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]InstanceQueryTeardown - 0xB3544606 - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]InstanceTeardownStart - 0xB3544614 - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]InstanceTeardownComplete - 0xB354461C - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]GenerateFileName - 0xB3544638 - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]NormalizeNameComponent - 0xB3544706 - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]IRP_MJ_CREATE PreFun - 0xB35462D8 - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]IRP_MJ_CREATE PostFun - 0xB3547122 - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]IRP_MJ_NETWORK_QUERY_OPEN PreFun - 0xB35474EC - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]IRP_MJ_DIRECTORY_CONTROL PreFun - 0xB3549A2A - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]IRP_MJ_CLEANUP PreFun - 0xB3547600 - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]IRP_MJ_CLEANUP PostFun - 0xB3547944 - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]IRP_MJ_QUERY_INFORMATION PostFun - 0xB354838C - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]IRP_MJ_SET_INFORMATION PreFun - 0xB3547992 - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]IRP_MJ_SET_INFORMATION PostFun - 0xB3548E3C - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]IRP_MJ_FILE_SYSTEM_CONTROL PreFun - 0xB35484D2 - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]IRP_MJ_FILE_SYSTEM_CONTROL PostFun - 0xB354A31E - C:\WINDOWS\System32\Drivers\aswSnx.SYS
       [0x89D58190]IRP_MJ_QUERY_VOLUME_INFORMATION PreFun - 0xB35488C8 - C:\WINDOWS\System32\Drivers\aswSnx.SYS

==========================================================================================

File System

       Disk - 0x89E0C4A8 - FatDiskRecognizer - 0x898765D8 - \FileSystem\Fs_Rec
       Disk - 0x89E0D3D8 - UdfsDiskRecognizer - 0x898765D8 - \FileSystem\Fs_Rec
       Disk - 0x8A380BD0 - Ntfs - 0x8A380CE8 - \FileSystem\Ntfs
       Disk - 0x8A3E7250 - RawDisk - 0x8A3E8170 - \FileSystem\RAW
       Network - 0x8A177030 - RdpDr - 0x8A187338 - \Driver\rdpdr
       Network - 0x89E0A360 - LanmanRedirector - 0x89E3A408 - \FileSystem\MRxSmb
       CdRom - 0x89E0C8F8 - FatCdRomRecognizer - 0x898765D8 - \FileSystem\Fs_Rec
       CdRom - 0x89E41BB0 - UdfsCdRomRecognizer - 0x898765D8 - \FileSystem\Fs_Rec
       CdRom - 0x89DBE678 - Cdfs - 0x897E0F38 - \FileSystem\Cdfs
       CdRom - 0x8A40E030 - RawCdRom - 0x8A3E8170 - \FileSystem\RAW
       Tape - 0x8A40EF18 - RawTape - 0x8A3E8170 - \FileSystem\RAW

==========================================================================================

Sfilter FileSystem Filter Callback

       \FileSystem\FltMgr - 0x8A3F1A78 - PreAcquireForSectionSynchronization - 0xB7EEE3C2 - C:\WINDOWS\system32\drivers\fltMgr.sys
       \FileSystem\FltMgr - 0x8A3F1A78 - PostAcquireForSectionSynchronization - 0xB7EEE494 - C:\WINDOWS\system32\drivers\fltMgr.sys
       \FileSystem\FltMgr - 0x8A3F1A78 - PreReleaseForSectionSynchronization - 0xB7EEE3C2 - C:\WINDOWS\system32\drivers\fltMgr.sys
       \FileSystem\FltMgr - 0x8A3F1A78 - PostReleaseForSectionSynchronization - 0xB7EEE494 - C:\WINDOWS\system32\drivers\fltMgr.sys
       \FileSystem\FltMgr - 0x8A3F1A78 - PreAcquireForCcFlush - 0xB7EEE3C2 - C:\WINDOWS\system32\drivers\fltMgr.sys
       \FileSystem\FltMgr - 0x8A3F1A78 - PostAcquireForCcFlush - 0xB7EEE494 - C:\WINDOWS\system32\drivers\fltMgr.sys
       \FileSystem\FltMgr - 0x8A3F1A78 - PreReleaseForCcFlush - 0xB7EEE3C2 - C:\WINDOWS\system32\drivers\fltMgr.sys
       \FileSystem\FltMgr - 0x8A3F1A78 - PostReleaseForCcFlush - 0xB7EEE494 - C:\WINDOWS\system32\drivers\fltMgr.sys
       \FileSystem\FltMgr - 0x8A3F1A78 - PreAcquireForModifiedPageWriter - 0xB7EEE3C2 - C:\WINDOWS\system32\drivers\fltMgr.sys
       \FileSystem\FltMgr - 0x8A3F1A78 - PostAcquireForModifiedPageWriter - 0xB7EEE494 - C:\WINDOWS\system32\drivers\fltMgr.sys
       \FileSystem\FltMgr - 0x8A3F1A78 - PreReleaseForModifiedPageWriter - 0xB7EEE3C2 - C:\WINDOWS\system32\drivers\fltMgr.sys
       \FileSystem\FltMgr - 0x8A3F1A78 - PostReleaseForModifiedPageWriter - 0xB7EEE494 - C:\WINDOWS\system32\drivers\fltMgr.sys

==========================================================================================

ClassInitData Callback

       Disk FdoData.ClassError - OK - 0xB80F9804 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassReadWriteVerification - OK - 0xB80F8306 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassDeviceControl - OK - 0xB80F8634 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassShutdownFlush - OK - 0xB80FC350 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassInitDevice - OK - 0xB80FEB7C - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassStartDevice - OK - 0xB80FE9B8 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassPowerDevice - OK - 0xB80FA27C - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassStopDevice - OK - 0xB80FA0D8 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassRemoveDevice - OK - 0xB80FE81E - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassWmiInfo.ClassQueryWmiRegInfo - OK - 0xB80FCAAC - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassWmiInfo.ClassQueryWmiDataBlock - OK - 0xB80FCB50 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassWmiInfo.ClassSetWmiDataBlock - OK - 0xB80FCD42 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassWmiInfo.ClassSetWmiDataItem - OK - 0xB80FCE24 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassWmiInfo.ClassExecuteWmiMethod - OK - 0xB80FD15A - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk FdoData.ClassWmiInfo.ClassWmiFunctionControl - OK - 0xB80FD0EC - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk PdoData.ClassReadWriteVerification - OK - 0xB80F8306 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk PdoData.ClassDeviceControl - OK - 0xB80F8634 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk PdoData.ClassShutdownFlush - OK - 0xB80FC350 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk PdoData.ClassInitDevice - OK - 0xB80FEE22 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk PdoData.ClassStartDevice - OK - 0xB80FE20A - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk PdoData.ClassPowerDevice - OK - 0xB810D72F - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       Disk PdoData.ClassStopDevice - OK - 0xB80FA0D8 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk PdoData.ClassRemoveDevice - OK - 0xB80FE81E - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk PdoData.ClassQueryPnpCapabilities - OK - 0xB80FB1FA - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk ClassAddDevice - OK - 0xB80FE122 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk ClassEnumerateDevice - OK - 0xB80FD6F2 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk ClassQueryId - OK - 0xB80FE2B4 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Disk ClassUnload - OK - 0xB80FAA06 - C:\WINDOWS\system32\drivers\disk.sys - Microsoft Corporation
       Cdrom FdoData.ClassError - OK - 0xB81A8D86 - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom FdoData.ClassReadWriteVerification - OK - 0xB81B4036 - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom FdoData.ClassDeviceControl - OK - 0xB81AF0BC - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom FdoData.ClassShutdownFlush - OK - 0xB81A8E2E - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom FdoData.ClassCreateClose - OK - 0xB81A92D6 - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom FdoData.ClassInitDevice - OK - 0xB81AC128 - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom FdoData.ClassStartDevice - OK - 0xB81B4982 - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom FdoData.ClassPowerDevice - OK - 0xB81B3670 - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom FdoData.ClassStopDevice - OK - 0xB81A897C - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom FdoData.ClassRemoveDevice - OK - 0xB81B4DEC - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom ClassAddDevice - OK - 0xB81B3FC2 - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom ClassStartIo - OK - 0xB81AA6DA - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom ClassUnload - OK - 0xB81B3F86 - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation
       Cdrom ClassTick - OK - 0xB81AC854 - C:\WINDOWS\system32\DRIVERS\cdrom.sys - Microsoft Corporation

==========================================================================================

System Debug

       KiDebugRoutine OK - 0x804F7DD8 - 0x804F7DD8 - C:\WINDOWS\system32\ntkrnlpa.exe

==========================================================================================

Object Hijack

       Nothing

==========================================================================================

Direct IO

       csrss.exe - C:\WINDOWS\system32\csrss.exe - Microsoft Corporation - IOPL

==========================================================================================

GDT

       cpu[0] - Selector(0x0001) - Type(Code RE Ac)
       cpu[0] - Selector(0x0002) - Type(Data RW Ac)
       cpu[0] - Selector(0x0003) - Type(Code RE Ac)
       cpu[0] - Selector(0x0004) - Type(Data RW Ac)
       cpu[0] - Selector(0x0005) - Type(T5532 Busy)
       cpu[0] - Selector(0x0007) - Type(Data RW Ac)
       cpu[0] - Selector(0x0008) - Type(Data RW)
       cpu[0] - Selector(0x000A) - Type(T5532 Avl)
       cpu[0] - Selector(0x000C) - Type(Data RW Ac)
       cpu[0] - Selector(0x000D) - Type(Data RW)
       cpu[0] - Selector(0x000E) - Type(Data RW)
       cpu[0] - Selector(0x000F) - Type(Code RE)
       cpu[0] - Selector(0x0010) - Type(Data RW)
       cpu[0] - Selector(0x0011) - Type(Data RW)
       cpu[0] - Selector(0x0014) - Type(T5532 Avl)
       cpu[0] - Selector(0x001C) - Type(Code RE CA)
       cpu[0] - Selector(0x001D) - Type(Data RW)
       cpu[0] - Selector(0x001E) - Type(Code EO)
       cpu[0] - Selector(0x001F) - Type(Data RW)
       cpu[0] - Selector(0x0020) - Type(Data RW Ac)
       cpu[0] - Selector(0x0021) - Type(Data RW Ac)
       cpu[0] - Selector(0x0022) - Type(Data RW Ac)
       cpu[1] - Selector(0x0001) - Type(Code RE Ac)
       cpu[1] - Selector(0x0002) - Type(Data RW Ac)
       cpu[1] - Selector(0x0003) - Type(Code RE Ac)
       cpu[1] - Selector(0x0004) - Type(Data RW Ac)
       cpu[1] - Selector(0x0005) - Type(T5532 Busy)
       cpu[1] - Selector(0x0007) - Type(Data RW Ac)
       cpu[1] - Selector(0x0008) - Type(Data RW)
       cpu[1] - Selector(0x000A) - Type(T5532 Avl)
       cpu[1] - Selector(0x000C) - Type(Data RW Ac)
       cpu[1] - Selector(0x000D) - Type(Data RW)
       cpu[1] - Selector(0x000E) - Type(Data RW)
       cpu[1] - Selector(0x000F) - Type(Code RE)
       cpu[1] - Selector(0x0010) - Type(Data RW)
       cpu[1] - Selector(0x0011) - Type(Data RW)
       cpu[1] - Selector(0x0014) - Type(T5532 Avl)
       cpu[1] - Selector(0x001C) - Type(Code RE CA)
       cpu[1] - Selector(0x001D) - Type(Data RW)
       cpu[1] - Selector(0x001E) - Type(Code EO)
       cpu[1] - Selector(0x001F) - Type(Data RW)
       cpu[1] - Selector(0x0020) - Type(Data RW Ac)
       cpu[1] - Selector(0x0021) - Type(Data RW Ac)
       cpu[1] - Selector(0x0022) - Type(Data RW Ac)

==========================================================================================

SSDT

       NtAcceptConnectPort - OK - 0x805A4664 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheck - OK - 0x805F1310 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheckAndAuditAlarm - OK - 0x805F4B46 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheckByType - OK - 0x805F1342 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheckByTypeAndAuditAlarm - OK - 0x805F4B80 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheckByTypeResultList - OK - 0x805F1378 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheckByTypeResultListAndAuditAlarm - OK - 0x805F4BC4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAccessCheckByTypeResultListAndAuditAlarmByHandle - OK - 0x805F4C08 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAddAtom - OK - 0x80615DA6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAddBootEntry - ssdt hook - 0xB355B644 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtAdjustGroupsToken - OK - 0x805EC70E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAdjustPrivilegesToken - OK - 0x805EC366 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAlertResumeThread - OK - 0x805D4C0C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAlertThread - OK - 0x805D4BBC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAllocateLocallyUniqueId - OK - 0x806163CC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAllocateUserPhysicalPages - OK - 0x805B5FEA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAllocateUuids - OK - 0x806159E8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAllocateVirtualMemory - ssdt hook - 0xB360F668 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       NtAreMappedFilesTheSame - OK - 0x805B05FE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtAssignProcessToJobObject - ssdt hook - 0xB355C0D6 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCallbackReturn - OK - 0x805018F8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCancelDeviceWakeupRequest - OK - 0x805C86A4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCancelIoFile - OK - 0x80576B04 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCancelTimer - OK - 0x80538C82 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtClearEvent - OK - 0x8060EFB6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtClose - ssdt hook - 0xB359F386 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCloseObjectAuditAlarm - OK - 0x805F5080 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCompactKeys - OK - 0x80623D60 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCompareTokens - OK - 0x805F9594 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCompleteConnectPort - OK - 0x805A4D52 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCompressKey - OK - 0x80623FB4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtConnectPort - OK - 0x805A4604 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtContinue - OK - 0x80544F34 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateDebugObject - OK - 0x80642AFC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateDirectoryObject - OK - 0x805BE514 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateEvent - ssdt hook - 0xB356789A - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateEventPair - ssdt hook - 0xB35678E6 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateFile - OK - 0x805790A2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateIoCompletion - ssdt hook - 0xB3567A80 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateJobObject - OK - 0x805D5694 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateJobSet - OK - 0x805D53CC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateKey - ssdt hook - 0xB359ED3A - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateMailslotFile - OK - 0x805791B0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateMutant - ssdt hook - 0xB3567808 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateNamedPipeFile - OK - 0x805790DC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreatePagingFile - OK - 0x805ABA22 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreatePort - OK - 0x805A5120 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateProcess - OK - 0x805D1280 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateProcessEx - OK - 0x805D11CA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateProfile - OK - 0x80617B68 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateSection - ssdt hook - 0xB356792A - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateSemaphore - ssdt hook - 0xB3567850 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateSymbolicLinkObject - OK - 0x805C3A2E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateThread - ssdt hook - 0xB355C5D4 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateTimer - ssdt hook - 0xB3567A3A - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtCreateToken - OK - 0x805F993C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateWaitablePort - OK - 0x805A5144 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDebugActiveProcess - ssdt hook - 0xB355CE8C - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtDebugContinue - OK - 0x80643D28 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDelayExecution - OK - 0x80616A2A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDeleteAtom - OK - 0x8061625C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDeleteBootEntry - ssdt hook - 0xB355B6AA - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtDeleteFile - OK - 0x80576C4A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDeleteKey - ssdt hook - 0xB359FA4C - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtDeleteObjectAuditAlarm - OK - 0x805F518C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDeleteValueKey - ssdt hook - 0xB359FD02 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtDeviceIoControlFile - OK - 0x80579268 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDisplayString - OK - 0x80613084 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtDuplicateObject - ssdt hook - 0xB35606AC - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtDuplicateToken - OK - 0x805ED5BC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtEnumerateBootEntries - OK - 0x8061700A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtEnumerateKey - ssdt hook - 0xB359F8B7 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtEnumerateSystemEnvironmentValuesEx - OK - 0x80616ACC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtEnumerateValueKey - ssdt hook - 0xB359F722 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtExtendSection - OK - 0x805B3D0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFilterToken - OK - 0x805ED768 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFindAtom - OK - 0x80616010 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFlushBuffersFile - OK - 0x80576D16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFlushInstructionCache - OK - 0x805B687E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFlushKey - OK - 0x80624EB0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFlushVirtualMemory - OK - 0x805AC750 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFlushWriteBuffer - OK - 0x805B6820 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFreeUserPhysicalPages - OK - 0x805B638C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtFreeVirtualMemory - ssdt hook - 0xB360F730 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       NtFsControlFile - OK - 0x8057929C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtGetContextThread - OK - 0x805D2A3A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtGetDevicePowerState - OK - 0x805C86C6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtGetPlugPlayEvent - OK - 0x8059914E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtGetWriteWatch - OK - 0x80521200 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtImpersonateAnonymousToken - OK - 0x805F9288 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtImpersonateClientOfPort - OK - 0x805A51AE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtImpersonateThread - OK - 0x805D7890 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtInitializeRegistry - OK - 0x806222D2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtInitiatePowerAction - OK - 0x805C849E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtIsProcessInJob - OK - 0x805D5290 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtIsSystemResumeAutomatic - OK - 0x805C86B2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtListenPort - OK - 0x805A53BA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtLoadDriver - ssdt hook - 0xB355B292 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtLoadKey - OK - 0x806263B4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtLoadKey2 - OK - 0x80625FC0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtLockFile - OK - 0x805792D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtLockProductActivationKeys - OK - 0x80613676 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtLockRegistryKey - OK - 0x80624060 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtLockVirtualMemory - OK - 0x805B6986 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtMakePermanentObject - OK - 0x805BE30A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtMakeTemporaryObject - OK - 0x805BC608 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtMapUserPhysicalPages - OK - 0x805B544A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtMapUserPhysicalPagesScatter - OK - 0x805B599A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtMapViewOfSection - OK - 0x805B206E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtModifyBootEntry - ssdt hook - 0xB355B710 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtNotifyChangeDirectoryFile - OK - 0x80579EE8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtNotifyChangeKey - ssdt hook - 0xB3560A76 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtNotifyChangeMultipleKeys - ssdt hook - 0xB355D91C - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenDirectoryObject - OK - 0x805BE5E6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenEvent - ssdt hook - 0xB35678C4 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenEventPair - ssdt hook - 0xB3567908 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenFile - OK - 0x8057A1A0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenIoCompletion - ssdt hook - 0xB3567AA4 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenJobObject - OK - 0x805D581A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenKey - ssdt hook - 0xB359F096 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenMutant - ssdt hook - 0xB356782E - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenObjectAuditAlarm - OK - 0x805F4C4E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenProcess - ssdt hook - 0xB355FF92 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenProcessToken - OK - 0x805EDF56 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenProcessTokenEx - OK - 0x805EDBBA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenSection - ssdt hook - 0xB35679B8 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenSemaphore - ssdt hook - 0xB3567878 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenSymbolicLinkObject - OK - 0x805C3C14 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenThread - ssdt hook - 0xB3560384 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtOpenThreadToken - OK - 0x805EDF74 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenThreadTokenEx - OK - 0x805EDD2A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenTimer - ssdt hook - 0xB3567A5E - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtPlugPlayControl - OK - 0x80645DCA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtPowerInformation - OK - 0x805C9534 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtPrivilegeCheck - OK - 0x805F833A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtPrivilegeObjectAuditAlarm - OK - 0x805F3F60 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtPrivilegedServiceAuditAlarm - OK - 0x805F414C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtProtectVirtualMemory - ssdt hook - 0xB360F890 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       NtPulseEvent - OK - 0x8060F1BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryAttributesFile - OK - 0x80576EF4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryBootEntryOrder - OK - 0x8061700A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryBootOptions - OK - 0x8061700A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryDebugFilterState - OK - 0x8053FC6E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryDefaultLocale - OK - 0x80610DB0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryDefaultUILanguage - OK - 0x80611A10 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryDirectoryFile - OK - 0x80579E82 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryDirectoryObject - OK - 0x805BE686 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryEaFile - OK - 0x8057A1D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryEvent - OK - 0x8060F286 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryFullAttributesFile - OK - 0x80577048 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationAtom - OK - 0x80616284 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationFile - OK - 0x8057AA3C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationJobObject - OK - 0x805D5CEC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationPort - OK - 0x805A5418 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationProcess - OK - 0x805CCFDA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationThread - OK - 0x805CBC08 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInformationToken - OK - 0x805EE054 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryInstallUILanguage - OK - 0x806111AE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryIntervalProfile - OK - 0x80617FEA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryIoCompletion - OK - 0x80578C00 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryKey - ssdt hook - 0xB359F59D - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtQueryMultipleValueKey - OK - 0x806232DE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryMutant - OK - 0x806178C8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryObject - ssdt hook - 0xB355D7E8 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtQueryOpenSubKeys - OK - 0x8062398A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryPerformanceCounter - OK - 0x80618078 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryQuotaInformationFile - OK - 0x8057B81E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySection - OK - 0x805B8614 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySecurityObject - OK - 0x805C00CE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySemaphore - OK - 0x806152B8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySymbolicLinkObject - OK - 0x805C3CB4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySystemEnvironmentValue - OK - 0x80616AE8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySystemEnvironmentValueEx - OK - 0x80616ABE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySystemInformation - OK - 0x80611A90 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQuerySystemTime - OK - 0x80613250 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryTimer - OK - 0x806171F2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryTimerResolution - OK - 0x806132E2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryValueKey - ssdt hook - 0xB359F3EF - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtQueryVirtualMemory - OK - 0x805B8CA2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryVolumeInformationFile - OK - 0x8057BD08 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueueApcThread - ssdt hook - 0xB355D33E - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtRaiseException - OK - 0x80544F7C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRaiseHardError - OK - 0x80614F2A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReadFile - OK - 0x8057C4A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReadFileScatter - OK - 0x8057CA12 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReadRequestData - OK - 0x805A5EA0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReadVirtualMemory - OK - 0x805B42F6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRegisterThreadTerminatePort - OK - 0x805D18A0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReleaseMutant - OK - 0x80617A00 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReleaseSemaphore - OK - 0x806153E8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRemoveIoCompletion - OK - 0x80578EF8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRemoveProcessDebug - OK - 0x80643CA8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRenameKey - ssdt hook - 0xB361C7BC - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       NtReplaceKey - OK - 0x80626264 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReplyPort - OK - 0x805A5520 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReplyWaitReceivePort - OK - 0x805A64E8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReplyWaitReceivePortEx - OK - 0x805A5EF0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReplyWaitReplyPort - OK - 0x805A580A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRequestDeviceWakeup - OK - 0x805C8636 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRequestPort - OK - 0x805A2A7E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRequestWaitReplyPort - OK - 0x805A2DAA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRequestWakeupLatency - OK - 0x805C8444 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtResetEvent - OK - 0x8060F398 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtResetWriteWatch - OK - 0x805216E8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtRestoreKey - ssdt hook - 0xB359E380 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtResumeProcess - OK - 0x805D4B66 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtResumeThread - OK - 0x805D4A48 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSaveKey - OK - 0x80625C6C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSaveKeyEx - OK - 0x80625D52 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSaveMergedKeys - OK - 0x80625E7A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSecureConnectPort - OK - 0x805A3D98 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetBootEntryOrder - ssdt hook - 0xB355B776 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSetBootOptions - ssdt hook - 0xB355B7DC - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSetContextThread - ssdt hook - 0xB355CD06 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSetDebugFilterState - OK - 0x80646960 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetDefaultHardErrorPort - OK - 0x80614DD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetDefaultLocale - OK - 0x80610F00 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetDefaultUILanguage - OK - 0x80611772 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetEaFile - OK - 0x8057A6E4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetEvent - OK - 0x8060F458 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetEventBoostPriority - OK - 0x8060F522 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetHighEventPair - OK - 0x806176E4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetHighWaitLowEventPair - OK - 0x80617614 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationDebugObject - OK - 0x80643672 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationFile - OK - 0x8057B02E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationJobObject - OK - 0x805D69FA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationKey - OK - 0x80622EAA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationObject - OK - 0x805C4876 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationProcess - OK - 0x805CDED0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationThread - OK - 0x805CC154 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetInformationToken - OK - 0x805FA6B6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetIntervalProfile - OK - 0x80617B4C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetIoCompletion - OK - 0x80578E96 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetLdtEntries - OK - 0x805D3992 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetLowEventPair - OK - 0x80617680 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetLowWaitHighEventPair - OK - 0x806175A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetQuotaInformationFile - OK - 0x8057B7FC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetSecurityObject - OK - 0x805C0662 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetSystemEnvironmentValue - OK - 0x80616D6C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetSystemEnvironmentValueEx - OK - 0x80616ABE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetSystemInformation - ssdt hook - 0xB355B32C - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSetSystemPowerState - ssdt hook - 0xB355B502 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSetSystemTime - OK - 0x80614558 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetThreadExecutionState - OK - 0x805C8358 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetTimer - OK - 0x80538E12 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetTimerResolution - OK - 0x80613A2A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetUuidSeed - OK - 0x8061589E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSetValueKey - ssdt hook - 0xB359FB53 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSetVolumeInformationFile - OK - 0x8057C112 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtShutdownSystem - ssdt hook - 0xB355B490 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSignalAndWaitForSingleObject - OK - 0x805267DE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtStartProfile - OK - 0x80617D96 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtStopProfile - OK - 0x80617F40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtSuspendProcess - ssdt hook - 0xB355D056 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSuspendThread - ssdt hook - 0xB355D1B8 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtSystemDebugControl - ssdt hook - 0xB355B58A - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtTerminateJobObject - OK - 0x805D758E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtTerminateProcess - ssdt hook - 0xB355CB44 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtTerminateThread - ssdt hook - 0xB355CCE6 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtTestAlert - OK - 0x805D4CD0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtTraceEvent - OK - 0x805351B2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtTranslateFilePath - OK - 0x80616ADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtUnloadDriver - ssdt hook - 0xB360DCB0 - C:\WINDOWS\System32\Drivers\aswSP.SYS - AVAST Software
       NtUnloadKey - OK - 0x80622A2C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtUnloadKeyEx - OK - 0x80622C4E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtUnlockFile - OK - 0x80579674 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtUnlockVirtualMemory - OK - 0x805B6F14 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtUnmapViewOfSection - OK - 0x805B2E7C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtVdmControl - ssdt hook - 0xB355B842 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtWaitForDebugEvent - OK - 0x806433DA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWaitForMultipleObjects - OK - 0x805C0818 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWaitForSingleObject - OK - 0x805C072E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWaitHighEventPair - OK - 0x80617544 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWaitLowEventPair - OK - 0x806174E0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWriteFile - OK - 0x8057CF10 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWriteFileGather - OK - 0x8057D4F4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWriteRequestData - OK - 0x805A5EC8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWriteVirtualMemory - ssdt hook - 0xB355C132 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtYieldExecution - OK - 0x80504B5C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtCreateKeyedEvent - OK - 0x806185BC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtOpenKeyedEvent - OK - 0x806186A6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtReleaseKeyedEvent - OK - 0x80618758 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtWaitForKeyedEvent - OK - 0x806189B4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       NtQueryPortInformationProcess - OK - 0x805CB988 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation

==========================================================================================

Shadow SSDT

       NtGdiAbortDoc - OK - 0xBF93ABB7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAbortPath - OK - 0xBF94C2B4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAddFontResourceW - OK - 0xBF894735 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAddRemoteFontToDC - OK - 0xBF943DCC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAddFontMemResourceEx - OK - 0xBF94D8D6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRemoveMergeFont - OK - 0xBF93AE4B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAddRemoteMMInstanceToDC - OK - 0xBF93AEF0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAlphaBlend - inline hook - 0xB35626FE - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiAngleArc - OK - 0xBF94D1F2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAnyLinkedFonts - OK - 0xBF938FB6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFontIsLinked - OK - 0xBF94D7EA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiArcInternal - OK - 0xBF91136E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBeginPath - OK - 0xBF8FEECD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBitBlt - inline hook - 0xB356236E - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiCancelDC - OK - 0xBF94D6BC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCheckBitmapBits - OK - 0xBF94EEC3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCloseFigure - OK - 0xBF8FD7CA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiClearBitmapAttributes - OK - 0xBF89B890 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiClearBrushAttributes - OK - 0xBF94D79A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiColorCorrectPalette - OK - 0xBF94EFF6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCombineRgn - OK - 0xBF820DB8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCombineTransform - OK - 0xBF8DDDE1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiComputeXformCoefficients - OK - 0xBF86ED81 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiConsoleTextOut - OK - 0xBF8510D9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiConvertMetafileRect - OK - 0xBF9125A9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateBitmap - OK - 0xBF80E2FD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateClientObj - OK - 0xBF8DDA89 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateColorSpace - OK - 0xBF94ECBB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateColorTransform - OK - 0xBF94FBC6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateCompatibleBitmap - OK - 0xBF813AA9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateCompatibleDC - inline hook - 0xB356224C - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiCreateDIBBrush - OK - 0xBF8D2AA5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateDIBitmapInternal - OK - 0xBF82E8B7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateDIBSection - OK - 0xBF82F1B9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateEllipticRgn - OK - 0xBF93D543 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateHalftonePalette - OK - 0xBF8BA200 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateHatchBrushInternal - OK - 0xBF950C52 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateMetafileDC - OK - 0xBF8F306D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreatePaletteInternal - OK - 0xBF8B98AD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreatePatternBrushInternal - OK - 0xBF86D63A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreatePen - OK - 0xBF86A366 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateRectRgn - OK - 0xBF83CBD8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateRoundRectRgn - OK - 0xBF889537 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateServerMetaFile - OK - 0xBF9124AE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCreateSolidBrush - OK - 0xBF819D89 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiD3dContextCreate - OK - 0xBF9385D6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiD3dContextDestroy - OK - 0xBF9385E9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiD3dContextDestroyAll - OK - 0xBF9385FC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiD3dValidateTextureStageState - OK - 0xBF93860F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiD3dDrawPrimitives2 - OK - 0xBF938622 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetDriverState - OK - 0xBF938635 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdAddAttachedSurface - OK - 0xBF9384AB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdAlphaBlt - OK - 0xBF9386F5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdAttachSurface - OK - 0xBF906373 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdBeginMoCompFrame - OK - 0xBF9386A0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdBlt - OK - 0xBF906386 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCanCreateSurface - OK - 0xBF906160 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCanCreateD3DBuffer - OK - 0xBF9385AD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdColorControl - OK - 0xBF9384BE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCreateDirectDrawObject - OK - 0xBF8EAEA5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCreateSurface - OK - 0xBF8EAEB8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCreateD3DBuffer - OK - 0xBF938597 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCreateMoComp - OK - 0xBF90619F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCreateSurfaceObject - OK - 0xBF9067CA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdDeleteDirectDrawObject - OK - 0xBF8EB101 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdDeleteSurfaceObject - OK - 0xBF906347 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdDestroyMoComp - OK - 0xBF906173 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdDestroySurface - OK - 0xBF8EB0EB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdDestroyD3DBuffer - OK - 0xBF9385C0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdEndMoCompFrame - OK - 0xBF9386B3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdFlip - OK - 0xBF906870 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdFlipToGDISurface - OK - 0xBF906F7B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetAvailDriverMemory - OK - 0xBF90635D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetBltStatus - OK - 0xBF9384D1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetDC - OK - 0xBF9060CB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetDriverInfo - OK - 0xBF90610A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetDxHandle - OK - 0xBF93853F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetFlipStatus - OK - 0xBF9384E7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetInternalMoCompInfo - OK - 0xBF93868A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetMoCompBuffInfo - OK - 0xBF938674 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetMoCompGuids - OK - 0xBF906189 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetMoCompFormats - OK - 0xBF93865E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdGetScanLine - OK - 0xBF907081 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdLock - OK - 0xBF8C7CB9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdLockD3D - OK - 0xBF93856B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdQueryDirectDrawObject - OK - 0xBF8EAE44 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdQueryMoCompStatus - OK - 0xBF9386DF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdReenableDirectDrawObject - OK - 0xBF8EAE7F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdReleaseDC - OK - 0xBF90623F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdRenderMoComp - OK - 0xBF9386C9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdResetVisrgn - OK - 0xBF8C7AFF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdSetColorKey - OK - 0xBF906886 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdSetExclusiveMode - OK - 0xBF9384FD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdSetGammaRamp - OK - 0xBF938555 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdCreateSurfaceEx - OK - 0xBF938648 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdSetOverlayPosition - OK - 0xBF938513 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdUnattachSurface - OK - 0xBF906413 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdUnlock - OK - 0xBF8C7AAF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdUnlockD3D - OK - 0xBF938581 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdUpdateOverlay - OK - 0xBF90685A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDdWaitForVerticalBlank - OK - 0xBF938529 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpCanCreateVideoPort - OK - 0xBF938708 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpColorControl - OK - 0xBF93871E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpCreateVideoPort - OK - 0xBF938734 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpDestroyVideoPort - OK - 0xBF93874A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpFlipVideoPort - OK - 0xBF938760 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortBandwidth - OK - 0xBF938776 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortField - OK - 0xBF93878C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortFlipStatus - OK - 0xBF9387A2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortInputFormats - OK - 0xBF9387B8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortLine - OK - 0xBF9387CE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortOutputFormats - OK - 0xBF9387E4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoPortConnectInfo - OK - 0xBF9387FA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpGetVideoSignalStatus - OK - 0xBF938810 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpUpdateVideoPort - OK - 0xBF938826 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpWaitForVideoPortSync - OK - 0xBF93883C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpAcquireNotification - OK - 0xBF938852 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDvpReleaseNotification - OK - 0xBF938868 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDxgGenericThunk - OK - 0xBF938498 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDeleteClientObj - OK - 0xBF8DDBAB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDeleteColorSpace - OK - 0xBF94ECAE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDeleteColorTransform - OK - 0xBF94FE82 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDeleteObjectApp - inline hook - 0xB3562200 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiDescribePixelFormat - OK - 0xBF94E3AC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetPerBandInfo - OK - 0xBF8F954E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDoBanding - OK - 0xBF8FAB62 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDoPalette - OK - 0xBF83F91D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDrawEscape - OK - 0xBF94D23C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEllipse - OK - 0xBF8D55BC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEnableEudc - OK - 0xBF899D5C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEndDoc - OK - 0xBF8FA4DE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEndPage - OK - 0xBF9039A7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEndPath - OK - 0xBF8FEF6D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEnumFontChunk - OK - 0xBF87D4C6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEnumFontClose - OK - 0xBF87D445 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEnumFontOpen - OK - 0xBF87CAD4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEnumObjects - OK - 0xBF8D2DAD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEqualRgn - OK - 0xBF93D63E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEudcLoadUnloadLink - OK - 0xBF95445D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExcludeClipRect - OK - 0xBF82C990 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtCreatePen - OK - 0xBF8CAECB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtCreateRegion - OK - 0xBF83D0CC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtEscape - OK - 0xBF8878C8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtFloodFill - OK - 0xBF95527B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtGetObjectW - OK - 0xBF82BC93 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtSelectClipRgn - OK - 0xBF80F1BD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiExtTextOutW - OK - 0xBF82D0A5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFillPath - OK - 0xBF94C3D9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFillRgn - OK - 0xBF8C1619 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFlattenPath - OK - 0xBF94C33E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFlushUserBatch - OK - 0xBF80C381 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFlush - OK - 0xBF80A245 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiForceUFIMapping - OK - 0xBF94E28C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFrameRgn - OK - 0xBF8897A9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFullscreenControl - OK - 0xBF94031B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetAndSetDCDword - OK - 0xBF8CA19C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetAppClipBox - OK - 0xBF8164C5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetBitmapBits - OK - 0xBF8C1B0C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetBitmapDimension - OK - 0xBF94E1AE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetBoundsRect - OK - 0xBF88F317 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetCharABCWidthsW - OK - 0xBF8F1A21 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetCharacterPlacementW - OK - 0xBF94C947 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetCharSet - OK - 0xBF80F7F8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetCharWidthW - OK - 0xBF8ED607 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetCharWidthInfo - OK - 0xBF86E184 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetColorAdjustment - OK - 0xBF94D55E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetColorSpaceforBitmap - OK - 0xBF955B30 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDCDword - OK - 0xBF82BF60 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDCforBitmap - OK - 0xBF836304 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDCObject - OK - 0xBF82BDED - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDCPoint - OK - 0xBF8C3068 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDeviceCaps - OK - 0xBF94D75A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDeviceGammaRamp - OK - 0xBF94F259 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDeviceCapsAll - OK - 0xBF8C943D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDIBitsInternal - OK - 0xBF841707 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetETM - OK - 0xBF956A93 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetEudcTimeStampEx - OK - 0xBF951EFF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetFontData - OK - 0xBF8EEE23 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetFontResourceInfoInternalW - OK - 0xBF94DA04 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetGlyphIndicesW - OK - 0xBF94E68F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetGlyphIndicesWInternal - OK - 0xBF94E532 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetGlyphOutline - OK - 0xBF94D34F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetKerningPairs - OK - 0xBF94D454 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetLinkedUFIs - OK - 0xBF93ABCF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetMiterLimit - OK - 0xBF8F30D5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetMonitorID - OK - 0xBF94325D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetNearestColor - OK - 0xBF82CAE6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetNearestPaletteIndex - OK - 0xBF950CD8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetObjectBitmapHandle - OK - 0xBF94D4E5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetOutlineTextMetricsInternalW - OK - 0xBF8ECE30 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetPath - OK - 0xBF94C7A6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetPixel - inline hook - 0xB356229C - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiGetRandomRgn - OK - 0xBF80F1CD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetRasterizerCaps - OK - 0xBF8EF961 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetRealizationInfo - OK - 0xBF94E73A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetRegionData - OK - 0xBF8420D7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetRgnBox - OK - 0xBF8C2FB2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetServerMetaFileBits - OK - 0xBF912708 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetSpoolMessage - OK - 0xBF8B7271 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetStats - OK - 0xBF956C10 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetStockObject - OK - 0xBF81F74A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetStringBitmapW - OK - 0xBF953AF1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetSystemPaletteUse - OK - 0xBF8F0C8E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetTextCharsetInfo - OK - 0xBF82E0F1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetTextExtent - OK - 0xBF867CE4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetTextExtentExW - OK - 0xBF8D2613 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetTextFaceW - OK - 0xBF853D44 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetTextMetricsW - OK - 0xBF82DF4F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetTransform - OK - 0xBF8852AE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetUFI - OK - 0xBF94DC4B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetEmbUFI - OK - 0xBF94DD14 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetUFIPathname - OK - 0xBF94DDF4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetEmbedFonts - OK - 0xBF94DBCC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiChangeGhostFont - OK - 0xBF94DBD6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiAddEmbFontToDC - OK - 0xBF939861 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetFontUnicodeRanges - OK - 0xBF94E6B3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetWidthTable - OK - 0xBF852EFC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGradientFill - OK - 0xBF8738AD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiHfontCreate - OK - 0xBF82DC3D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiIcmBrushInfo - OK - 0xBF94F83D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiInit - OK - 0xBF85027C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiInitSpool - OK - 0xBF89BD7A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiIntersectClipRect - OK - 0xBF815FEE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiInvertRgn - OK - 0xBF8F0F62 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiLineTo - OK - 0xBF8C55EF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiMakeFontDir - OK - 0xBF94E426 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiMakeInfoDC - OK - 0xBF955B69 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiMaskBlt - inline hook - 0xB35624E4 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiModifyWorldTransform - OK - 0xBF88508B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiMonoBitmap - OK - 0xBF8F32A8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiMoveTo - OK - 0xBF94D6EC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiOffsetClipRgn - OK - 0xBF8FAA21 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiOffsetRgn - OK - 0xBF8366C8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiOpenDCW - inline hook - 0xB35620F4 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiPatBlt - OK - 0xBF8C2A1D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPolyPatBlt - OK - 0xBF833A22 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPathToRegion - OK - 0xBF94C4B3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPlgBlt - inline hook - 0xB35625A8 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiPolyDraw - OK - 0xBF94CDDA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPolyPolyDraw - OK - 0xBF869BBD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPolyTextOutW - OK - 0xBF94CED7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPtInRegion - OK - 0xBF94D7DA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPtVisible - OK - 0xBF93D7E0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiQueryFonts - OK - 0xBF94D7FA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiQueryFontAssocInfo - OK - 0xBF850797 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRectangle - OK - 0xBF8C700B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRectInRegion - OK - 0xBF8F88E2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRectVisible - OK - 0xBF8375FF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRemoveFontResourceW - OK - 0xBF8D3E90 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRemoveFontMemResourceEx - OK - 0xBF94D9E8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiResetDC - OK - 0xBF8E3CD9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiResizePalette - OK - 0xBF950F4C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRestoreDC - OK - 0xBF82FEBF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiRoundRect - OK - 0xBF910532 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSaveDC - OK - 0xBF82FECF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiScaleViewportExtEx - OK - 0xBF9461D6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiScaleWindowExtEx - OK - 0xBF94E13A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSelectBitmap - OK - 0xBF808550 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSelectBrush - OK - 0xBF94D6CC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSelectClipPath - OK - 0xBF8FF06C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSelectFont - OK - 0xBF820DC8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSelectPen - OK - 0xBF94D6DC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetBitmapAttributes - OK - 0xBF89B7C4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetBitmapBits - OK - 0xBF8C34E8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetBitmapDimension - OK - 0xBF94E218 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetBoundsRect - OK - 0xBF88F71E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetBrushAttributes - OK - 0xBF94D77A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetBrushOrg - OK - 0xBF8C3586 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetColorAdjustment - OK - 0xBF94D5BF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetColorSpace - OK - 0xBF94ED70 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetDeviceGammaRamp - OK - 0xBF94F595 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetDIBitsToDeviceInternal - OK - 0xBF82B33F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetFontEnumeration - OK - 0xBF8B62C2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetFontXform - OK - 0xBF8DDF61 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetIcmMode - OK - 0xBF8C4F32 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetLinkedUFIs - OK - 0xBF8F924C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetMagicColors - OK - 0xBF95136A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetMetaRgn - OK - 0xBF8DDCE0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetMiterLimit - OK - 0xBF8DDD02 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDeviceWidth - OK - 0xBF94E12A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiMirrorWindowOrg - OK - 0xBF94E11A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetLayout - OK - 0xBF82C898 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetPixel - OK - 0xBF8779BD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetPixelFormat - OK - 0xBF9578DA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetRectRgn - OK - 0xBF94D7CA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetSystemPaletteUse - OK - 0xBF94D76A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetTextJustification - OK - 0xBF956EA0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetupPublicCFONT - OK - 0xBF8973F0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetVirtualResolution - OK - 0xBF8DDB04 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetSizeDevice - OK - 0xBF8DDFD2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiStartDoc - OK - 0xBF902864 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiStartPage - OK - 0xBF9037EB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiStretchBlt - inline hook - 0xB3562426 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiStretchDIBitsInternal - OK - 0xBF8814C2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiStrokeAndFillPath - OK - 0xBF8FDBE3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiStrokePath - OK - 0xBF94C6BA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSwapBuffers - OK - 0xBF957A82 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiTransformPoints - OK - 0xBF8C935F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiTransparentBlt - inline hook - 0xB3562656 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtGdiUnloadPrinterDriver - OK - 0xBF94E2FD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiUnmapMemFont - OK - 0xBF94D8CB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiUnrealizeObject - OK - 0xBF94D7BA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiUpdateColors - OK - 0xBF9511D6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiWidenPath - OK - 0xBF94C59B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserActivateKeyboardLayout - OK - 0xBF87B406 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserAlterWindowStyle - OK - 0xBF875DBA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserAssociateInputContext - OK - 0xBF9169DB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserAttachThreadInput - inline hook - 0xB35617F4 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserBeginPaint - OK - 0xBF815BD6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserBitBltSysBmp - OK - 0xBF8F0CB4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserBlockInput - inline hook - 0xB3560FA6 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserBuildHimcList - OK - 0xBF916B12 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserBuildHwndList - ssdt hook - 0xB1351630 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       NtUserBuildNameList - inline hook - 0xB35615F2 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserBuildPropList - OK - 0xBF9150CF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallHwnd - OK - 0xBF8780F1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallHwndLock - OK - 0xBF83660F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallHwndOpt - OK - 0xBF898DA4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallHwndParam - OK - 0xBF836802 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallHwndParamLock - inline hook - 0xB3560E3E - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserCallMsgFilter - OK - 0xBF8F0BC3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallNextHookEx - OK - 0xBF8EC7BA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallNoParam - OK - 0xBF801117 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallOneParam - OK - 0xBF8010CF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCallTwoParam - OK - 0xBF8367C2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserChangeClipboardChain - OK - 0xBF8F1FB4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserChangeDisplaySettings - OK - 0xBF8B48A5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCheckImeHotKey - OK - 0xBF8498A5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCheckMenuItem - OK - 0xBF8CDFE9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserChildWindowFromPointEx - OK - 0xBF8921DA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserClipCursor - OK - 0xBF8F906C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCloseClipboard - OK - 0xBF8F0E67 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCloseDesktop - OK - 0xBF8714A2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCloseWindowStation - OK - 0xBF871564 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserConsoleControl - OK - 0xBF84FCB0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserConvertMemHandle - OK - 0xBF8F7642 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCopyAcceleratorTable - OK - 0xBF90FB6B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCountClipboardFormats - OK - 0xBF8F0C68 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateAcceleratorTable - OK - 0xBF8BA125 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateCaret - OK - 0xBF868D57 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateDesktop - OK - 0xBF89B467 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateInputContext - OK - 0xBF916941 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateLocalMemHandle - OK - 0xBF8F230F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateWindowEx - OK - 0xBF83A7CD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCreateWindowStation - OK - 0xBF89BABA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDdeGetQualityOfService - OK - 0xBF914159 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDdeInitialize - OK - 0xBF899A38 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDdeSetQualityOfService - OK - 0xBF914089 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDeferWindowPos - OK - 0xBF849432 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDefSetText - OK - 0xBF849DC6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDeleteMenu - OK - 0xBF869183 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDestroyAcceleratorTable - OK - 0xBF8F900B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDestroyCursor - OK - 0xBF836FEC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDestroyInputContext - OK - 0xBF916991 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDestroyMenu - OK - 0xBF86864E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDestroyWindow - ssdt & inline - 0xB1351D80 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       NtUserDisableThreadIme - OK - 0xBF9170E7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDispatchMessage - OK - 0xBF80EC5F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDragDetect - OK - 0xBF9151CA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDragObject - OK - 0xBF913602 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDrawAnimatedRects - OK - 0xBF914329 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDrawCaption - OK - 0xBF9143EC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDrawCaptionTemp - OK - 0xBF90D8BA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDrawIconEx - OK - 0xBF839BE0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserDrawMenuBarTemp - OK - 0xBF915397 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEmptyClipboard - OK - 0xBF8F72D4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEnableMenuItem - OK - 0xBF8C316D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEnableScrollBar - OK - 0xBF914004 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEndDeferWindowPosEx - OK - 0xBF82C42D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEndMenu - OK - 0xBF914495 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEndPaint - OK - 0xBF81588D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEnumDisplayDevices - OK - 0xBF878A0C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEnumDisplayMonitors - OK - 0xBF835047 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEnumDisplaySettings - OK - 0xBF8B8073 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserEvent - OK - 0xBF91388F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserExcludeUpdateRgn - OK - 0xBF8F1168 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserFillWindow - OK - 0xBF8F0AFA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserFindExistingCursorIcon - OK - 0xBF81B478 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserFindWindowEx - ssdt hook - 0xB13518D0 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       NtUserFlashWindowEx - OK - 0xBF9174F4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetAltTabInfo - OK - 0xBF8F537F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetAncestor - OK - 0xBF82C5F5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetAppImeLevel - OK - 0xBF916EE6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetAsyncKeyState - inline hook - 0xB35617B8 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserGetAtomName - OK - 0xBF83A9A9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetCaretBlinkTime - OK - 0xBF84997E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetCaretPos - OK - 0xBF8C3831 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClassInfo - OK - 0xBF83F5DE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClassName - OK - 0xBF823E71 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClipboardData - inline hook - 0xB356123A - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserGetClipboardFormatName - OK - 0xBF8F89A7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClipboardOwner - OK - 0xBF8F73CA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClipboardSequenceNumber - OK - 0xBF8C2DAA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClipboardViewer - OK - 0xBF9144DB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetClipCursor - OK - 0xBF913F6C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetComboBoxInfo - OK - 0xBF913BA2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetControlBrush - OK - 0xBF86E09B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetControlColor - OK - 0xBF905C4C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetCPD - OK - 0xBF8213FB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetCursorFrameInfo - OK - 0xBF87362B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetCursorInfo - OK - 0xBF913CBF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetDC - OK - 0xBF8043B6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetDCEx - OK - 0xBF837B5A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetDoubleClickTime - OK - 0xBF838BBD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetForegroundWindow - ssdt hook - 0xB1351970 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       NtUserGetGuiResources - OK - 0xBF9136CB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetGUIThreadInfo - OK - 0xBF86FF2D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetIconInfo - OK - 0xBF83ED2D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetIconSize - OK - 0xBF83EE7D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetImeHotKey - OK - 0xBF916DA4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetImeInfoEx - OK - 0xBF916C14 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetInternalWindowPos - OK - 0xBF913920 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetKeyboardLayoutList - OK - 0xBF837935 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetKeyboardLayoutName - OK - 0xBF8EB4CD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetKeyboardState - inline hook - 0xB35618AE - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserGetKeyNameText - OK - 0xBF90DC0B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetKeyState - inline hook - 0xB35617D6 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserGetListBoxInfo - OK - 0xBF913C6B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetMenuBarInfo - OK - 0xBF913DBC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetMenuIndex - OK - 0xBF914212 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetMenuItemRect - OK - 0xBF914D46 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetMessage - OK - 0xBF819CC3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetMouseMovePointsEx - OK - 0xBF914A21 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetObjectInformation - OK - 0xBF819F3B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetOpenClipboardWindow - OK - 0xBF8F0C3C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetPriorityClipboardFormat - OK - 0xBF914507 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetProcessWindowStation - OK - 0xBF819DA6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetRawInputBuffer - OK - 0xBF917D74 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetRawInputData - OK - 0xBF917674 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetRawInputDeviceInfo - OK - 0xBF91784E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetRawInputDeviceList - OK - 0xBF917B43 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetRegisteredRawInputDevices - OK - 0xBF917D39 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetScrollBarInfo - OK - 0xBF8490CD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetSystemMenu - OK - 0xBF83CDB2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetThreadDesktop - OK - 0xBF81A1F1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetThreadState - OK - 0xBF82390C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetTitleBarInfo - OK - 0xBF837DE4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetUpdateRect - OK - 0xBF8389EA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetUpdateRgn - OK - 0xBF8C2E59 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetWindowDC - OK - 0xBF8037B6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetWindowPlacement - OK - 0xBF8EFE8D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetWOWClass - OK - 0xBF90FF17 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserHardErrorControl - OK - 0xBF91350C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserHideCaret - OK - 0xBF828C80 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserHiliteMenuItem - OK - 0xBF914590 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserImpersonateDdeClientWindow - OK - 0xBF915332 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserInitialize - OK - 0xBF8AFD82 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserInitializeClientPfnArrays - OK - 0xBF8AA2D9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserInitTask - OK - 0xBF9139FF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserInternalGetWindowText - OK - 0xBF837EE0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserInvalidateRect - OK - 0xBF814F24 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserInvalidateRgn - OK - 0xBF8685F4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserIsClipboardFormatAvailable - OK - 0xBF8C2D70 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserKillTimer - OK - 0xBF80E90D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserLoadKeyboardLayoutEx - OK - 0xBF88AA14 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserLockWindowStation - OK - 0xBF89B6C9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserLockWindowUpdate - OK - 0xBF8CDF31 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserLockWorkStation - OK - 0xBF9135E5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserMapVirtualKeyEx - OK - 0xBF8C67D5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserMenuItemFromPoint - OK - 0xBF914E1D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserMessageCall - ssdt hook - 0xB1351DE0 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       NtUserMinMaximize - OK - 0xBF911B11 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserMNDragLeave - OK - 0xBF9146E0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserMNDragOver - OK - 0xBF914630 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserModifyUserStartupInfoFlags - OK - 0xBF8F8BCC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserMoveWindow - OK - 0xBF82EA7B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserNotifyIMEStatus - OK - 0xBF917082 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserNotifyProcessCreate - OK - 0xBF8502B2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserNotifyWinEvent - OK - 0xBF8C3118 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserOpenClipboard - OK - 0xBF8F0DE4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserOpenDesktop - inline hook - 0xB3561316 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserOpenInputDesktop - inline hook - 0xB35613DC - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserOpenWindowStation - OK - 0xBF8F00D5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserPaintDesktop - OK - 0xBF87B6BC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserPeekMessage - OK - 0xBF8036A5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserPostMessage - inline hook - 0xB1351A10 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       NtUserPostThreadMessage - ssdt hook - 0xB1351B10 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       NtUserPrintWindow - OK - 0xBF8B63C5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserProcessConnect - OK - 0xBF84DFFC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserQueryInformationThread - OK - 0xBF914EAF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserQueryInputContext - OK - 0xBF916A8E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserQuerySendMessage - OK - 0xBF91525D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserQueryUserCounters - OK - 0xBF91718B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserQueryWindow - ssdt hook - 0xB1351B50 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       NtUserRealChildWindowFromPoint - OK - 0xBF913D7E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRealInternalGetMessage - OK - 0xBF89778B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRealWaitMessageEx - OK - 0xBF914C86 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRedrawWindow - OK - 0xBF823AE1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRegisterClassExWOW - OK - 0xBF81F066 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRegisterUserApiHook - OK - 0xBF89BEA6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRegisterHotKey - inline hook - 0xB35618CC - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserRegisterRawInputDevices - inline hook - 0xB3561712 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserRegisterTasklist - OK - 0xBF913B50 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRegisterWindowMessage - OK - 0xBF80A3D6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRemoveMenu - OK - 0xBF8B62ED - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRemoveProp - OK - 0xBF8348F7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserResolveDesktop - OK - 0xBF890330 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserResolveDesktopForWOW - OK - 0xBF917F85 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSBGetParms - OK - 0xBF848F74 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserScrollDC - OK - 0xBF84D90C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserScrollWindowEx - OK - 0xBF8F7F1A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSelectPalette - OK - 0xBF82E502 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSendInput - inline hook - 0xB356100E - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserSetActiveWindow - OK - 0xBF86E30B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetAppImeLevel - OK - 0xBF916E7B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetCapture - OK - 0xBF845294 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetClassLong - OK - 0xBF848AEA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetClassWord - OK - 0xBF9146FD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetClipboardData - OK - 0xBF8F7566 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetClipboardViewer - inline hook - 0xB35610F2 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserSetConsoleReserveKeys - OK - 0xBF87C1A7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetCursor - OK - 0xBF820F6B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetCursorContents - OK - 0xBF914CFF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetCursorIconData - OK - 0xBF83EF8F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetDbgTag - OK - 0xBF914295 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetFocus - OK - 0xBF8382D6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetImeHotKey - OK - 0xBF88A934 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetImeInfoEx - OK - 0xBF916CF9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetImeOwnerWindow - OK - 0xBF916F50 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetInformationProcess - OK - 0xBF84FF16 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetInformationThread - OK - 0xBF87BF71 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetInternalWindowPos - OK - 0xBF913E8B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetKeyboardState - OK - 0xBF8F1248 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetLogonNotifyWindow - OK - 0xBF8A4094 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetMenu - OK - 0xBF90DAD1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetMenuContextHelpId - OK - 0xBF9142B8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetMenuDefaultItem - OK - 0xBF8B6282 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetMenuFlagRtoL - OK - 0xBF9142F5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetObjectInformation - OK - 0xBF913557 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetParent - ssdt hook - 0xB1351BE0 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       NtUserSetProcessWindowStation - OK - 0xBF871B2C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetProp - OK - 0xBF8284E5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetRipFlags - OK - 0xBF914272 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetScrollInfo - OK - 0xBF80E64A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetShellWindowEx - OK - 0xBF898585 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetSysColors - inline hook - 0xB3560DC6 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserSetSystemCursor - OK - 0xBF914CC6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetSystemMenu - OK - 0xBF8EC416 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetSystemTimer - OK - 0xBF915224 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetThreadDesktop - OK - 0xBF871B84 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetThreadLayoutHandles - OK - 0xBF917001 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetThreadState - OK - 0xBF86E05F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetTimer - OK - 0xBF803A50 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowFNID - OK - 0xBF86DF03 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowLong - ssdt hook - 0xB1351D00 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       NtUserSetWindowPlacement - OK - 0xBF88A22A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowPos - OK - 0xBF82828C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowRgn - OK - 0xBF83CB2D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowsHookAW - OK - 0xBF872EAF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowsHookEx - inline hook - 0xB3560BC2 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserSetWindowStationUser - OK - 0xBF89B566 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWindowWord - OK - 0xBF8F17F9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetWinEventHook - inline hook - 0xB3560AAC - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserShowCaret - OK - 0xBF828CE2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserShowScrollBar - OK - 0xBF8C3F37 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserShowWindow - ssdt hook - 0xB1351D40 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       NtUserShowWindowAsync - OK - 0xBF890223 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSoundSentry - OK - 0xBF8F8CC4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSwitchDesktop - inline hook - 0xB35615AC - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserSystemParametersInfo - inline hook - 0xB3560CDE - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserTestForInteractiveUser - OK - 0xBF9100A2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserThunkedMenuInfo - OK - 0xBF8EC377 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserThunkedMenuItemInfo - OK - 0xBF847ACD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserToUnicodeEx - OK - 0xBF914AD1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserTrackMouseEvent - OK - 0xBF86C8E1 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserTrackPopupMenuEx - OK - 0xBF9148EE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCalcMenuBar - OK - 0xBF83804B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserPaintMenuBar - OK - 0xBF8E4B09 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserTranslateAccelerator - OK - 0xBF8F05E0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserTranslateMessage - OK - 0xBF8439AE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnhookWindowsHookEx - OK - 0xBF8732D5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnhookWinEvent - OK - 0xBF8EFDD6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnloadKeyboardLayout - OK - 0xBF91519C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnlockWindowStation - OK - 0xBF88E2CC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnregisterClass - OK - 0xBF81FA1A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnregisterUserApiHook - OK - 0xBF89B343 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUnregisterHotKey - inline hook - 0xB3561976 - C:\WINDOWS\System32\Drivers\aswSnx.SYS - AVAST Software
       NtUserUpdateInputContext - OK - 0xBF916A3E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUpdateInstance - OK - 0xBF9137FA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUpdateLayeredWindow - OK - 0xBF8C1496 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserGetLayeredWindowAttributes - OK - 0xBF9175B6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserSetLayeredWindowAttributes - OK - 0xBF86872A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUpdatePerUserSystemParameters - OK - 0xBF8A10B3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserUserHandleGrantAccess - OK - 0xBF914EF6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserValidateHandleSecure - OK - 0xBF801941 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserValidateRect - OK - 0xBF8F1437 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserValidateTimerCallback - OK - 0xBF80A6FD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserVkKeyScanEx - OK - 0xBF8C2632 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserWaitForInputIdle - OK - 0xBF90F8E6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserWaitForMsgAndEvent - OK - 0xBF90E7FA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserWaitMessage - OK - 0xBF80374C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserWin32PoolAllocationStats - OK - 0xBF91354D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserWindowFromPoint - ssdt hook - 0xB1351C70 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys - File not found
       NtUserYieldTask - OK - 0xBF91003A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRemoteConnect - OK - 0xBF89810C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRemoteRedrawRectangle - OK - 0xBF9133D4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRemoteRedrawScreen - OK - 0xBF913421 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserRemoteStopScreenUpdates - OK - 0xBF913475 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtUserCtxDisplayIOCtl - OK - 0xBF9134C2 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngAssociateSurface - OK - 0xBF8FA385 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCreateBitmap - OK - 0xBF8FAD79 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCreateDeviceSurface - OK - 0xBF8FA352 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCreateDeviceBitmap - OK - 0xBF957DEE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCreatePalette - OK - 0xBF8E0129 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngComputeGlyphSet - OK - 0xBF9049E0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCopyBits - OK - 0xBF95834A - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngDeletePalette - OK - 0xBF8E0CB5 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngDeleteSurface - OK - 0xBF8FA2D8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngEraseSurface - OK - 0xBF957F74 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngUnlockSurface - OK - 0xBF8FE595 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngLockSurface - OK - 0xBF8FA77B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngBitBlt - OK - 0xBF903570 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngStretchBlt - OK - 0xBF8FE96E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngPlgBlt - OK - 0xBF958742 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngMarkBandingSurface - OK - 0xBF8FAE1B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngStrokePath - OK - 0xBF8FBC15 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngFillPath - OK - 0xBF958939 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngStrokeAndFillPath - OK - 0xBF8FC8AA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngPaint - OK - 0xBF958AA4 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngLineTo - OK - 0xBF958BC0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngAlphaBlend - OK - 0xBF958CE9 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngGradientFill - OK - 0xBF958E68 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngTransparentBlt - OK - 0xBF959041 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngTextOut - OK - 0xBF8FD3EA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngStretchBltROP - OK - 0xBF9584E6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiXLATEOBJ_cGetPalette - OK - 0xBF959B0E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiXLATEOBJ_iXlate - OK - 0xBF959BCA - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiXLATEOBJ_hGetColorTransform - OK - 0xBF959AC0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCLIPOBJ_bEnum - OK - 0xBF8FC112 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCLIPOBJ_cEnumStart - OK - 0xBF8FC1BF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiCLIPOBJ_ppoGetPath - OK - 0xBF958065 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngDeletePath - OK - 0xBF9580A3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCreateClip - OK - 0xBF9580DD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngDeleteClip - OK - 0xBF95810F - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBRUSHOBJ_ulGetBrushColor - OK - 0xBF8FB77D - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBRUSHOBJ_pvAllocRbrush - OK - 0xBF9591AD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBRUSHOBJ_pvGetRbrush - OK - 0xBF9591FE - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBRUSHOBJ_hGetColorTransform - OK - 0xBF904A66 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiXFORMOBJ_bApplyXform - OK - 0xBF9043AF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiXFORMOBJ_iGetXform - OK - 0xBF8F9682 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_vGetInfo - OK - 0xBF904570 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_pxoGetXform - OK - 0xBF8F95E8 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_cGetGlyphs - OK - 0xBF904014 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_pifi - OK - 0xBF8F97F3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_pfdg - OK - 0xBF959317 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_pQueryGlyphAttrs - OK - 0xBF95941E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_pvTrueTypeFontFile - OK - 0xBF9599F0 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiFONTOBJ_cGetAllGlyphHandles - OK - 0xBF95924C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSTROBJ_bEnum - OK - 0xBF9594F6 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSTROBJ_bEnumPositionsOnly - OK - 0xBF90479E - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSTROBJ_bGetAdvanceWidths - OK - 0xBF8F9906 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSTROBJ_vEnumStart - OK - 0xBF9047BC - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSTROBJ_dwGetCodePage - OK - 0xBF959514 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPATHOBJ_vGetBounds - OK - 0xBF959605 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPATHOBJ_bEnum - OK - 0xBF959696 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPATHOBJ_vEnumStart - OK - 0xBF9597A3 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPATHOBJ_vEnumStartClipLines - OK - 0xBF9597FF - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiPATHOBJ_bEnumClipLines - OK - 0xBF9598BD - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiGetDhpdev - OK - 0xBF957DC7 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiEngCheckAbort - OK - 0xBF958149 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiHT_Get8BPPFormatPalette - OK - 0xBF903E59 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiHT_Get8BPPMaskPalette - OK - 0xBF957E30 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiUpdateTransform - OK - 0xBF94639B - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiSetPUMPDOBJ - OK - 0xBF8DE841 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiBRUSHOBJ_DeleteRbrush - OK - 0xBF959562 - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiUnmapMemFont - OK - 0xBF94D8CB - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation
       NtGdiDrawStream - OK - 0xBF817D7C - C:\WINDOWS\System32\win32k.sys - Microsoft Corporation

==========================================================================================

FSD

       IRP_MJ_CREATE - OK - 0xB7E47E01 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLOSE - OK - 0xB7E472EA - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_READ - OK - 0xB7E24F2F - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0xB7E23B4B - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0xB7E484B9 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0xB7E25ABB - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0xB7E484B9 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0xB7E484B9 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0xB7E620E5 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0xB7E48604 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0xB7E48604 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0xB7E4A1BD - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0xB7E4C958 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - OK - 0xB7E48604 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SHUTDOWN - OK - 0xB7E367F2 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0xB7E9BCE9 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0xB7E47CB8 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0xB7E48604 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0xB7E48604 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_POWER - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SYSTEM_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DEVICE_CHANGE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0xB7E484B9 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0xB7E484B9 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       IRP_MJ_PNP_POWER - OK - 0xB7E64A0E - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       FastIoCheckIfPossible[FastIo] - OK - 0xB7E5C0E3 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       FastIoRead[FastIo] - OK - 0xB7E42D57 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       FastIoWrite[FastIo] - OK - 0xB7E61665 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       FastIoQueryBasicInfo[FastIo] - OK - 0xB7E4868E - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       FastIoQueryStandardInfo[FastIo] - OK - 0xB7E4717E - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       FastIoLock[FastIo] - OK - 0xB7E6230F - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       FastIoUnlockSingle[FastIo] - OK - 0xB7E62415 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       FastIoUnlockAll[FastIo] - OK - 0xB7E9B8F4 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       FastIoUnlockAllByKey[FastIo] - OK - 0xB7E9BA39 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       AcquireFileForNtCreateSection[FastIo] - OK - 0xB7E42A3A - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       ReleaseFileForNtCreateSection[FastIo] - OK - 0xB7E42A81 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       FastIoQueryNetworkOpenInfo[FastIo] - OK - 0xB7E8A052 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       AcquireForModWrite[FastIo] - OK - 0xB7E4EC12 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       MdlRead[FastIo] - OK - 0xB7E8A166 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       MdlReadComplete[FastIo] - OK - 0x804E8B4A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PrepareMdlWrite[FastIo] - OK - 0xB7E8A4E0 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       MdlWriteComplete[FastIo] - OK - 0x8056BBEC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       FastIoQueryOpen[FastIo] - OK - 0xB7E46FB8 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       AcquireForCcFlush[FastIo] - OK - 0xB7E428E2 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation
       ReleaseForCcFlush[FastIo] - OK - 0xB7E42908 - C:\WINDOWS\system32\drivers\Ntfs.sys - Microsoft Corporation

==========================================================================================

Keyboard

       IRP_MJ_CREATE - OK - 0xB8420DD0 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLOSE - OK - 0xB8420FE0 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_READ - OK - 0xB8421C72 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0xB8420D4A - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - OK - 0xB8422A38 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0xB8422386 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_SHUTDOWN - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0xB8420D06 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_POWER - OK - 0xB8423180 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_SYSTEM_CONTROL - OK - 0xB8422842 - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CHANGE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_PNP_POWER - OK - 0xB842178A - C:\WINDOWS\system32\DRIVERS\kbdclass.sys - Microsoft Corporation

==========================================================================================

Mouclass

       IRP_MJ_CREATE - OK - 0xB8448B78 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLOSE - OK - 0xB8448D86 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_READ - OK - 0xB844998C - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0xB8448AF2 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - OK - 0xB844A2C6 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0xB844A086 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_SHUTDOWN - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0xB8448AAE - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_POWER - OK - 0xB844ACC6 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_SYSTEM_CONTROL - OK - 0xB844A78C - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CHANGE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_PNP_POWER - OK - 0xB8449542 - C:\WINDOWS\system32\DRIVERS\mouclass.sys - Microsoft Corporation

==========================================================================================

Classpnp

       IRP_MJ_CREATE - OK - 0xB810EBB0 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLOSE - OK - 0xB810EBB0 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_READ - OK - 0xB8108D1F - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0xB8108D1F - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0xB81092E2 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - OK - 0xB81093BB - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0xB810CF28 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_SHUTDOWN - OK - 0xB81092E2 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_POWER - OK - 0xB810AC82 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_SYSTEM_CONTROL - OK - 0xB810F99E - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation
       IRP_MJ_DEVICE_CHANGE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_PNP_POWER - OK - 0xB810EC93 - C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS - Microsoft Corporation

==========================================================================================

Atapi

       IRP_MJ_CREATE - OK - 0xB7F156F2 - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLOSE - OK - 0xB7F156F2 - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IRP_MJ_READ - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - OK - 0xB7F15712 - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0xB7F11852 - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IRP_MJ_SHUTDOWN - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_POWER - OK - 0xB7F1573C - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IRP_MJ_SYSTEM_CONTROL - OK - 0xB7F1C336 - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CHANGE - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0x804F45BE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IRP_MJ_PNP_POWER - OK - 0xB7F1C302 - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation
       DriverStartIo - OK - 0xB7F12864 - C:\WINDOWS\system32\drivers\atapi.sys - Microsoft Corporation

==========================================================================================

Acpi

       IRP_MJ_CREATE - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_CLOSE - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_READ - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SHUTDOWN - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_POWER - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SYSTEM_CONTROL - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CHANGE - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation
       IRP_MJ_PNP_POWER - OK - 0xB7F7FCB8 - C:\WINDOWS\system32\drivers\ACPI.sys - Microsoft Corporation

==========================================================================================

Scsi

       Nothing

==========================================================================================

Kernel Hook

       Inline - len(1) RtlPrefetchMemoryNonTemporal[ntkrnlpa.exe] - [0x80546744]->[-]
       Inline - len(4) NtDuplicateObject[ntkrnlpa.exe] - [0x805BE093]->[0xB1352B50][C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys]
       Inline - len(1) KiFastCallEntry[ntkrnlpa.exe] - [0x805417CA]->[-]
       Inline - len(4) NtTerminateProcess[ntkrnlpa.exe] - [0x805D2353]->[0xB1353170][C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys]
       Inline - len(4) NtTerminateThread[ntkrnlpa.exe] - [0x805D2551]->[0xB1353170][C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys]
       Inline - len(4) [ntkrnlpa.exe] - [0x805044F8]->[-]
       Inline - len(12) [ntkrnlpa.exe] - [0x80504518]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80504538]->[-]
       Inline - len(8) [ntkrnlpa.exe] - [0x80504560]->[-]
       Inline - len(3) [ntkrnlpa.exe] - [0x8050456D]->[-]
       Inline - len(12) [ntkrnlpa.exe] - [0x80504578]->[-]
       Inline - len(20) [ntkrnlpa.exe] - [0x8050459C]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805045B8]->[-]
       Inline - len(20) [ntkrnlpa.exe] - [0x805045C8]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805045E4]->[-]
       Inline - len(12) [ntkrnlpa.exe] - [0x805045F0]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80504620]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80504658]->[-]
       Inline - len(16) [ntkrnlpa.exe] - [0x805046C8]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805046E0]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805046F8]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80504754]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80504760]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80504798]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805047A4]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805047D4]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80504804]->[-]
       Inline - len(12) [ntkrnlpa.exe] - [0x80504820]->[-]
       Inline - len(8) [ntkrnlpa.exe] - [0x80504894]->[-]
       Inline - len(12) [ntkrnlpa.exe] - [0x805048B0]->[-]
       Inline - len(24) [ntkrnlpa.exe] - [0x805048C8]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805048EC]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80504904]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x80504928]->[-]
       Inline - len(18) [ntkrnlpa.exe] - [0x80545D3E]->[-]
       Inline - len(1) [ntkrnlpa.exe] - [0x80545D56]->[-]
       Inline - len(4) [ntkrnlpa.exe] - [0x805A64DC]->[0xB355DFC8][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(4) [ntkrnlpa.exe] - [0x805CB6AB]->[0xB1352910][C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys]
       Inline - len(4) [ntkrnlpa.exe] - [0x805CB92D]->[0xB1352910][C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys]
       Inline - len(5) [win32k.sys] - [0xBF808317]->[0xB1351A10][C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32aa.sys]
       Inline - len(5) [win32k.sys] - [0xBF809942]->[0xB356236E][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF80C89E]->[0xB356224C][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF813936]->[0xB3562200][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF81E5E3]->[0xB3560CDE][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF820CF0]->[0xB35617D6][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF82D50A]->[0xB3560E3E][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF82E688]->[0xB35624E4][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF83901A]->[0xB35626FE][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF841A84]->[0xB35620F4][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF844240]->[0xB35617B8][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8457BC]->[0xB3560EDE][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF86F45E]->[0xB35618AE][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF87173C]->[0xB3561316][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8717C7]->[0xB35615F2][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF87239D]->[0xB3560BC2][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF87777B]->[0xB356229C][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF87E99A]->[0xB3562426][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF897CE7]->[0xB35613DC][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF898824]->[0xB35615AC][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8B590A]->[0xB35618CC][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8B9028]->[0xB3562656][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8C1C5F]->[0xB356100E][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8EB23A]->[0xB35617F4][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8EFCFB]->[0xB3560AAC][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8F1ECA]->[0xB35610F2][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF8F214A]->[0xB356123A][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF914738]->[0xB3560DC6][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF9149E4]->[0xB3561976][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF91530C]->[0xB3560FA6][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF917C8D]->[0xB3561712][C:\WINDOWS\System32\Drivers\aswSnx.SYS]
       Inline - len(5) [win32k.sys] - [0xBF948056]->[0xB35625A8][C:\WINDOWS\System32\Drivers\aswSnx.SYS]

==========================================================================================

PTE HOOK

       Nothing

==========================================================================================

Object Type

       CmpCloseKeyObject - CmpKeyObjectType - OK - 0x80637C5E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpDeleteKeyObject - CmpKeyObjectType - OK - 0x80637B44 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpParseKey - CmpKeyObjectType - OK - 0x8062FA2A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpSecurityMethod - CmpKeyObjectType - OK - 0x806379A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpQueryKeyName - CmpKeyObjectType - OK - 0x806369DE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopCloseFile - IoFileObjectType - OK - 0x80583720 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopDeleteFile - IoFileObjectType - OK - 0x805839FE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopParseFile - IoFileObjectType - OK - 0x8058360E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopGetSetSecurityObject - IoFileObjectType - OK - 0x80583D82 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopQueryName - IoFileObjectType - OK - 0x805826B8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopDeleteDriver - IoDriverObjectType - OK - 0x80583666 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - IoDriverObjectType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopDeleteDevice - IoDeviceObjectType - OK - 0x805836E0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopParseDevice - IoDeviceObjectType - OK - 0x80582820 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopGetSetSecurityObject - IoDeviceObjectType - OK - 0x80583D82 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       IopDeleteIoCompletion - IoCompletionObjectType - OK - 0x80578E54 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - IoCompletionObjectType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PspJobClose - PsJobType - OK - 0x805D694E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PspJobDelete - PsJobType - OK - 0x805D5BBA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - PsJobType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PspThreadDelete - PsThreadType - OK - 0x805D17C2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - PsThreadType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       PspProcessDelete - PsProcessType - OK - 0x805D163A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - PsProcessType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ObpDeleteObjectType - ObpTypeObjectType - OK - 0x805C1584 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - ObpTypeObjectType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - ObpDirectoryObjectType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ObpDeleteSymbolicLink - ObpSymbolicLinkObjectType - OK - 0x805C3A08 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ObpParseSymbolicLink - ObpSymbolicLinkObjectType - OK - 0x805C36CA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - ObpSymbolicLinkObjectType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       MiSectionDelete - MmSectionObjectType - OK - 0x805A8A6C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - MmSectionObjectType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - ExEventObjectType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ExpDeleteMutant - ExMutantObjectType - OK - 0x805390B2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - ExMutantObjectType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - ExSemaphoreObjectType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SepTokenDeleteMethod - SeTokenObjectType - OK - 0x805F8B14 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - SeTokenObjectType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       LpcpClosePort - LpcPortObjectType - OK - 0x805A68E4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       LpcpDeletePort - LpcPortObjectType - OK - 0x805A691C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - LpcPortObjectType - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - FilterCommunicationPort - OK - 0xB7EFF90A - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       DeleteProcedure - FilterCommunicationPort - OK - 0xB7EFF190 - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       SeDefaultObjectMethod - FilterCommunicationPort - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - Controller - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - Profile - OK - 0x80617B02 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - Profile - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - EventPair - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       OpenProcedure - Desktop - OK - 0x8060D91C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - Desktop - OK - 0x8060D7FA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - Desktop - OK - 0x8060D8D2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - Desktop - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       OkayToCloseProcedure - Desktop - OK - 0x8060D860 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - Timer - OK - 0x80538B28 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - Timer - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       OpenProcedure - WindowStation - OK - 0x8060D91C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - WindowStation - OK - 0x8060D7FA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - WindowStation - OK - 0x8060D8D2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ParseProcedure - WindowStation - OK - 0x8060D990 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - WindowStation - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       OkayToCloseProcedure - WindowStation - OK - 0x8060D860 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - WmiGuid - OK - 0x806042A0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - WmiGuid - OK - 0x806042FE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - WmiGuid - OK - 0x806047F8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - KeyedEvent - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - DebugObject - OK - 0x806437E8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - DebugObject - OK - 0x80573572 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - DebugObject - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - Adapter - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - WaitablePort - OK - 0x805A68E4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - WaitablePort - OK - 0x805A691C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - WaitablePort - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       DeleteProcedure - Callback - OK - 0x80573572 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       SeDefaultObjectMethod - Callback - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CloseProcedure - FilterConnectionPort - OK - 0xB7EFF1AA - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       DeleteProcedure - FilterConnectionPort - OK - 0xB7EFF1CA - C:\WINDOWS\system32\drivers\fltMgr.sys - Microsoft Corporation
       SeDefaultObjectMethod - FilterConnectionPort - OK - 0x805F899A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x80637F8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80637F1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x8063CA8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x8063CADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x8063C4F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063D03E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063CF16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063CDD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x80637F8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80637F1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x8063CA8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x8063CADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x8063C4F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063D03E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063CF16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063CDD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x80637F8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80637F1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x8063CA8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x8063CADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x8063C4F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063D03E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063CF16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063CDD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x80637F8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80637F1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x8063CA8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x8063CADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x8063C4F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063D03E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063CF16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063CDD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x80637F8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80637F1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x8063CA8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x8063CADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x8063C4F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063D03E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063CF16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063CDD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x80637F8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80637F1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x8063CA8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x8063CADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x8063C4F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063D03E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063CF16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063CDD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x80637F8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80637F1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x8063CA8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x8063CADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x8063C4F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063D03E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063CF16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063CDD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x80637F8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80637F1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x8063CA8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x8063CADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x8063C4F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063D03E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063CF16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063CDD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x8063812E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x8063CA8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x8063CADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x8063C4F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063D03E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063CF16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063CDD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x80637F8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       ReleaseCellRoutine - HHIVE - OK - 0x80637F1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x8063CA8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x8063CADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x8063C4F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063D03E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063CF16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063CDD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       GetCellRoutine - HHIVE - OK - 0x8063812E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpAllocate - HHIVE - OK - 0x8063CA8E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFree - HHIVE - OK - 0x8063CADA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileSetSize - HHIVE - OK - 0x8063C4F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileWrite - HHIVE - OK - 0x8063D03E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileRead - HHIVE - OK - 0x8063CF16 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       CmpFileFlush - HHIVE - OK - 0x8063CDD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation

==========================================================================================

IDT

       Divide error - cpu[0] - 0x01 - OK - 0x80542250 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Debug - cpu[0] - 0x01 - OK - 0x805423CC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Not used - cpu[0] - 0x0B - OK - 0x805528A6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Breakpoint - cpu[0] - 0x01 - OK - 0x805427E0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Overflow - cpu[0] - 0x01 - OK - 0x80542960 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Bounds check - cpu[0] - 0x01 - OK - 0x80542AC0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Invalid opcode - cpu[0] - 0x01 - OK - 0x80542C34 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Device not available - cpu[0] - 0x01 - OK - 0x805432AC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Double fault - cpu[0] - 0x0A - OK - 0x80552898 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Coprocessor segment overrun - cpu[0] - 0x01 - OK - 0x805436B0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Invalid TSS - cpu[0] - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Segment not present - cpu[0] - 0x01 - OK - 0x80543910 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Stack segment fault - cpu[0] - 0x01 - OK - 0x80543B70 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       General protection - cpu[0] - 0x01 - OK - 0x80543E5C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Page Fault - cpu[0] - 0x01 - OK - 0x80544570 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Floating-point error - cpu[0] - 0x01 - OK - 0x805449C8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Alignment check - cpu[0] - 0x01 - OK - 0x80544B04 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Machine check - cpu[0] - 0x14 - idt hook - 0x0A935650 - unknown image - 
       SIMD floating point exception - cpu[0] - 0x01 - OK - 0x80544C6C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[0] - 0x01 - OK - 0x806E710C - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       Not used - cpu[0] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[0] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[0] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[0] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[0] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[0] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[0] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[0] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[0] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[0] - 0x01 - OK - 0x00000000 - - - 
       KiGetTickCount - cpu[0] - 0x01 - OK - 0x80541A7E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiCallbackReturn - cpu[0] - 0x01 - OK - 0x80541B80 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiSetLowWaitHighThread - cpu[0] - 0x01 - OK - 0x80541D30 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiDebugService - cpu[0] - 0x01 - OK - 0x805426BC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiSystemService - cpu[0] - 0x01 - OK - 0x80541501 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved for APIC - cpu[0] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiStartUnexpectedRange - cpu[0] - 0x01 - OK - 0x80540BC0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt1 - cpu[0] - 0x01 - OK - 0x80540BCA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt2 - cpu[0] - 0x01 - OK - 0x80540BD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt3 - cpu[0] - 0x01 - OK - 0x80540BDE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt4 - cpu[0] - 0x01 - OK - 0x80540BE8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt5 - cpu[0] - 0x01 - OK - 0x80540BF2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt6 - cpu[0] - 0x01 - OK - 0x80540BFC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt7 - cpu[0] - 0x01 - OK - 0x806E6864 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt8 - cpu[0] - 0x01 - OK - 0x80540C10 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt9 - cpu[0] - 0x01 - OK - 0x80540C1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt10 - cpu[0] - 0x01 - OK - 0x80540C24 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt11 - cpu[0] - 0x01 - OK - 0x80540C2E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt12 - cpu[0] - 0x01 - OK - 0x80540C38 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt13 - cpu[0] - 0x01 - OK - 0x806E7E2C - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt14 - cpu[0] - 0x01 - OK - 0x80540C4C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt15 - cpu[0] - 0x01 - OK - 0x80540C56 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt16 - cpu[0] - 0x01 - OK - 0x80540C60 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt17 - cpu[0] - 0x01 - OK - 0x806E7C88 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt18 - cpu[0] - 0x01 - OK - 0x80540C74 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt19 - cpu[0] - 0x01 - OK - 0x80540C7E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt20 - cpu[0] - 0x01 - OK - 0x80540C88 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt21 - cpu[0] - 0x01 - OK - 0x80540C92 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt22 - cpu[0] - 0x01 - OK - 0x80540C9C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt23 - cpu[0] - 0x01 - OK - 0x80540CA6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt24 - cpu[0] - 0x01 - OK - 0x80540CB0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt25 - cpu[0] - 0x01 - OK - 0x80540CBA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt26 - cpu[0] - 0x01 - OK - 0x80540CC4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt27 - cpu[0] - 0x01 - OK - 0x80540CCE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt28 - cpu[0] - 0x01 - OK - 0x80540CD8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt29 - cpu[0] - 0x01 - OK - 0x80540CE2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt30 - cpu[0] - 0x01 - OK - 0x80540CEC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt31 - cpu[0] - 0x01 - OK - 0x80540CF6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt32 - cpu[0] - 0x01 - OK - 0x806E693C - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt33 - cpu[0] - 0x01 - OK - 0x80540D0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt34 - cpu[0] - 0x01 - OK - 0x80540D14 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt35 - cpu[0] - 0x01 - OK - 0x80540D1E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt36 - cpu[0] - 0x01 - OK - 0x80540D28 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt37 - cpu[0] - 0x01 - OK - 0x80540D32 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt38 - cpu[0] - 0x01 - OK - 0x80540D3C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt39 - cpu[0] - 0x01 - OK - 0x80540D46 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt40 - cpu[0] - 0x01 - OK - 0x80540D50 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt41 - cpu[0] - 0x01 - OK - 0x80540D5A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt42 - cpu[0] - 0x01 - OK - 0x80540D64 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt43 - cpu[0] - 0x01 - OK - 0x80540D6E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt44 - cpu[0] - 0x01 - OK - 0x80540D78 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt45 - cpu[0] - 0x01 - OK - 0x80540D82 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt46 - cpu[0] - 0x01 - OK - 0x80540D8C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt47 - cpu[0] - 0x01 - OK - 0x80540D96 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt48 - cpu[0] - 0x01 - OK - 0x80540DA0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt49 - cpu[0] - 0x01 - OK - 0x80540DAA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt50 - cpu[0] - 0x01 - idt hook - 0x8A38A374 - unknown image - 
       KiUnexpectedInterrupt51 - cpu[0] - 0x01 - idt hook - 0x898687E4 - unknown image - 
       KiUnexpectedInterrupt52 - cpu[0] - 0x01 - OK - 0x80540DC8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt53 - cpu[0] - 0x01 - OK - 0x80540DD2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt54 - cpu[0] - 0x01 - OK - 0x80540DDC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt55 - cpu[0] - 0x01 - OK - 0x80540DE6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt56 - cpu[0] - 0x01 - OK - 0x80540DF0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt57 - cpu[0] - 0x01 - OK - 0x80540DFA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt58 - cpu[0] - 0x01 - OK - 0x80540E04 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt59 - cpu[0] - 0x01 - OK - 0x80540E0E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt60 - cpu[0] - 0x01 - OK - 0x80540E18 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt61 - cpu[0] - 0x01 - OK - 0x80540E22 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt62 - cpu[0] - 0x01 - OK - 0x80540E2C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt63 - cpu[0] - 0x01 - OK - 0x80540E36 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt64 - cpu[0] - 0x01 - OK - 0x80540E40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt65 - cpu[0] - 0x01 - OK - 0x80540E4A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt66 - cpu[0] - 0x01 - OK - 0x80540E54 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt67 - cpu[0] - 0x01 - idt hook - 0x8A40256C - unknown image - 
       KiUnexpectedInterrupt68 - cpu[0] - 0x01 - OK - 0x80540E68 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt69 - cpu[0] - 0x01 - OK - 0x80540E72 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt70 - cpu[0] - 0x01 - OK - 0x80540E7C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt71 - cpu[0] - 0x01 - OK - 0x80540E86 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt72 - cpu[0] - 0x01 - OK - 0x80540E90 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt73 - cpu[0] - 0x01 - OK - 0x80540E9A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt74 - cpu[0] - 0x01 - OK - 0x80540EA4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt75 - cpu[0] - 0x01 - OK - 0x80540EAE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt76 - cpu[0] - 0x01 - OK - 0x80540EB8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt77 - cpu[0] - 0x01 - OK - 0x80540EC2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt78 - cpu[0] - 0x01 - OK - 0x80540ECC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt79 - cpu[0] - 0x01 - OK - 0x80540ED6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt80 - cpu[0] - 0x01 - OK - 0x80540EE0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt81 - cpu[0] - 0x01 - OK - 0x80540EEA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt82 - cpu[0] - 0x01 - OK - 0x80540EF4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt83 - cpu[0] - 0x01 - idt hook - 0x89F67044 - unknown image - 
       KiUnexpectedInterrupt84 - cpu[0] - 0x01 - OK - 0x80540F08 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt85 - cpu[0] - 0x01 - OK - 0x80540F12 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt86 - cpu[0] - 0x01 - OK - 0x80540F1C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt87 - cpu[0] - 0x01 - OK - 0x80540F26 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt88 - cpu[0] - 0x01 - OK - 0x80540F30 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt89 - cpu[0] - 0x01 - OK - 0x80540F3A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt90 - cpu[0] - 0x01 - OK - 0x80540F44 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt91 - cpu[0] - 0x01 - OK - 0x80540F4E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt92 - cpu[0] - 0x01 - OK - 0x80540F58 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt93 - cpu[0] - 0x01 - OK - 0x80540F62 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt94 - cpu[0] - 0x01 - OK - 0x80540F6C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt95 - cpu[0] - 0x01 - OK - 0x80540F76 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt96 - cpu[0] - 0x01 - OK - 0x80540F80 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt97 - cpu[0] - 0x01 - OK - 0x80540F8A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt98 - cpu[0] - 0x01 - idt hook - 0x89D07BEC - unknown image - 
       KiUnexpectedInterrupt99 - cpu[0] - 0x01 - idt hook - 0x8A04432C - unknown image - 
       KiUnexpectedInterrupt100 - cpu[0] - 0x01 - idt hook - 0x8A034BEC - unknown image - 
       KiUnexpectedInterrupt101 - cpu[0] - 0x01 - OK - 0x80540FB2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt102 - cpu[0] - 0x01 - OK - 0x80540FBC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt103 - cpu[0] - 0x01 - OK - 0x80540FC6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt104 - cpu[0] - 0x01 - OK - 0x80540FD0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt105 - cpu[0] - 0x01 - OK - 0x80540FDA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt106 - cpu[0] - 0x01 - OK - 0x80540FE4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt107 - cpu[0] - 0x01 - OK - 0x80540FEE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt108 - cpu[0] - 0x01 - OK - 0x80540FF8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt109 - cpu[0] - 0x01 - OK - 0x80541002 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt110 - cpu[0] - 0x01 - OK - 0x8054100C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt111 - cpu[0] - 0x01 - OK - 0x80541016 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt112 - cpu[0] - 0x01 - OK - 0x80541020 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt113 - cpu[0] - 0x01 - OK - 0x8054102A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt114 - cpu[0] - 0x01 - OK - 0x80541034 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt115 - cpu[0] - 0x01 - OK - 0x8054103E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt116 - cpu[0] - 0x01 - idt hook - 0x89EBFBEC - unknown image - 
       KiUnexpectedInterrupt117 - cpu[0] - 0x01 - OK - 0x80541052 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt118 - cpu[0] - 0x01 - OK - 0x8054105C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt119 - cpu[0] - 0x01 - OK - 0x80541066 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt120 - cpu[0] - 0x01 - OK - 0x80541070 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt121 - cpu[0] - 0x01 - OK - 0x8054107A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt122 - cpu[0] - 0x01 - OK - 0x80541084 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt123 - cpu[0] - 0x01 - OK - 0x8054108E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt124 - cpu[0] - 0x01 - OK - 0x80541098 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt125 - cpu[0] - 0x01 - OK - 0x805410A2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt126 - cpu[0] - 0x01 - OK - 0x805410AC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt127 - cpu[0] - 0x01 - OK - 0x805410B6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt128 - cpu[0] - 0x01 - OK - 0x805410C0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt129 - cpu[0] - 0x01 - idt hook - 0x8A3C33F4 - unknown image - 
       KiUnexpectedInterrupt130 - cpu[0] - 0x01 - OK - 0x805410D4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt131 - cpu[0] - 0x01 - OK - 0x805410DE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt132 - cpu[0] - 0x01 - idt hook - 0x8A385954 - unknown image - 
       KiUnexpectedInterrupt133 - cpu[0] - 0x01 - OK - 0x805410F2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt134 - cpu[0] - 0x01 - OK - 0x805410FC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt135 - cpu[0] - 0x01 - OK - 0x80541106 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt136 - cpu[0] - 0x01 - OK - 0x80541110 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt137 - cpu[0] - 0x01 - OK - 0x8054111A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt138 - cpu[0] - 0x01 - OK - 0x80541124 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt139 - cpu[0] - 0x01 - OK - 0x8054112E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt140 - cpu[0] - 0x01 - OK - 0x80541138 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt141 - cpu[0] - 0x01 - OK - 0x80541142 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt142 - cpu[0] - 0x01 - OK - 0x8054114C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt143 - cpu[0] - 0x01 - OK - 0x80541156 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt144 - cpu[0] - 0x01 - OK - 0x80541160 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt145 - cpu[0] - 0x01 - OK - 0x806E6AC0 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt146 - cpu[0] - 0x01 - OK - 0x80541174 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt147 - cpu[0] - 0x01 - OK - 0x8054117E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt148 - cpu[0] - 0x01 - OK - 0x80541188 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt149 - cpu[0] - 0x01 - OK - 0x80541192 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt150 - cpu[0] - 0x01 - OK - 0x8054119C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt151 - cpu[0] - 0x01 - OK - 0x805411A6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt152 - cpu[0] - 0x01 - OK - 0x805411B0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt153 - cpu[0] - 0x01 - OK - 0x805411BA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt154 - cpu[0] - 0x01 - OK - 0x805411C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt155 - cpu[0] - 0x01 - OK - 0x805411CE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt156 - cpu[0] - 0x01 - OK - 0x805411D8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt157 - cpu[0] - 0x01 - OK - 0x805411E2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt158 - cpu[0] - 0x01 - OK - 0x805411EC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt159 - cpu[0] - 0x01 - OK - 0x805411F6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt160 - cpu[0] - 0x01 - OK - 0x80541200 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt161 - cpu[0] - 0x01 - OK - 0x806E5E54 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt162 - cpu[0] - 0x01 - OK - 0x80541214 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt163 - cpu[0] - 0x01 - OK - 0x8054121E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt164 - cpu[0] - 0x01 - OK - 0x80541228 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt165 - cpu[0] - 0x01 - OK - 0x80541232 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt166 - cpu[0] - 0x01 - OK - 0x8054123C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt167 - cpu[0] - 0x01 - OK - 0x80541246 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt168 - cpu[0] - 0x01 - OK - 0x80541250 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt169 - cpu[0] - 0x01 - OK - 0x8054125A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt170 - cpu[0] - 0x01 - OK - 0x80541264 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt171 - cpu[0] - 0x01 - OK - 0x8054126E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt172 - cpu[0] - 0x01 - OK - 0x80541278 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt173 - cpu[0] - 0x01 - OK - 0x80541282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt174 - cpu[0] - 0x01 - OK - 0x8054128C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt175 - cpu[0] - 0x01 - OK - 0x80541296 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt176 - cpu[0] - 0x01 - OK - 0x805412A0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt177 - cpu[0] - 0x01 - OK - 0x806E7048 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt178 - cpu[0] - 0x01 - OK - 0x805412B4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt179 - cpu[0] - 0x01 - OK - 0x806E6DAC - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt180 - cpu[0] - 0x01 - OK - 0x805412C8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt181 - cpu[0] - 0x01 - OK - 0x805412D2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt182 - cpu[0] - 0x01 - OK - 0x805412DC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt183 - cpu[0] - 0x01 - OK - 0x805412E6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt184 - cpu[0] - 0x01 - OK - 0x805412F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt185 - cpu[0] - 0x01 - OK - 0x805412FA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt186 - cpu[0] - 0x01 - OK - 0x80541304 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt187 - cpu[0] - 0x01 - OK - 0x8054130E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt188 - cpu[0] - 0x01 - OK - 0x80541318 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt189 - cpu[0] - 0x01 - OK - 0x80541322 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt190 - cpu[0] - 0x01 - OK - 0x80541329 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt191 - cpu[0] - 0x01 - OK - 0x80541330 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt192 - cpu[0] - 0x01 - OK - 0x80541337 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt193 - cpu[0] - 0x01 - OK - 0x8054133E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt194 - cpu[0] - 0x01 - OK - 0x80541345 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt195 - cpu[0] - 0x01 - OK - 0x8054134C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt196 - cpu[0] - 0x01 - OK - 0x80541353 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt197 - cpu[0] - 0x01 - OK - 0x8054135A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt198 - cpu[0] - 0x01 - OK - 0x80541361 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt199 - cpu[0] - 0x01 - OK - 0x80541368 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt200 - cpu[0] - 0x01 - OK - 0x8054136F - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt201 - cpu[0] - 0x01 - OK - 0x80541376 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt202 - cpu[0] - 0x01 - OK - 0x8054137D - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt203 - cpu[0] - 0x01 - OK - 0x80541384 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt204 - cpu[0] - 0x01 - OK - 0x8054138B - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt205 - cpu[0] - 0x01 - OK - 0x806E75A8 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt206 - cpu[0] - 0x01 - OK - 0x806E7748 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt207 - cpu[0] - 0x01 - OK - 0x805413A0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Divide error - cpu[1] - 0x01 - OK - 0x80542250 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Debug - cpu[1] - 0x01 - OK - 0x805423CC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Not used - cpu[1] - 0x0B - idt hook - 0xB834422E - unknown image - 
       Breakpoint - cpu[1] - 0x01 - OK - 0x805427E0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Overflow - cpu[1] - 0x01 - OK - 0x80542960 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Bounds check - cpu[1] - 0x01 - OK - 0x80542AC0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Invalid opcode - cpu[1] - 0x01 - OK - 0x80542C34 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Device not available - cpu[1] - 0x01 - OK - 0x805432AC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Double fault - cpu[1] - 0x0A - idt hook - 0xB8344218 - unknown image - 
       Coprocessor segment overrun - cpu[1] - 0x01 - OK - 0x805436B0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Invalid TSS - cpu[1] - 0x01 - OK - 0x805437D0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Segment not present - cpu[1] - 0x01 - OK - 0x80543910 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Stack segment fault - cpu[1] - 0x01 - OK - 0x80543B70 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       General protection - cpu[1] - 0x01 - OK - 0x80543E5C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Page Fault - cpu[1] - 0x01 - OK - 0x80544570 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Floating-point error - cpu[1] - 0x01 - OK - 0x805449C8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Alignment check - cpu[1] - 0x01 - OK - 0x80544B04 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Machine check - cpu[1] - 0x14 - idt hook - 0x0A9355E0 - unknown image - 
       SIMD floating point exception - cpu[1] - 0x01 - OK - 0x80544C6C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved by Intel - cpu[1] - 0x01 - OK - 0x806E710C - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       Not used - cpu[1] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[1] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[1] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[1] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[1] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[1] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[1] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[1] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[1] - 0x01 - OK - 0x00000000 - - - 
       Not used - cpu[1] - 0x01 - OK - 0x00000000 - - - 
       KiGetTickCount - cpu[1] - 0x01 - OK - 0x80541A7E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiCallbackReturn - cpu[1] - 0x01 - OK - 0x80541B80 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiSetLowWaitHighThread - cpu[1] - 0x01 - OK - 0x80541D30 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiDebugService - cpu[1] - 0x01 - OK - 0x805426BC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiSystemService - cpu[1] - 0x01 - OK - 0x80541501 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       Reserved for APIC - cpu[1] - 0x01 - OK - 0x805448A8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiStartUnexpectedRange - cpu[1] - 0x01 - OK - 0x80540BC0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt1 - cpu[1] - 0x01 - OK - 0x80540BCA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt2 - cpu[1] - 0x01 - OK - 0x80540BD4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt3 - cpu[1] - 0x01 - OK - 0x80540BDE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt4 - cpu[1] - 0x01 - OK - 0x80540BE8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt5 - cpu[1] - 0x01 - OK - 0x80540BF2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt6 - cpu[1] - 0x01 - OK - 0x80540BFC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt7 - cpu[1] - 0x01 - OK - 0x806E6864 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt8 - cpu[1] - 0x01 - OK - 0x80540C10 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt9 - cpu[1] - 0x01 - OK - 0x80540C1A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt10 - cpu[1] - 0x01 - OK - 0x80540C24 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt11 - cpu[1] - 0x01 - OK - 0x80540C2E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt12 - cpu[1] - 0x01 - OK - 0x80540C38 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt13 - cpu[1] - 0x01 - OK - 0x806E7E2C - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt14 - cpu[1] - 0x01 - OK - 0x80540C4C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt15 - cpu[1] - 0x01 - OK - 0x80540C56 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt16 - cpu[1] - 0x01 - OK - 0x80540C60 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt17 - cpu[1] - 0x01 - OK - 0x806E7C88 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt18 - cpu[1] - 0x01 - OK - 0x80540C74 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt19 - cpu[1] - 0x01 - OK - 0x80540C7E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt20 - cpu[1] - 0x01 - OK - 0x80540C88 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt21 - cpu[1] - 0x01 - OK - 0x80540C92 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt22 - cpu[1] - 0x01 - OK - 0x80540C9C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt23 - cpu[1] - 0x01 - OK - 0x80540CA6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt24 - cpu[1] - 0x01 - OK - 0x80540CB0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt25 - cpu[1] - 0x01 - OK - 0x80540CBA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt26 - cpu[1] - 0x01 - OK - 0x80540CC4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt27 - cpu[1] - 0x01 - OK - 0x80540CCE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt28 - cpu[1] - 0x01 - OK - 0x80540CD8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt29 - cpu[1] - 0x01 - OK - 0x80540CE2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt30 - cpu[1] - 0x01 - OK - 0x80540CEC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt31 - cpu[1] - 0x01 - OK - 0x80540CF6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt32 - cpu[1] - 0x01 - OK - 0x806E693C - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt33 - cpu[1] - 0x01 - OK - 0x80540D0A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt34 - cpu[1] - 0x01 - OK - 0x80540D14 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt35 - cpu[1] - 0x01 - OK - 0x80540D1E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt36 - cpu[1] - 0x01 - OK - 0x80540D28 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt37 - cpu[1] - 0x01 - OK - 0x80540D32 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt38 - cpu[1] - 0x01 - OK - 0x80540D3C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt39 - cpu[1] - 0x01 - OK - 0x80540D46 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt40 - cpu[1] - 0x01 - OK - 0x80540D50 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt41 - cpu[1] - 0x01 - OK - 0x80540D5A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt42 - cpu[1] - 0x01 - OK - 0x80540D64 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt43 - cpu[1] - 0x01 - OK - 0x80540D6E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt44 - cpu[1] - 0x01 - OK - 0x80540D78 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt45 - cpu[1] - 0x01 - OK - 0x80540D82 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt46 - cpu[1] - 0x01 - OK - 0x80540D8C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt47 - cpu[1] - 0x01 - OK - 0x80540D96 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt48 - cpu[1] - 0x01 - OK - 0x80540DA0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt49 - cpu[1] - 0x01 - OK - 0x80540DAA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt50 - cpu[1] - 0x01 - idt hook - 0x8A38A5DC - unknown image - 
       KiUnexpectedInterrupt51 - cpu[1] - 0x01 - idt hook - 0x89868A4C - unknown image - 
       KiUnexpectedInterrupt52 - cpu[1] - 0x01 - OK - 0x80540DC8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt53 - cpu[1] - 0x01 - OK - 0x80540DD2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt54 - cpu[1] - 0x01 - OK - 0x80540DDC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt55 - cpu[1] - 0x01 - OK - 0x80540DE6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt56 - cpu[1] - 0x01 - OK - 0x80540DF0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt57 - cpu[1] - 0x01 - OK - 0x80540DFA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt58 - cpu[1] - 0x01 - OK - 0x80540E04 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt59 - cpu[1] - 0x01 - OK - 0x80540E0E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt60 - cpu[1] - 0x01 - OK - 0x80540E18 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt61 - cpu[1] - 0x01 - OK - 0x80540E22 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt62 - cpu[1] - 0x01 - OK - 0x80540E2C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt63 - cpu[1] - 0x01 - OK - 0x80540E36 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt64 - cpu[1] - 0x01 - OK - 0x80540E40 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt65 - cpu[1] - 0x01 - OK - 0x80540E4A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt66 - cpu[1] - 0x01 - OK - 0x80540E54 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt67 - cpu[1] - 0x01 - idt hook - 0x8A4027D4 - unknown image - 
       KiUnexpectedInterrupt68 - cpu[1] - 0x01 - OK - 0x80540E68 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt69 - cpu[1] - 0x01 - OK - 0x80540E72 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt70 - cpu[1] - 0x01 - OK - 0x80540E7C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt71 - cpu[1] - 0x01 - OK - 0x80540E86 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt72 - cpu[1] - 0x01 - OK - 0x80540E90 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt73 - cpu[1] - 0x01 - OK - 0x80540E9A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt74 - cpu[1] - 0x01 - OK - 0x80540EA4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt75 - cpu[1] - 0x01 - OK - 0x80540EAE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt76 - cpu[1] - 0x01 - OK - 0x80540EB8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt77 - cpu[1] - 0x01 - OK - 0x80540EC2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt78 - cpu[1] - 0x01 - OK - 0x80540ECC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt79 - cpu[1] - 0x01 - OK - 0x80540ED6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt80 - cpu[1] - 0x01 - OK - 0x80540EE0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt81 - cpu[1] - 0x01 - OK - 0x80540EEA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt82 - cpu[1] - 0x01 - OK - 0x80540EF4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt83 - cpu[1] - 0x01 - idt hook - 0x89F672AC - unknown image - 
       KiUnexpectedInterrupt84 - cpu[1] - 0x01 - OK - 0x80540F08 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt85 - cpu[1] - 0x01 - OK - 0x80540F12 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt86 - cpu[1] - 0x01 - OK - 0x80540F1C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt87 - cpu[1] - 0x01 - OK - 0x80540F26 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt88 - cpu[1] - 0x01 - OK - 0x80540F30 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt89 - cpu[1] - 0x01 - OK - 0x80540F3A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt90 - cpu[1] - 0x01 - OK - 0x80540F44 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt91 - cpu[1] - 0x01 - OK - 0x80540F4E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt92 - cpu[1] - 0x01 - OK - 0x80540F58 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt93 - cpu[1] - 0x01 - OK - 0x80540F62 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt94 - cpu[1] - 0x01 - OK - 0x80540F6C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt95 - cpu[1] - 0x01 - OK - 0x80540F76 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt96 - cpu[1] - 0x01 - OK - 0x80540F80 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt97 - cpu[1] - 0x01 - OK - 0x80540F8A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt98 - cpu[1] - 0x01 - idt hook - 0x89D07E54 - unknown image - 
       KiUnexpectedInterrupt99 - cpu[1] - 0x01 - idt hook - 0x8A044594 - unknown image - 
       KiUnexpectedInterrupt100 - cpu[1] - 0x01 - idt hook - 0x8A034E54 - unknown image - 
       KiUnexpectedInterrupt101 - cpu[1] - 0x01 - OK - 0x80540FB2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt102 - cpu[1] - 0x01 - OK - 0x80540FBC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt103 - cpu[1] - 0x01 - OK - 0x80540FC6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt104 - cpu[1] - 0x01 - OK - 0x80540FD0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt105 - cpu[1] - 0x01 - OK - 0x80540FDA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt106 - cpu[1] - 0x01 - OK - 0x80540FE4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt107 - cpu[1] - 0x01 - OK - 0x80540FEE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt108 - cpu[1] - 0x01 - OK - 0x80540FF8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt109 - cpu[1] - 0x01 - OK - 0x80541002 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt110 - cpu[1] - 0x01 - OK - 0x8054100C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt111 - cpu[1] - 0x01 - OK - 0x80541016 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt112 - cpu[1] - 0x01 - OK - 0x80541020 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt113 - cpu[1] - 0x01 - OK - 0x8054102A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt114 - cpu[1] - 0x01 - OK - 0x80541034 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt115 - cpu[1] - 0x01 - OK - 0x8054103E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt116 - cpu[1] - 0x01 - idt hook - 0x89EBFE54 - unknown image - 
       KiUnexpectedInterrupt117 - cpu[1] - 0x01 - OK - 0x80541052 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt118 - cpu[1] - 0x01 - OK - 0x8054105C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt119 - cpu[1] - 0x01 - OK - 0x80541066 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt120 - cpu[1] - 0x01 - OK - 0x80541070 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt121 - cpu[1] - 0x01 - OK - 0x8054107A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt122 - cpu[1] - 0x01 - OK - 0x80541084 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt123 - cpu[1] - 0x01 - OK - 0x8054108E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt124 - cpu[1] - 0x01 - OK - 0x80541098 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt125 - cpu[1] - 0x01 - OK - 0x805410A2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt126 - cpu[1] - 0x01 - OK - 0x805410AC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt127 - cpu[1] - 0x01 - OK - 0x805410B6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt128 - cpu[1] - 0x01 - OK - 0x805410C0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt129 - cpu[1] - 0x01 - idt hook - 0x8A3C365C - unknown image - 
       KiUnexpectedInterrupt130 - cpu[1] - 0x01 - OK - 0x805410D4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt131 - cpu[1] - 0x01 - OK - 0x805410DE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt132 - cpu[1] - 0x01 - idt hook - 0x8A385BBC - unknown image - 
       KiUnexpectedInterrupt133 - cpu[1] - 0x01 - OK - 0x805410F2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt134 - cpu[1] - 0x01 - OK - 0x805410FC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt135 - cpu[1] - 0x01 - OK - 0x80541106 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt136 - cpu[1] - 0x01 - OK - 0x80541110 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt137 - cpu[1] - 0x01 - OK - 0x8054111A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt138 - cpu[1] - 0x01 - OK - 0x80541124 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt139 - cpu[1] - 0x01 - OK - 0x8054112E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt140 - cpu[1] - 0x01 - OK - 0x80541138 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt141 - cpu[1] - 0x01 - OK - 0x80541142 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt142 - cpu[1] - 0x01 - OK - 0x8054114C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt143 - cpu[1] - 0x01 - OK - 0x80541156 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt144 - cpu[1] - 0x01 - OK - 0x80541160 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt145 - cpu[1] - 0x01 - OK - 0x806E6AC0 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt146 - cpu[1] - 0x01 - OK - 0x80541174 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt147 - cpu[1] - 0x01 - OK - 0x8054117E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt148 - cpu[1] - 0x01 - OK - 0x80541188 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt149 - cpu[1] - 0x01 - OK - 0x80541192 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt150 - cpu[1] - 0x01 - OK - 0x8054119C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt151 - cpu[1] - 0x01 - OK - 0x805411A6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt152 - cpu[1] - 0x01 - OK - 0x805411B0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt153 - cpu[1] - 0x01 - OK - 0x805411BA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt154 - cpu[1] - 0x01 - OK - 0x805411C4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt155 - cpu[1] - 0x01 - OK - 0x805411CE - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt156 - cpu[1] - 0x01 - OK - 0x805411D8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt157 - cpu[1] - 0x01 - OK - 0x805411E2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt158 - cpu[1] - 0x01 - OK - 0x805411EC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt159 - cpu[1] - 0x01 - OK - 0x805411F6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt160 - cpu[1] - 0x01 - OK - 0x80541200 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt161 - cpu[1] - 0x01 - OK - 0x806E62A0 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt162 - cpu[1] - 0x01 - OK - 0x80541214 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt163 - cpu[1] - 0x01 - OK - 0x8054121E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt164 - cpu[1] - 0x01 - OK - 0x80541228 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt165 - cpu[1] - 0x01 - OK - 0x80541232 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt166 - cpu[1] - 0x01 - OK - 0x8054123C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt167 - cpu[1] - 0x01 - OK - 0x80541246 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt168 - cpu[1] - 0x01 - OK - 0x80541250 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt169 - cpu[1] - 0x01 - OK - 0x8054125A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt170 - cpu[1] - 0x01 - OK - 0x80541264 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt171 - cpu[1] - 0x01 - OK - 0x8054126E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt172 - cpu[1] - 0x01 - OK - 0x80541278 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt173 - cpu[1] - 0x01 - OK - 0x80541282 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt174 - cpu[1] - 0x01 - OK - 0x8054128C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt175 - cpu[1] - 0x01 - OK - 0x80541296 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt176 - cpu[1] - 0x01 - OK - 0x805412A0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt177 - cpu[1] - 0x01 - OK - 0x806E7048 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt178 - cpu[1] - 0x01 - OK - 0x805412B4 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt179 - cpu[1] - 0x01 - OK - 0x806E6DAC - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt180 - cpu[1] - 0x01 - OK - 0x805412C8 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt181 - cpu[1] - 0x01 - OK - 0x805412D2 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt182 - cpu[1] - 0x01 - OK - 0x805412DC - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt183 - cpu[1] - 0x01 - OK - 0x805412E6 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt184 - cpu[1] - 0x01 - OK - 0x805412F0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt185 - cpu[1] - 0x01 - OK - 0x805412FA - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt186 - cpu[1] - 0x01 - OK - 0x80541304 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt187 - cpu[1] - 0x01 - OK - 0x8054130E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt188 - cpu[1] - 0x01 - OK - 0x80541318 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt189 - cpu[1] - 0x01 - OK - 0x80541322 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt190 - cpu[1] - 0x01 - OK - 0x80541329 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt191 - cpu[1] - 0x01 - OK - 0x80541330 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt192 - cpu[1] - 0x01 - OK - 0x80541337 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt193 - cpu[1] - 0x01 - OK - 0x8054133E - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt194 - cpu[1] - 0x01 - OK - 0x80541345 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt195 - cpu[1] - 0x01 - OK - 0x8054134C - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt196 - cpu[1] - 0x01 - OK - 0x80541353 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt197 - cpu[1] - 0x01 - OK - 0x8054135A - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt198 - cpu[1] - 0x01 - OK - 0x80541361 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt199 - cpu[1] - 0x01 - OK - 0x80541368 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt200 - cpu[1] - 0x01 - OK - 0x8054136F - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt201 - cpu[1] - 0x01 - OK - 0x80541376 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt202 - cpu[1] - 0x01 - OK - 0x8054137D - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt203 - cpu[1] - 0x01 - OK - 0x80541384 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt204 - cpu[1] - 0x01 - OK - 0x8054138B - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation
       KiUnexpectedInterrupt205 - cpu[1] - 0x01 - OK - 0x806E75A8 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt206 - cpu[1] - 0x01 - OK - 0x806E7748 - C:\WINDOWS\system32\hal.dll - Microsoft Corporation
       KiUnexpectedInterrupt207 - cpu[1] - 0x01 - OK - 0x805413A0 - C:\WINDOWS\system32\ntkrnlpa.exe - Microsoft Corporation

==========================================================================================

Message Hook

       Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - WH_MOUSE - MSCTF.dll
       AvastUI.exe - C:\Program Files\Alwil Software\Avast5\AvastUI.exe - WH_KEYBOARD - MSCTF.dll
       AvastUI.exe - C:\Program Files\Alwil Software\Avast5\AvastUI.exe - WH_MOUSE - MSCTF.dll
       csrss.exe - C:\WINDOWS\system32\csrss.exe - WH_MSGFILTER - winsrv.dll
       explorer.exe - C:\WINDOWS\explorer.exe - WH_MOUSE - MSCTF.dll
       ONENOTEM.EXE - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - WH_KEYBOARD - MSCTF.dll
       ONENOTEM.EXE - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - WH_MOUSE - MSCTF.dll
       rundll32.exe - C:\WINDOWS\system32\rundll32.exe - WH_KEYBOARD - MSCTF.dll
       rundll32.exe - C:\WINDOWS\system32\rundll32.exe - WH_MOUSE - MSCTF.dll
       GamerOSD.exe - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe - WH_KEYBOARD - MSCTF.dll
       Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - WH_KEYBOARD - MSCTF.dll
       GamerOSD.exe - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe - WH_MOUSE - MSCTF.dll
       AvastUI.exe - C:\Program Files\Alwil Software\Avast5\AvastUI.exe - WH_CBT - mfc90u.dll
       explorer.exe - C:\WINDOWS\explorer.exe - WH_KEYBOARD - MSCTF.dll
       Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - WH_KEYBOARD - MSCTF.dll
       Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - WH_MOUSE - MSCTF.dll
       GamerOSD.exe - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe - WH_CBT - mfc42.dll
       GamerOSD.exe - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe - WH_MSGFILTER - mfc42.dll
       ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe - WH_SHELL - MSCTF.dll
       ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe - WH_GETMESSAGE - MSCTF.dll
       ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe - WH_CBT - MSCTF.dll
       AvastUI.exe - C:\Program Files\Alwil Software\Avast5\AvastUI.exe - WH_MSGFILTER - mfc90u.dll
       ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe - WH_KEYBOARD - MSCTF.dll
       Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - WH_KEYBOARD - MSCTF.dll
       ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe - WH_MOUSE - MSCTF.dll
       Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - WH_MOUSE - MSCTF.dll
       explorer.exe - C:\WINDOWS\explorer.exe - WH_KEYBOARD - MSCTF.dll
       explorer.exe - C:\WINDOWS\explorer.exe - WH_MOUSE - MSCTF.dll
       explorer.exe - C:\WINDOWS\explorer.exe - WH_KEYBOARD - MSCTF.dll
       Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - WH_KEYBOARD - MSCTF.dll
       Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - WH_MOUSE - MSCTF.dll
       Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - WH_KEYBOARD - MSCTF.dll
       Skype.exe - C:\Program Files\Skype\Phone\Skype.exe - WH_MOUSE - MSCTF.dll
       explorer.exe - C:\WINDOWS\explorer.exe - WH_MOUSE - MSCTF.dll
       explorer.exe - C:\WINDOWS\explorer.exe - WH_KEYBOARD - MSCTF.dll
       explorer.exe - C:\WINDOWS\explorer.exe - WH_MOUSE - MSCTF.dll
       chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - WH_KEYBOARD - MSCTF.dll
       WinRAR.exe - C:\Program Files\WinRAR\WinRAR.exe - WH_KEYBOARD - MSCTF.dll
       WinRAR.exe - C:\Program Files\WinRAR\WinRAR.exe - WH_MOUSE - MSCTF.dll
       chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - WH_MOUSE - MSCTF.dll
       chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - WH_KEYBOARD - MSCTF.dll
       chrome.exe - C:\Program Files\Google\Chrome\Application\chrome.exe - WH_MOUSE - MSCTF.dll
       wscntfy.exe - C:\WINDOWS\system32\wscntfy.exe - WH_KEYBOARD - MSCTF.dll
       wscntfy.exe - C:\WINDOWS\system32\wscntfy.exe - WH_MOUSE - MSCTF.dll
       explorer.exe - C:\WINDOWS\explorer.exe - WH_KEYBOARD - MSCTF.dll
       explorer.exe - C:\WINDOWS\explorer.exe - WH_MOUSE - MSCTF.dll
       PCHunter32.exe - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\temp\Rar$EX01.437\PCHunter_free\PCHunter32.exe - WH_MSGFILTER - PCHunter32.exe
       PCHunter32.exe - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\temp\Rar$EX01.437\PCHunter_free\PCHunter32.exe - WH_CBT - PCHunter32.exe

==========================================================================================

Process Hook

      Image File Name[1992 explorer.exe]Process Hook
             Iat - Explorer.EXE->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_
             Iat - ADVAPI32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - RPCRT4.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - Secur32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - BROWSEUI.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - GDI32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - USER32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - msvcrt.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - ole32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - SHLWAPI.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - OLEAUT32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - SHDOCVW.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - CRYPT32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - MSASN1.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - CRYPTUI.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - NETAPI32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - VERSION.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - WININET.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - urlmon.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - iertutil.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - WINTRUST.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - IMAGEHLP.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - WLDAP32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - SHELL32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - UxTheme.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - WINMM.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - MSACM32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - USERENV.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - IMM32.DLL->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - comctl32.dll[WinSxs]->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - comctl32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - msctfime.ime->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - appHelp.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - CLBCATQ.DLL->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - ashShell.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - msi.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - GrooveShellExtensions.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - GrooveUtil.DLL->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - MSVCR80.dll[WinSxs]->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - ATL80.DLL[WinSxs]->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - rsaenh.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - cscui.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - CSCDLL.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - themeui.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - actxprxy.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - GrooveSystemServices.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - msxml3.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - ieframe.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - msutb.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - MSCTF.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - LINKINFO.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - ntshrui.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - ATL.DLL->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - SETUPAPI.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - NETSHELL.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - credui.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - WTSAPI32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - eappcfg.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - iphlpapi.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - WS2_32.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - WS2HELP.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - MLANG.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - GrooveMisc.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - webcheck.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - wpdshserviceobj.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - WINHTTP.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - portabledevicetypes.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - stobject.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - BatMeter.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - portabledeviceapi.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - wdmaud.drv->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - MPR.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - nwprovau.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - ntlanman.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - NETUI0.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]
             Iat - davclnt.dll->KERNEL32.dll:GetProcAddress - 0x7C80AE40->0x5D067774[C:\WINDOWS\system32\ShimEng.dll]

------------------------------------------------------------------------------------------

      Image File Name[3340 chrome.exe]Process Hook
             inline - len(5) chrome.exe - 0x00438F7F->0x64E82520[C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll]
             inline - len(5) ntdll.dll->LdrLoadDll - 0x7C91632D->0x003D01F8
             inline - len(5) ntdll.dll->LdrUnloadDll - 0x7C9171CD->0x003D03FC
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) KERNEL32.dll - 0x7C868E04->_
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2A - 0x77E27101->0x003E0C0C
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2W - 0x77E27189->0x003E0E10
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigA - 0x77E26E69->0x003E0804
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigW - 0x77E27001->0x003E0A08
             inline - len(5) ADVAPI32.dll->CreateServiceA - 0x77E27211->0x003E01F8
             inline - len(5) ADVAPI32.dll->CreateServiceW - 0x77E273A9->0x003E03FC
             inline - len(5) ADVAPI32.dll->DeleteService - 0x77E274B1->0x003E0600
             inline - len(5) ADVAPI32.dll->SetServiceObjectSecurity - 0x77E26D81->0x003E1014
             inline - len(5) USER32.dll->SetWinEventHook - 0x7E3817F7->0x003F01F8
             inline - len(5) USER32.dll->SetWindowsHookExA - 0x7E381211->0x003F0600
             inline - len(5) USER32.dll->SetWindowsHookExW - 0x7E37820F->0x003F0804
             inline - len(5) USER32.dll->UnhookWinEvent - 0x7E3818AC->0x003F03FC
             inline - len(5) USER32.dll->UnhookWindowsHookEx - 0x7E37D5F3->0x003F0A08
             Iat - msftedit.dll->USER32.dll:BeginPaint - 0x7E378FE9->0x0212C349[C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll]
             Iat - msftedit.dll->USER32.dll:EndPaint - 0x7E378FFD->0x0212C37B[C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll]

------------------------------------------------------------------------------------------

      Image File Name[1052 Skype.exe]Process Hook
             C:\Program Files\Skype\Phone\Skype.exe - Hijack on Module File
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[4052 dllhost.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[1256 winlogon.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[268 svchost.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[1672 WinRAR.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[1716 svchost.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[1312 lsass.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[372 AvastSvc.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryExW - 0x7C801AF5->0x64C90790[C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll]
             Eat - algo.dll->engine_GlobalGetParameter - 0x63487E60->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             Eat - algo.dll->engine_GlobalSetParameter - 0x63487FA0->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             Eat - algo.dll->engine_GlobalSetParameters - 0x634D8BD0->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             Eat - algo.dll->engine_GlobalStart - 0x63486C70->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             Eat - algo.dll->engine_GlobalStop - 0x634874F0->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             Eat - algo.dll->engine_LoadUpdate - 0x63488440->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             Eat - algo.dll->engine_Runner - 0x634881A0->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             Eat - algo.dll->engine_SiteCorrect - 0x63488400->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             Eat - algo.dll->engine_ThreadGetParameter - 0x63487D30->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             Eat - algo.dll->engine_ThreadSetParameter - 0x63487E10->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             Eat - algo.dll->engine_ThreadSetParameters - 0x634D8BD0->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             Eat - algo.dll->engine_ThreadStart - 0x63487540->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             Eat - algo.dll->engine_ThreadStop - 0x634878F0->0x63400000[C:\Program Files\Alwil Software\Avast5\defs\13050500\algo.dll]
             inline - len(78) algo.dll - 0x634170A2->_
             inline - len(78) algo.dll - 0x634172E2->_
             inline - len(77) algo.dll - 0x63417F4F->_
             inline - len(2) algo.dll - 0x634180C8->_
             inline - len(7) algo.dll - 0x6342CB7F->_
             inline - len(7) algo.dll - 0x63440A19->_
             inline - len(10) algo.dll - 0x6344EB33->_
             inline - len(31) algo.dll - 0x6348829B->_
             inline - len(56) algo.dll - 0x6349A83D->_
             inline - len(27) algo.dll - 0x6349A87A->_
             inline - len(79) algo.dll - 0x6349A89A->_
             inline - len(28) algo.dll - 0x634AF748->_
             inline - len(25) algo.dll - 0x634AF7D1->_
             inline - len(68) algo.dll - 0x634AF7EF->_
             inline - len(28) algo.dll - 0x634AF838->_
             inline - len(9) algo.dll - 0x634D0149->_
             inline - len(9) algo.dll - 0x634D0157->_
             inline - len(63) algo.dll - 0x634D0165->_
             inline - len(4) algo.dll - 0x634D024C->_
             inline - len(4) algo.dll - 0x634D72F9->_

------------------------------------------------------------------------------------------

      Image File Name[1228 csrss.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) KERNEL32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[420 afwServ.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryExW - 0x7C801AF5->0x64C90790[C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll]

------------------------------------------------------------------------------------------

      Image File Name[1500 svchost.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[3004 svchost.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[612 spoolsv.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_
             inline - len(4) msonpmon.dll - 0x00E21418->_
             inline - len(4) msonpppr.dll - 0x00EC12FC->_

------------------------------------------------------------------------------------------

      Image File Name[1028 postak.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[2824 PCHunter32.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(5) kernel32.dll->LoadLibraryExW - 0x7C801AF5->0x00438DF0[C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\Temp\Rar$EX01.437\PCHunter_free\PCHunter32.exe]
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[824 svchost.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[1592 svchost.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[968 GrooveMonitor.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[976 GamerOSD.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[1000 rundll32.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[1024 AvastUI.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_
             Iat - USER32.dll->KERNEL32.dll:LoadLibraryExW - 0x7C801AF5->0x64C90790[C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll]

------------------------------------------------------------------------------------------

      Image File Name[1300 services.exe]Process Hook
             Iat - services.exe->ADVAPI32.dll:CreateProcessAsUserW - 0x77DDA8A9->0x003E0002
             Iat - services.exe->KERNEL32.dll:CreateProcessW - 0x7C802336->0x003E0000
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[1116 ctfmon.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[1156 ONENOTEM.EXE]Process Hook
             inline - len(4) ONENOTEM.EXE - 0x3000207C->_
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[1176 smss.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_

------------------------------------------------------------------------------------------

      Image File Name[1804 svchost.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[2424 chrome.exe]Process Hook
             Iat - chrome.exe->KERNEL32.dll:CreateNamedPipeW - 0x7C8307FA->0x00C00010
             inline - len(5) chrome.exe - 0x00438F7F->0x64E82520[C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll]
             inline - len(5) ntdll.dll->LdrLoadDll - 0x7C91632D->0x00DB01F8
             inline - len(5) ntdll.dll->LdrUnloadDll - 0x7C9171CD->0x00DB03FC
             inline - len(6) ntdll.dll->NtCreateFile - 0x7C90D0B4->_
             inline - len(6) ntdll.dll->NtMapViewOfSection - 0x7C90D524->_
             inline - len(6) ntdll.dll->NtOpenFile - 0x7C90D5A4->_
             inline - len(6) ntdll.dll->NtOpenProcess - 0x7C90D604->_
             inline - len(6) ntdll.dll->NtOpenProcessToken - 0x7C90D614->0x7B9183E2
             inline - len(6) ntdll.dll->NtOpenProcessTokenEx - 0x7C90D624->_
             inline - len(6) ntdll.dll->NtOpenThread - 0x7C90D664->_
             inline - len(6) ntdll.dll->NtOpenThreadToken - 0x7C90D674->_
             inline - len(6) ntdll.dll->NtOpenThreadTokenEx - 0x7C90D684->0x7B918453
             inline - len(6) ntdll.dll->NtQueryAttributesFile - 0x7C90D714->_
             inline - len(6) ntdll.dll->NtQueryFullAttributesFile - 0x7C90D7B4->0x7B918581
             inline - len(6) ntdll.dll->NtSetInformationFile - 0x7C90DC64->_
             inline - len(6) ntdll.dll->NtSetInformationThread - 0x7C90DCB4->_
             inline - len(6) ntdll.dll->NtUnmapViewOfSection - 0x7C90DF14->_
             inline - len(6) ntdll.dll->ZwCreateFile - 0x7C90D0B4->_
             inline - len(6) ntdll.dll->ZwMapViewOfSection - 0x7C90D524->_
             inline - len(6) ntdll.dll->ZwOpenFile - 0x7C90D5A4->_
             inline - len(6) ntdll.dll->ZwOpenProcess - 0x7C90D604->_
             inline - len(6) ntdll.dll->ZwOpenProcessToken - 0x7C90D614->0x7B9183E2
             inline - len(6) ntdll.dll->ZwOpenProcessTokenEx - 0x7C90D624->_
             inline - len(6) ntdll.dll->ZwOpenThread - 0x7C90D664->_
             inline - len(6) ntdll.dll->ZwOpenThreadToken - 0x7C90D674->_
             inline - len(6) ntdll.dll->ZwOpenThreadTokenEx - 0x7C90D684->0x7B918453
             inline - len(6) ntdll.dll->ZwQueryAttributesFile - 0x7C90D714->_
             inline - len(6) ntdll.dll->ZwQueryFullAttributesFile - 0x7C90D7B4->0x7B918581
             inline - len(6) ntdll.dll->ZwSetInformationFile - 0x7C90DC64->_
             inline - len(6) ntdll.dll->ZwSetInformationThread - 0x7C90DCB4->_
             inline - len(6) ntdll.dll->ZwUnmapViewOfSection - 0x7C90DF14->_
             inline - len(1) ntdll.dll - 0x7C916865->_
             Eat - KERNEL32.dll->CreateNamedPipeW - 0x7C8307FA->0x00C00010
             inline - len(1) KERNEL32.dll - 0x7C868E04->_
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2A - 0x77E27101->0x00DC0C0C
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2W - 0x77E27189->0x00DC0E10
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigA - 0x77E26E69->0x00DC0804
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigW - 0x77E27001->0x00DC0A08
             inline - len(5) ADVAPI32.dll->CreateServiceA - 0x77E27211->0x00DC01F8
             inline - len(5) ADVAPI32.dll->CreateServiceW - 0x77E273A9->0x00DC03FC
             inline - len(5) ADVAPI32.dll->DeleteService - 0x77E274B1->0x00DC0600
             inline - len(5) ADVAPI32.dll->SetServiceObjectSecurity - 0x77E26D81->0x00DC1014
             Iat - RPCRT4.dll->KERNEL32.dll:CreateNamedPipeW - 0x7C8307FA->0x00C00010
             inline - len(5) USER32.dll->SetWinEventHook - 0x7E3817F7->0x00DD01F8
             inline - len(5) USER32.dll->SetWindowsHookExA - 0x7E381211->0x00DD0600
             inline - len(5) USER32.dll->SetWindowsHookExW - 0x7E37820F->0x00DD0804
             inline - len(5) USER32.dll->UnhookWinEvent - 0x7E3818AC->0x00DD03FC
             inline - len(5) USER32.dll->UnhookWindowsHookEx - 0x7E37D5F3->0x00DD0A08
             Iat - chrome.dll->KERNEL32.dll:CreateNamedPipeW - 0x7C8307FA->0x00C00010
             inline - len(5) chrome.dll - 0x01F2783E->0x64E83450[C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll]
             inline - len(5) chrome.dll - 0x020E91F6->0x64E83680[C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll]
             inline - len(5) chrome.dll - 0x0236EAFA->0x64E83410[C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll]
             inline - len(5) chrome.dll - 0x0236ECF2->0x64E83430[C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll]
             Iat - aswJsFlt.dll->KERNEL32.dll:CreateNamedPipeW - 0x7C8307FA->0x00C00010

------------------------------------------------------------------------------------------

      Image File Name[1756 svchost.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[3212 svchost.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[2200 arservice.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[2216 ATKKBService.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[2244 ehRecvr.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[2264 ehSched.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[3716 svchost.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[2376 jqs.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_
             inline - len(4) OLMAPI32.DLL - 0x38FAE39C->_
             inline - len(4) mso.dll - 0x32A9E448->_

------------------------------------------------------------------------------------------

      Image File Name[2496 nvsvc32.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[2616 alg.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[2744 HPZipm12.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[2800 PSIService.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[3520 chrome.exe]Process Hook
             Iat - chrome.exe->KERNEL32.dll:CreateNamedPipeW - 0x7C8307FA->0x00C60010
             inline - len(5) chrome.exe - 0x00438F7F->0x64E82520[C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll]
             inline - len(5) ntdll.dll->LdrLoadDll - 0x7C91632D->0x00E101F8
             inline - len(5) ntdll.dll->LdrUnloadDll - 0x7C9171CD->0x00E103FC
             inline - len(6) ntdll.dll->NtCreateFile - 0x7C90D0B4->_
             inline - len(6) ntdll.dll->NtMapViewOfSection - 0x7C90D524->_
             inline - len(6) ntdll.dll->NtOpenFile - 0x7C90D5A4->_
             inline - len(6) ntdll.dll->NtOpenProcess - 0x7C90D604->_
             inline - len(6) ntdll.dll->NtOpenProcessToken - 0x7C90D614->0x7B9188BE
             inline - len(6) ntdll.dll->NtOpenProcessTokenEx - 0x7C90D624->_
             inline - len(6) ntdll.dll->NtOpenThread - 0x7C90D664->_
             inline - len(6) ntdll.dll->NtOpenThreadToken - 0x7C90D674->_
             inline - len(6) ntdll.dll->NtOpenThreadTokenEx - 0x7C90D684->0x7B91892F
             inline - len(6) ntdll.dll->NtQueryAttributesFile - 0x7C90D714->_
             inline - len(6) ntdll.dll->NtQueryFullAttributesFile - 0x7C90D7B4->0x7B918A5D
             inline - len(6) ntdll.dll->NtSetInformationFile - 0x7C90DC64->_
             inline - len(6) ntdll.dll->NtSetInformationThread - 0x7C90DCB4->_
             inline - len(6) ntdll.dll->NtUnmapViewOfSection - 0x7C90DF14->_
             inline - len(6) ntdll.dll->ZwCreateFile - 0x7C90D0B4->_
             inline - len(6) ntdll.dll->ZwMapViewOfSection - 0x7C90D524->_
             inline - len(6) ntdll.dll->ZwOpenFile - 0x7C90D5A4->_
             inline - len(6) ntdll.dll->ZwOpenProcess - 0x7C90D604->_
             inline - len(6) ntdll.dll->ZwOpenProcessToken - 0x7C90D614->0x7B9188BE
             inline - len(6) ntdll.dll->ZwOpenProcessTokenEx - 0x7C90D624->_
             inline - len(6) ntdll.dll->ZwOpenThread - 0x7C90D664->_
             inline - len(6) ntdll.dll->ZwOpenThreadToken - 0x7C90D674->_
             inline - len(6) ntdll.dll->ZwOpenThreadTokenEx - 0x7C90D684->0x7B91892F
             inline - len(6) ntdll.dll->ZwQueryAttributesFile - 0x7C90D714->_
             inline - len(6) ntdll.dll->ZwQueryFullAttributesFile - 0x7C90D7B4->0x7B918A5D
             inline - len(6) ntdll.dll->ZwSetInformationFile - 0x7C90DC64->_
             inline - len(6) ntdll.dll->ZwSetInformationThread - 0x7C90DCB4->_
             inline - len(6) ntdll.dll->ZwUnmapViewOfSection - 0x7C90DF14->_
             inline - len(1) ntdll.dll - 0x7C916865->_
             Eat - KERNEL32.dll->CreateNamedPipeW - 0x7C8307FA->0x00C60010
             inline - len(1) KERNEL32.dll - 0x7C868E04->_
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2A - 0x77E27101->0x00E20C0C
             inline - len(5) ADVAPI32.dll->ChangeServiceConfig2W - 0x77E27189->0x00E20E10
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigA - 0x77E26E69->0x00E20804
             inline - len(5) ADVAPI32.dll->ChangeServiceConfigW - 0x77E27001->0x00E20A08
             inline - len(5) ADVAPI32.dll->CreateServiceA - 0x77E27211->0x00E201F8
             inline - len(5) ADVAPI32.dll->CreateServiceW - 0x77E273A9->0x00E203FC
             inline - len(5) ADVAPI32.dll->DeleteService - 0x77E274B1->0x00E20600
             inline - len(5) ADVAPI32.dll->SetServiceObjectSecurity - 0x77E26D81->0x00E21014
             Iat - RPCRT4.dll->KERNEL32.dll:CreateNamedPipeW - 0x7C8307FA->0x00C60010
             inline - len(5) USER32.dll->SetWinEventHook - 0x7E3817F7->0x00E301F8
             inline - len(5) USER32.dll->SetWindowsHookExA - 0x7E381211->0x00E30600
             inline - len(5) USER32.dll->SetWindowsHookExW - 0x7E37820F->0x00E30804
             inline - len(5) USER32.dll->UnhookWinEvent - 0x7E3818AC->0x00E303FC
             inline - len(5) USER32.dll->UnhookWindowsHookEx - 0x7E37D5F3->0x00E30A08
             Iat - chrome.dll->KERNEL32.dll:CreateNamedPipeW - 0x7C8307FA->0x00C60010
             inline - len(5) chrome.dll - 0x01F2783E->0x64E83450[C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll]
             inline - len(5) chrome.dll - 0x020E91F6->0x64E83680[C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll]
             inline - len(5) chrome.dll - 0x0236EAFA->0x64E83410[C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll]
             inline - len(5) chrome.dll - 0x0236ECF2->0x64E83430[C:\Program Files\Alwil Software\Avast5\aswJsFlt.dll]
             Iat - aswJsFlt.dll->KERNEL32.dll:CreateNamedPipeW - 0x7C8307FA->0x00C60010
             Iat - pdf.dll->GDI32.dll:GetFontData - 0x77F1F314->0x02CEE13D[C:\Program Files\Google\Chrome\Application\26.0.1410.64\chrome.dll]
             Iat - ppGoogleNaClPluginChrome.dll->KERNEL32.dll:CreateNamedPipeW - 0x7C8307FA->0x00C60010

------------------------------------------------------------------------------------------

      Image File Name[3364 mcrdsvc.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

------------------------------------------------------------------------------------------

      Image File Name[3692 wuauclt.exe]Process Hook
             Nothing

------------------------------------------------------------------------------------------

      Image File Name[4036 wscntfy.exe]Process Hook
             inline - len(1) ntdll.dll - 0x7C916865->_
             inline - len(1) kernel32.dll - 0x7C868E04->_

==========================================================================================

KernelCallbackTable

      Image File Name[4 System]KernelCallbackTable

------------------------------------------------------------------------------------------

      Image File Name[1992 explorer.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[3340 chrome.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1052 Skype.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[4052 dllhost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1256 winlogon.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[268 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1672 WinRAR.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1312 lsass.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1716 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[372 AvastSvc.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1228 csrss.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[420 afwServ.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1500 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[3004 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[612 spoolsv.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1028 postak.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2824 PCHunter32.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[824 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1592 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2616 alg.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[968 GrooveMonitor.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[976 GamerOSD.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1000 rundll32.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1024 AvastUI.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1300 services.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1116 ctfmon.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1156 ONENOTEM.EXE]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1176 smss.exe]KernelCallbackTable

------------------------------------------------------------------------------------------

      Image File Name[1804 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2424 chrome.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[1756 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[3212 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2200 arservice.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2216 ATKKBService.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2244 ehRecvr.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2264 ehSched.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[3716 svchost.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2376 jqs.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2496 nvsvc32.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2744 HPZipm12.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[2800 PSIService.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[3520 chrome.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[3364 mcrdsvc.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[4036 wscntfy.exe]KernelCallbackTable
             fnCOPYDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnCOPYGLOBALDATA - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnNCDESTROY - OK - C:\WINDOWS\system32\USER32.dll
             fnDWORDOPTINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTDRAG - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINCNTOUTSTRING - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCOMPAREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDELETEITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPDRAWITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPMDICREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPMEASUREITEMSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPWINDOWPOS - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPPOINT5 - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNCCALCSIZE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTLPSCROLLINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnINPAINTCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSIZECLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINDESTROYCLIPBRD - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINSTRINGNULL - OK - C:\WINDOWS\system32\USER32.dll
             fnINDEVICECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTNEXTMENU - OK - C:\WINDOWS\system32\USER32.dll
             fnLOGONNOTIFY - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOPTOUTLPDWORDOPTOUTLPDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTDWORDINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPHLPSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnPOUTLPINT - OK - C:\WINDOWS\system32\USER32.dll
             fnSENTDDEMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTSTYLECHANGE - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINDWORD - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTACTIVATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPCBTCREATESTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPDEBUGHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMOUSEHOOKSTRUCTEX - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPKBDLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSLLHOOKSTRUCT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPMSG - OK - C:\WINDOWS\system32\USER32.dll
             fnHkINLPRECT - OK - C:\WINDOWS\system32\USER32.dll
             fnHkOPTINLPEVENTMSG - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEIn2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut1 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyDDEOut2 - OK - C:\WINDOWS\system32\USER32.dll
             ClientCopyImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientEventCallback - OK - C:\WINDOWS\system32\USER32.dll
             ClientFindMnemChar - OK - C:\WINDOWS\system32\USER32.dll
             ClientFontSweep - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeDDEHandle - OK - C:\WINDOWS\system32\USER32.dll
             ClientFreeLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetCharsetInfo - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEFlags - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetDDEHookData - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetListboxString - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetMessageMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadImage - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLibrary - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadMenu - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadLocalT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadRemoteT1Fonts - OK - C:\WINDOWS\system32\USER32.dll
             ClientPSMTextOut - OK - C:\WINDOWS\system32\USER32.dll
             ClientLpkDrawTextEx - OK - C:\WINDOWS\system32\USER32.dll
             ClientExtTextOutW - OK - C:\WINDOWS\system32\USER32.dll
             ClientGetTextExtentPointW - OK - C:\WINDOWS\system32\USER32.dll
             ClientCharToWchar - OK - C:\WINDOWS\system32\USER32.dll
             ClientAddFontResourceW - OK - C:\WINDOWS\system32\USER32.dll
             ClientThreadSetup - OK - C:\WINDOWS\system32\USER32.dll
             ClientDeliverUserApc - OK - C:\WINDOWS\system32\USER32.dll
             ClientNoMemoryPopup - OK - C:\WINDOWS\system32\USER32.dll
             ClientMonitorEnumProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientCallWinEventProc - OK - C:\WINDOWS\system32\USER32.dll
             ClientWaitMessageExMPH - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWGetProcModule - OK - C:\WINDOWS\system32\USER32.dll
             ClientWOWTask16SchedNotify - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmLoadLayout - OK - C:\WINDOWS\system32\USER32.dll
             ClientImmProcessKey - OK - C:\WINDOWS\system32\USER32.dll
             fnIMECONTROL - OK - C:\WINDOWS\system32\USER32.dll
             fnINWPARAMDBCSCHAR - OK - C:\WINDOWS\system32\USER32.dll
             fnGETTEXTLENGTHS - OK - C:\WINDOWS\system32\USER32.dll
             fnINLPKDRAWSWITCHWND - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadStringW - OK - C:\WINDOWS\system32\USER32.dll
             ClientLoadOLE - OK - C:\WINDOWS\system32\USER32.dll
             ClientRegisterDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             ClientRevokeDragDrop - OK - C:\WINDOWS\system32\USER32.dll
             fnINOUTMENUGETOBJECT - OK - C:\WINDOWS\system32\USER32.dll
             ClientPrinterThunk - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPCOMBOBOXINFO - OK - C:\WINDOWS\system32\USER32.dll
             fnOUTLPSCROLLBARINFO - OK - C:\WINDOWS\system32\USER32.dll

------------------------------------------------------------------------------------------

      Image File Name[0 Idle]KernelCallbackTable

==========================================================================================

Port

       Tcp 192.168.1.102 : 1039 - 193.120.199.16 : 12350 - ESTABLISHED - 1052 - C:\Program Files\Skype\Phone\Skype.exe
       Tcp 192.168.1.102 : 1037 - 64.4.23.153 : 40042 - ESTABLISHED - 1052 - C:\Program Files\Skype\Phone\Skype.exe
       Tcp 192.168.1.102 : 1064 - 173.194.35.67 : 443 - ESTABLISHED - 3340 - C:\Program Files\Google\Chrome\Application\chrome.exe
       Tcp 192.168.1.102 : 1042 - 157.56.192.169 : 443 - ESTABLISHED - 1052 - C:\Program Files\Skype\Phone\Skype.exe
       Tcp 192.168.1.102 : 1140 - 173.194.39.70 : 443 - ESTABLISHED - 3340 - C:\Program Files\Google\Chrome\Application\chrome.exe
       Tcp 0.0.0.0 : 80 - 0.0.0.0 : 0 - LISTENING - 1052 - C:\Program Files\Skype\Phone\Skype.exe
       Tcp 0.0.0.0 : 445 - 0.0.0.0 : 0 - LISTENING - 4 - System
       Tcp 0.0.0.0 : 135 - 0.0.0.0 : 0 - LISTENING - 1592 - C:\WINDOWS\system32\svchost.exe
       Tcp 127.0.0.1 : 27275 - 0.0.0.0 : 0 - LISTENING - 372 - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
       Tcp 192.168.1.102 : 139 - 0.0.0.0 : 0 - LISTENING - 4 - System
       Tcp 0.0.0.0 : 3389 - 0.0.0.0 : 0 - LISTENING - 1500 - C:\WINDOWS\system32\svchost.exe
       Tcp 0.0.0.0 : 443 - 0.0.0.0 : 0 - LISTENING - 1052 - C:\Program Files\Skype\Phone\Skype.exe
       Tcp 127.0.0.1 : 1030 - 0.0.0.0 : 0 - LISTENING - 2616 - C:\WINDOWS\system32\alg.exe
       Tcp 0.0.0.0 : 23674 - 0.0.0.0 : 0 - LISTENING - 1052 - C:\Program Files\Skype\Phone\Skype.exe
       Tcp 127.0.0.1 : 5152 - 0.0.0.0 : 0 - LISTENING - 2376 - C:\Program Files\Java\jre6\bin\jqs.exe
       Udp 127.0.0.1 : 1137 - * : * - 2824 - C:\DOCUME~1\NONAME~1.NO-\LOCALS~1\temp\Rar$EX01.437\PCHunter_free\PCHunter32.exe
       Udp 192.168.1.102 : 123 - * : * - 1716 - C:\WINDOWS\system32\svchost.exe
       Udp 0.0.0.0 : 3776 - * : * - 3364 - C:\WINDOWS\ehome\mcrdsvc.exe
       Udp 0.0.0.0 : 500 - * : * - 1312 - C:\WINDOWS\system32\lsass.exe
       Udp 127.0.0.1 : 1025 - * : * - 1052 - C:\Program Files\Skype\Phone\Skype.exe
       Udp 0.0.0.0 : 443 - * : * - 1052 - C:\Program Files\Skype\Phone\Skype.exe
       Udp 192.168.1.102 : 1900 - * : * - 3004 - C:\WINDOWS\system32\svchost.exe
       Udp 127.0.0.1 : 123 - * : * - 1716 - C:\WINDOWS\system32\svchost.exe
       Udp 127.0.0.1 : 1050 - * : * - 1052 - C:\Program Files\Skype\Phone\Skype.exe
       Udp 0.0.0.0 : 23674 - * : * - 1052 - C:\Program Files\Skype\Phone\Skype.exe
       Udp 192.168.1.102 : 137 - * : * - 4 - System
       Udp 127.0.0.1 : 1900 - * : * - 3004 - C:\WINDOWS\system32\svchost.exe
       Udp 0.0.0.0 : 4500 - * : * - 1312 - C:\WINDOWS\system32\lsass.exe
       Udp 0.0.0.0 : 445 - * : * - 4 - System
       Udp 192.168.1.102 : 138 - * : * - 4 - System
       Raw 4 - System
       Raw 4 - System
       Raw 1312 - C:\WINDOWS\system32\lsass.exe

==========================================================================================

Tcpip

       IRP_MJ_CREATE - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_CREATE_NAMED_PIPE - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_CLOSE - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_READ - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_WRITE - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_QUERY_INFORMATION - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SET_INFORMATION - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_QUERY_EA - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SET_EA - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_FLUSH_BUFFERS - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_QUERY_VOLUME_INFORMATION - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SET_VOLUME_INFORMATION - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_DIRECTORY_CONTROL - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_FILE_SYSTEM_CONTROL - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CONTROL - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_INTERNAL_DEVICE_CONTROL - OK - 0xB384B718 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SHUTDOWN - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_LOCK_CONTROL - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_CLEANUP - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_CREATE_MAILSLOT - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_QUERY_SECURITY - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SET_SECURITY - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_POWER - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SYSTEM_CONTROL - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_DEVICE_CHANGE - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_QUERY_QUOTA - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_SET_QUOTA - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       IRP_MJ_PNP_POWER - OK - 0xB384B4F9 - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation

==========================================================================================

Ndis Handler

       0x8A2CFF28 - NdisProtocolBlock - 0xB279E68E - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB279E6B4 - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB27A018A - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB279FE4A - (Wan)TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB279E99E - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB279E9A6 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB279FFBC - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB279EAC6 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB279E9C8 - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB279EAC6 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB279FEB4 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB279F378 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB279F010 - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A2CFF28 - NdisProtocolBlock - 0xB279EDBA - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB27A018A - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB279FE4A - TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB279FFBC - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB279EAC6 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB279E9A6 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB279FEB4 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB279E99E - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB279E9C8 - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB279EAC6 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndisuio.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB5F7DE22 - WSendHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A3739C8 - NdisOpenBlock - 0xB5F7D06A - WTransferDataHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26AD3EE - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26B5C76 - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26A79B8 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26B6E7C - (Wan)TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26B5CA0 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26ACA74 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26A8432 - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26A75E4 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26B6078 - StatusHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26B5FB2 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26A78C6 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26AE028 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26B1BD8 - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26B17A8 - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DECE88 - NdisProtocolBlock - 0xB26B06C4 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB26A79B8 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB26B6E7C - TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB26A8432 - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB26A75E4 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB26ACA74 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB26A78C6 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB26B5CA0 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB26B6078 - StatusHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB26B5FB2 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x8A0476F8 - NdisOpenBlock - 0xB7DC5CD6 - WTransferDataHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A0476F8 - NdisOpenBlock - 0xB7DC58F8 - WSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A0476F8 - NdisOpenBlock - 0xB7DC5D94 - CancelSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89DF7678 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB26A79B8 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB26B6E7C - TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB26A8432 - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB26A75E4 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB26ACA74 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB26A78C6 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB26B5CA0 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB26B6078 - StatusHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB26B5FB2 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB5F7DE22 - WSendHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89DF7678 - NdisOpenBlock - 0xB5F7D06A - WTransferDataHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BBA7E - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BBAC6 - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BBBA8 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BBB0E - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BBB3E - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BBBB0 - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BBB16 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BBB98 - StatusHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BBBA0 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BBBBE - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BD782 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BD88C - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BD282 - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BBBC8 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BDA36 - CoSendCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BDA54 - CoStatusHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82BDA8E - CoReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89863E20 - NdisProtocolBlock - 0xB82C103A - CoAfRegisterNotifyHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB82BBBA8 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB82BBBB0 - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB82BBB16 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB82BBB3E - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB82BBBBE - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB82BBB0E - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB82BBB98 - StatusHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB82BBBA0 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB71B2B3E - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB71B5BAC - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB82BDAAC - CoCreateVcHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB82BDAAC - CoDeleteVcHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB82BDAAC - CmActivateVcCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x89E0F330 - NdisOpenBlock - 0xB82BDBE0 - CoRequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\arp1394.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB829E412 - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB829E006 - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB829D7E6 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB829D06A - (Wan)TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB829D5B0 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB82987C6 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB829D2DC - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB829D052 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB829B1DE - StatusHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB829A282 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB829D26C - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB8298334 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB829E3C8 - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB8299154 - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8986B9B0 - NdisProtocolBlock - 0xB829B20C - UnloadHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB829D7E6 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB829D06A - TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB829D2DC - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB829D052 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB82987C6 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB829D26C - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB829D5B0 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB829B1DE - StatusHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB829A282 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\wanarp.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB5F7DE22 - WSendHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8985DB28 - NdisOpenBlock - 0xB5F7D06A - WTransferDataHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB38733CE - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB38733ED - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB38487F0 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB387340C - (Wan)TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB387342E - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB384EB80 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB384A6B5 - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB38457F3 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB385EA83 - StatusHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB385E97B - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB3845800 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB385C579 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB3873938 - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89D3D1E8 - NdisProtocolBlock - 0xB3859719 - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB38487F0 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB387340C - TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB384A6B5 - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB38457F3 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB384EB80 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB3845800 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB387342E - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB385EA83 - StatusHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB385E97B - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\tcpip.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB5F7DE22 - WSendHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89E3F370 - NdisOpenBlock - 0xB5F7D06A - WTransferDataHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB8229ACE - OpenAdapterCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB8229F3E - CloseAdapterCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB8229320 - (Wan)SendCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB822A3E0 - (Wan)TransferDataCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB822A3E8 - ResetCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB8229F7A - RequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB822A3F0 - ReceiveCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB822A3F0 - StatusCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB822965E - BindAdapterHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB8229B00 - UnbindAdapterHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB822A586 - PnPEventHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB822A39E - UnloadHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB822A86E - CoStatusHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB822A3F8 - CoReceivePacketHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A19A008 - NdisProtocolBlock - 0xB8229F9C - CoAfRegisterNotifyHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB8229320 - SendCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB822A3E0 - TransferDataCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB822A3F0 - ReceiveCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB8229F7A - RequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB822A3E8 - ResetCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB822A3F0 - StatusCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB84423CA - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB8229128 - CoCreateVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB8229128 - CoDeleteVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB8229128 - CmActivateVcCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB822A3E8 - CmDeactivateVcCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A03CEE0 - NdisOpenBlock - 0xB8229332 - CoRequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB8229320 - SendCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB822A3E0 - TransferDataCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB822A3F0 - ReceiveCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB8229F7A - RequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB822A3E8 - ResetCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB822A3F0 - StatusCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB84423CA - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB8228306 - CoCreateVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB8228306 - CoDeleteVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB8228306 - CmActivateVcCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A116008 - NdisOpenBlock - 0xB82283FC - CoRequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB8229320 - SendCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB822A3E0 - TransferDataCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB822A3F0 - ReceiveCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB8229F7A - RequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB822A3E8 - ResetCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB822A3F0 - StatusCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB81D8305 - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB8229128 - CoCreateVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB8229128 - CoDeleteVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB8229128 - CmActivateVcCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB822A3E8 - CmDeactivateVcCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0C7008 - NdisOpenBlock - 0xB8229332 - CoRequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB8229320 - SendCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB822A3E0 - TransferDataCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB822A3F0 - ReceiveCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB8229F7A - RequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB822A3E8 - ResetCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB822A3F0 - StatusCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB81D8305 - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB8228306 - CoCreateVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB8228306 - CoDeleteVcHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB8228306 - CmActivateVcCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A0B0CB0 - NdisOpenBlock - 0xB82283FC - CoRequestCompleteHandler - C:\WINDOWS\System32\Drivers\NDProxy.SYS - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7545A - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F756FC - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7DB02 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7D0B0 - (Wan)TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7CF4E - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7C6A2 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7D3BC - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7D5E6 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7ECB8 - StatusHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7ED98 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7D1C8 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F76CC4 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7609E - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7CE1A - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F75734 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7DE02 - CoSendCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7CD7C - CoStatusHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7D656 - CoReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A538 - NdisProtocolBlock - 0xB5F7CF56 - CoAfRegisterNotifyHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB5F7DB02 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB5F7D0B0 - TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB5F7D3BC - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB5F7D5E6 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB5F7C6A2 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB5F7D1C8 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB5F7CF4E - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB5F7ECB8 - StatusHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB5F7ED98 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x89870A38 - NdisOpenBlock - 0xB7DC5CD6 - WTransferDataHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89870A38 - NdisOpenBlock - 0xB7DC58F8 - WSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89870A38 - NdisOpenBlock - 0xB7DC5D94 - CancelSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A187008 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB5F7DB02 - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB5F7D0B0 - TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB5F7D3BC - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB5F7D5E6 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB5F7C6A2 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB5F7D1C8 - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB5F7CF4E - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB5F7ECB8 - StatusHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB5F7ED98 - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A187008 - NdisOpenBlock - 0xB7DC5CD6 - WTransferDataHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A187008 - NdisOpenBlock - 0xB7DC58F8 - WSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A187008 - NdisOpenBlock - 0xB7DC5D94 - CancelSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A183538 - NdisProtocolBlock - 0xB81ED4C0 - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183538 - NdisProtocolBlock - 0xB81ED55E - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183538 - NdisProtocolBlock - 0xB81ED680 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183538 - NdisProtocolBlock - 0xB81ED6EC - (Wan)TransferDataCompleteHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183538 - NdisProtocolBlock - 0xB81ED4E6 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183538 - NdisProtocolBlock - 0xB81EDD5C - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183538 - NdisProtocolBlock - 0xB81ED7C4 - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183538 - NdisProtocolBlock - 0xB81ED8EC - StatusHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183538 - NdisProtocolBlock - 0xB81ED6AA - ReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183538 - NdisProtocolBlock - 0xB81EDF12 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183538 - NdisProtocolBlock - 0xB81EDFE8 - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183538 - NdisProtocolBlock - 0xB81ED90C - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183538 - NdisProtocolBlock - 0xB81ED49C - UnloadHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F870B8 - OpenAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F91B97 - CloseAdapterCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F9273B - (Wan)SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F91BD7 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F86354 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F91C65 - (Wan)ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F91BFC - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F91C04 - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F91BFC - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F87122 - BindAdapterHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F92A5D - UnbindAdapterHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F87AA7 - PnPEventHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F87B06 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F927B0 - CoSendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F91E02 - CoStatusHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F91EE6 - CoReceivePacketHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184F28 - NdisProtocolBlock - 0xB5F86387 - CoAfRegisterNotifyHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB5F9273B - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB5F91C65 - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB5F91BFC - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB5F86354 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB5F91BD7 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB5F91C04 - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB5F91BFC - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB84423CA - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB5F888DD - CoCreateVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB5F888DD - CoDeleteVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB5F888DD - CmActivateVcCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A042A08 - NdisOpenBlock - 0xB5F9222D - CoRequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB7E0C133 - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB5F9273B - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB5F91C65 - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB5F91BFC - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB5F86354 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB5F91BD7 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB5F91C04 - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB5F91BFC - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03FCC0 - NdisOpenBlock - 0xB81FDE15 - WSendHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB7E0C133 - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB5F9273B - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB5F91C65 - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB5F91BFC - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB5F86354 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB5F91BD7 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB5F91C04 - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB5F91BFC - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A13A008 - NdisOpenBlock - 0xB81E8FE0 - WSendHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB5F9273B - SendCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB5F91C65 - ReceiveHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB5F91BFC - ReceiveCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB5F86354 - RequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB5F91BD7 - ResetCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB5F91C04 - StatusHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB5F91BFC - StatusCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB81D8305 - MiniportCoRequestHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB5F888DD - CoCreateVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB5F888DD - CoDeleteVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB5F888DD - CmActivateVcCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03B2A0 - NdisOpenBlock - 0xB5F9222D - CoRequestCompleteHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC606A - OpenAdapterCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC6090 - CloseAdapterCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC60B6 - (Wan)SendCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC6122 - (Wan)TransferDataCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC6150 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC6158 - RequestCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC6C94 - (Wan)ReceiveHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC70E0 - ReceiveCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC622A - StatusHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC62BC - StatusCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC67D4 - ReceivePacketHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC62F0 - BindAdapterHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC7158 - UnbindAdapterHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC7198 - PnPEventHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3807E8 - NdisProtocolBlock - 0xB7DC6C6C - UnloadHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89875EA0 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89875EA0 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89875EA0 - NdisOpenBlock - 0xB7DC60B6 - SendCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89875EA0 - NdisOpenBlock - 0xB7DC6122 - TransferDataCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89875EA0 - NdisOpenBlock - 0xB7DC6C94 - ReceiveHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89875EA0 - NdisOpenBlock - 0xB7DC70E0 - ReceiveCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89875EA0 - NdisOpenBlock - 0xB7DC6158 - RequestCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89875EA0 - NdisOpenBlock - 0xB7DC67D4 - ReceivePacketHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89875EA0 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89875EA0 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89875EA0 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x89875EA0 - NdisOpenBlock - 0xB7DC6150 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89875EA0 - NdisOpenBlock - 0xB7DC622A - StatusHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89875EA0 - NdisOpenBlock - 0xB7DC62BC - StatusCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x89875EA0 - NdisOpenBlock - 0xB5FFA740 - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x89875EA0 - NdisOpenBlock - 0xB5FFA050 - CancelSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A220008 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A220008 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A220008 - NdisOpenBlock - 0xB7DC60B6 - SendCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A220008 - NdisOpenBlock - 0xB7DC6122 - TransferDataCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A220008 - NdisOpenBlock - 0xB7DC6C94 - ReceiveHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A220008 - NdisOpenBlock - 0xB7DC70E0 - ReceiveCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A220008 - NdisOpenBlock - 0xB7DC6158 - RequestCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A220008 - NdisOpenBlock - 0xB7DC67D4 - ReceivePacketHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A220008 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A220008 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A220008 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A220008 - NdisOpenBlock - 0xB7DC6150 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A220008 - NdisOpenBlock - 0xB7DC622A - StatusHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A220008 - NdisOpenBlock - 0xB7DC62BC - StatusCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A220008 - NdisOpenBlock - 0xB5F91AD8 - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A03AC58 - NdisOpenBlock - 0xB7DF587B - (Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03AC58 - NdisOpenBlock - 0xB7E0BFE6 - TransferDataHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03AC58 - NdisOpenBlock - 0xB7DC60B6 - SendCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A03AC58 - NdisOpenBlock - 0xB7DC6122 - TransferDataCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A03AC58 - NdisOpenBlock - 0xB7DC6C94 - ReceiveHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A03AC58 - NdisOpenBlock - 0xB7DC70E0 - ReceiveCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A03AC58 - NdisOpenBlock - 0xB7DC6158 - RequestCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A03AC58 - NdisOpenBlock - 0xB7DC67D4 - ReceivePacketHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A03AC58 - NdisOpenBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03AC58 - NdisOpenBlock - 0xB7E0DB65 - ResetHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03AC58 - NdisOpenBlock - 0xB7E0A8C7 - RequestHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A03AC58 - NdisOpenBlock - 0xB7DC6150 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A03AC58 - NdisOpenBlock - 0xB7DC622A - StatusHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A03AC58 - NdisOpenBlock - 0xB7DC62BC - StatusCompleteHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A03AC58 - NdisOpenBlock - 0xB5F91AD8 - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A188B68 - NdisMiniDriverBlock - 0xB84427F8 - HaltHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x8A188B68 - NdisMiniDriverBlock - 0xB84421FC - InitializeHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x8A188B68 - NdisMiniDriverBlock - 0xB8441D4E - ResetHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x8A188B68 - NdisMiniDriverBlock - 0xB8441D56 - ReturnPacketHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x8A188B68 - NdisMiniDriverBlock - 0xB8441DB0 - CoActivateVcHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x8A188B68 - NdisMiniDriverBlock - 0xB8441DB6 - CoDeactivateVcHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x8A188B68 - NdisMiniDriverBlock - 0xB844280E - CoSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x8A188B68 - NdisMiniDriverBlock - 0xB84423CA - CoRequestHandler - C:\WINDOWS\system32\DRIVERS\raspti.sys - Microsoft Corporation
       0x8A17A7F0 - NdisMiniDriverBlock - 0xB5F7B996 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A7F0 - NdisMiniDriverBlock - 0xB5F76204 - HaltHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A7F0 - NdisMiniDriverBlock - 0xB5F75E82 - InitializeHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A7F0 - NdisMiniDriverBlock - 0xB5F7CB3E - QueryInformationHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A7F0 - NdisMiniDriverBlock - 0xB5F7573A - ResetHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A7F0 - NdisMiniDriverBlock - 0xB5F7DE22 - (Wan)SendHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A7F0 - NdisMiniDriverBlock - 0xB5F7CBCC - SetInformationHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A7F0 - NdisMiniDriverBlock - 0xB5F7D06A - (Wan)TransferDataHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A17A7F0 - NdisMiniDriverBlock - 0xB5F7D026 - ReturnPacketHandler - C:\WINDOWS\system32\DRIVERS\psched.sys - Microsoft Corporation
       0x8A181950 - NdisMiniDriverBlock - 0xB81FDB8E - HaltHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x8A181950 - NdisMiniDriverBlock - 0xB81F906F - InitializeHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x8A181950 - NdisMiniDriverBlock - 0xB81F87C6 - QueryInformationHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x8A181950 - NdisMiniDriverBlock - 0xB81FDCB1 - ResetHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x8A181950 - NdisMiniDriverBlock - 0xB81FDE15 - (Wan)SendHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x8A181950 - NdisMiniDriverBlock - 0xB81FDCBE - SetInformationHandler - C:\WINDOWS\system32\DRIVERS\raspptp.sys - Microsoft Corporation
       0x8A183620 - NdisMiniDriverBlock - 0xB81E8306 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183620 - NdisMiniDriverBlock - 0xB81E8F24 - HaltHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183620 - NdisMiniDriverBlock - 0xB81E8E6E - InitializeHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183620 - NdisMiniDriverBlock - 0xB81E9AEE - QueryInformationHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183620 - NdisMiniDriverBlock - 0xB81E8FD2 - ResetHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183620 - NdisMiniDriverBlock - 0xB81E8FE0 - (Wan)SendHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A183620 - NdisMiniDriverBlock - 0xB81E9EE0 - SetInformationHandler - C:\WINDOWS\system32\DRIVERS\raspppoe.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F8C6ED - UnloadHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F9194A - HaltHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F875E5 - InitializeHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F91A4F - ReconfigureHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F91A73 - ResetHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F91ABF - ReturnPacketHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F91AD8 - SendPacketsHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F91B08 - CoCreateVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F91B12 - CoDeleteVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F91B1C - CoActivateVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F91B12 - CoDeactivateVcHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F91B26 - CoSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A184E40 - NdisMiniDriverBlock - 0xB5F8684A - CoRequestHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A18A310 - NdisMiniDriverBlock - 0xB81DD50C - HaltHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x8A18A310 - NdisMiniDriverBlock - 0xB81D8A8E - InitializeHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x8A18A310 - NdisMiniDriverBlock - 0xB81DD2EA - ResetHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x8A18A310 - NdisMiniDriverBlock - 0xB81DD3B0 - ReturnPacketHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x8A18A310 - NdisMiniDriverBlock - 0xB81DD2F7 - CoActivateVcHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x8A18A310 - NdisMiniDriverBlock - 0xB81DD301 - CoDeactivateVcHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x8A18A310 - NdisMiniDriverBlock - 0xB81DD30B - CoSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x8A18A310 - NdisMiniDriverBlock - 0xB81D8305 - CoRequestHandler - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys - Microsoft Corporation
       0x8A23D720 - NdisMiniDriverBlock - 0xB71B1306 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A23D720 - NdisMiniDriverBlock - 0xB71B5208 - HaltHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A23D720 - NdisMiniDriverBlock - 0xB71B4D6E - InitializeHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A23D720 - NdisMiniDriverBlock - 0xB71B4A68 - QueryInformationHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A23D720 - NdisMiniDriverBlock - 0xB71B29F0 - ResetHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A23D720 - NdisMiniDriverBlock - 0xB71B4846 - SetInformationHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A23D720 - NdisMiniDriverBlock - 0xB71BAC2E - ReturnPacketHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A23D720 - NdisMiniDriverBlock - 0xB71B2B3E - SendPacketsHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A23D720 - NdisMiniDriverBlock - 0xB71B29F0 - CoActivateVcHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A23D720 - NdisMiniDriverBlock - 0xB71B29FA - CoDeactivateVcHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A23D720 - NdisMiniDriverBlock - 0xB71B3EB6 - CoSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A23D720 - NdisMiniDriverBlock - 0xB71B5BAC - CoRequestHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FF9160 - UnloadHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FF9DB0 - CheckForHangHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FF9320 - DisableInterruptHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FF9340 - EnableInterruptHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FFA690 - HaltHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FF9360 - HandleInterruptHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FFA410 - InitializeHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FF9380 - ISRHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FFA770 - QueryInformationHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FF9E00 - ResetHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FF9F80 - SetInformationHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FF9E60 - ReturnPacketHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FFA740 - SendPacketsHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FFA050 - CancelSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FFA000 - PnPEventNotifyHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A21E298 - NdisMiniDriverBlock - 0xB5FF9D70 - AdapterShutdownHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A3808D0 - NdisMiniDriverBlock - 0xB7DC5578 - UnloadHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3808D0 - NdisMiniDriverBlock - 0xB7DC5D1C - HaltHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3808D0 - NdisMiniDriverBlock - 0xB7DC584C - InitializeHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3808D0 - NdisMiniDriverBlock - 0xB7DC5B4A - QueryInformationHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3808D0 - NdisMiniDriverBlock - 0xB7DC5F0A - SetInformationHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3808D0 - NdisMiniDriverBlock - 0xB7DC5CD6 - (Wan)TransferDataHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3808D0 - NdisMiniDriverBlock - 0xB7DC5C92 - ReturnPacketHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3808D0 - NdisMiniDriverBlock - 0xB7DC58F8 - SendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3808D0 - NdisMiniDriverBlock - 0xB7DC5D94 - CancelSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3808D0 - NdisMiniDriverBlock - 0xB7DC5DBC - PnPEventNotifyHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A3808D0 - NdisMiniDriverBlock - 0xB7DC5DB4 - AdapterShutdownHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A182AD0 - NdisMiniportBlock - 0xB7E13704 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E0B9A8 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7DF587B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182AD0 - NdisMiniportBlock - 0xB7E13704 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E17B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E0B9A8 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7DF587B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A180AD0 - NdisMiniportBlock - 0xB7E17B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E17B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E0B9A8 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7DF587B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A17CAD0 - NdisMiniportBlock - 0xB7E17B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7DF9A0D - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7DF8DA4 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E0C133 - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A181410 - NdisMiniportBlock - 0xB7DF9A0D - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7DF9A0D - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7DF8DA4 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E0C133 - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A182130 - NdisMiniportBlock - 0xB7DF9A0D - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E17B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E0D4A5 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7DF587B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB5F91AD8 - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A185258 - NdisMiniportBlock - 0xB7E17B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E17B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E0D4A5 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7DF587B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB5F91AD8 - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\ndiswan.sys - Microsoft Corporation
       0x8A185A50 - NdisMiniportBlock - 0xB7E17B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E13704 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E0B9A8 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7DF587B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A187910 - NdisMiniportBlock - 0xB7E13704 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E17B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E0D4A5 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7DF587B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB71B2B3E - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\nic1394.sys - Microsoft Corporation
       0x8A246AD0 - NdisMiniportBlock - 0xB7E17B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E17B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB5FF9360 - HandleInterruptHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB5FF9320 - DisableInterruptHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB5FF9340 - EnableInterruptHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E0D4A5 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7DF587B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB5FFA050 - SavedCancelSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB5FFA740 - WSendPacketsHandler - C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Intel Corporation
       0x8A22C750 - NdisMiniportBlock - 0xB7E17B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E17B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E0D4A5 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7DF587B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A37D130 - NdisMiniportBlock - 0xB7DC5D94 - SavedCancelSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A37D130 - NdisMiniportBlock - 0xB7DC58F8 - WSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A37D130 - NdisMiniportBlock - 0xB7E17B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E17B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E0D4A5 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7DF587B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A362130 - NdisMiniportBlock - 0xB7DC5D94 - SavedCancelSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A362130 - NdisMiniportBlock - 0xB7DC58F8 - WSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A362130 - NdisMiniportBlock - 0xB7E17B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E17B21 - PacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E0ABB0 - SendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E119B7 - SendResourcesHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E13022 - ResetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E0ED1A - LockHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E0D25F - SendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E0D4A5 - DeferredSendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E18AF6 - EthRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E191F1 - TrRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E171F7 - FddiRxIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E18971 - EthRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E19A2D - TrRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E167FC - FddiRxCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E0F9EF - StatusHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E0FC2D - StatusCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E0BF55 - TDCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E0E898 - QueryCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E0EC74 - SetCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E0C27E - WanSendCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E12834 - WanRcvHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E128D4 - WanRcvCompleteHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7DF587B - Saved(Wan)SendHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7E0D25F - SavedSendPacketsHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation
       0x8A373130 - NdisMiniportBlock - 0xB7DC5D94 - SavedCancelSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A373130 - NdisMiniportBlock - 0xB7DC58F8 - WSendPacketsHandler - C:\WINDOWS\system32\drivers\aswNdis2.sys - AVAST Software
       0x8A373130 - NdisMiniportBlock - 0xB7E17B21 - SavedPacketIndicateHandler - C:\WINDOWS\system32\drivers\NDIS.sys - Microsoft Corporation

==========================================================================================

IE Plugin

       Browser Helper Objects - Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - Adobe Systems Incorporated - {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
       Browser Helper Objects - Idea2 SidebarBrowserMonitor Class - C:\Program Files\Desktop Sidebar\sbhelp.dll - Idea2 - {45AD732C-2CE2-4666-B366-B2214AD57A49}
       Browser Helper Objects - Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - Microsoft Corporation - {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
       Browser Helper Objects - Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll - Sun Microsystems, Inc. - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
       Browser Helper Objects - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll - AVAST Software - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
       Browser Helper Objects - Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll - Sun Microsystems, Inc. - {DBC80044-A445-435b-BC74-9C25C1C588A9}
       Browser Helper Objects - JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll - Sun Microsystems, Inc. - {E7E6F031-17CE-4C07-BC86-EABFE594F69C}
       Browser Extensions - Subscribe in Desktop Sidebar -  -  - {09FE188B-6E85-479e-9411-51FB2220DF80}
       Browser Extensions - Odeslat do aplikace OneNote -  -  - {2670000A-7350-4f3c-8081-5663EE0C6C49}
       Browser Extensions - Research -  -  - {92780B25-18CC-41C8-B9BE-3C9C571A8263}
       Browser Extensions -  - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe - Microsoft Corporation - {e2e2dd38-d088-4134-82b7-f2ba38496583}
       Browser Extensions - Messenger - C:\Program Files\Messenger\msmsgs.exe - Microsoft Corporation - {FB5F1910-F110-11d2-BB9E-00C04F795683}
       ToolBar -  - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll - AVAST Software - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
       URLSearchHooks - Microsoft Url Search Hook - C:\WINDOWS\system32\ieframe.dll - Microsoft Corporation - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
       ActiveX -  -  -  - {09FE188B-6E85-479E-9411-51FB2220DF80}
       ActiveX - Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - Adobe Systems Incorporated - {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
       ActiveX - HTML Document - C:\WINDOWS\system32\mshtml.dll - Microsoft Corporation - {25336920-03F9-11CF-8FD0-00AA00686F13}
       ActiveX -  -  -  - {2670000A-7350-4F3C-8081-5663EE0C6C49}
       ActiveX - XML DOM Document - C:\WINDOWS\system32\msxml3.dll - Microsoft Corporation - {2933BF90-7B36-11D2-B20E-00C04F983E60}
       ActiveX -  -  -  - {326E768D-4182-46FD-9C16-1449A49795F4}
       ActiveX - Idea2 SidebarBrowserMonitor Class - C:\Program Files\Desktop Sidebar\sbhelp.dll - Idea2 - {45AD732C-2CE2-4666-B366-B2214AD57A49}
       ActiveX - HHCtrl Object - C:\WINDOWS\system32\hhctrl.ocx - Microsoft Corporation - {52A2AAAE-085D-4187-97EA-8C30DB990436}
       ActiveX -  -  -  - {53707962-6F74-2D53-2644-206D7942484F}
       ActiveX -  -  -  - {6B88BF6B-0D5F-4126-9331-186A7AF1C32C}
       ActiveX - Windows Media Player - C:\WINDOWS\system32\wmp.dll - Microsoft Corporation - {6BF52A52-394A-11D3-B153-00C04F79FAA6}
       ActiveX - Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - Microsoft Corporation - {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
       ActiveX - Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll - Sun Microsystems, Inc. - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
       ActiveX - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll - AVAST Software - {8E5E2654-AD2D-48BF-AC2D-D17F00898D06}
       ActiveX -  -  -  - {92780B25-18CC-41C8-B9BE-3C9C571A8263}
       ActiveX - Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll - Adobe Systems, Inc. - {CA8A9780-280D-11CF-A24D-444553540000}
       ActiveX - Microsoft Url Search Hook - C:\WINDOWS\system32\ieframe.dll - Microsoft Corporation - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
       ActiveX - Shockwave Flash Object - C:\WINDOWS\system32\Macromed\Flash\Flash32_11_7_700_169.ocx - Adobe Systems, Inc. - {D27CDB6E-AE6D-11CF-96B8-444553540000}
       ActiveX - Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll - Sun Microsystems, Inc. - {DBC80044-A445-435B-BC74-9C25C1C588A9}
       ActiveX -  -  -  - {E2E2DD38-D088-4134-82B7-F2BA38496583}
       ActiveX - JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll - Sun Microsystems, Inc. - {E7E6F031-17CE-4C07-BC86-EABFE594F69C}
       ActiveX -  -  -  - {EA837F48-5AD1-443E-AE34-FFE03CBF3099}
       ActiveX - XML HTTP Request - C:\WINDOWS\system32\msxml3.dll - Microsoft Corporation - {ED8C108E-4349-11D2-91A4-00C04F7969E8}
       ActiveX -  -  -  - {FB5F1910-F110-11D2-BB9E-00C04F795683}
       Distribution Units - LegitCheckControl.DLL - C:\WINDOWS\system32\LegitCheckControl.DLL - Microsoft Corporation - {17492023-C23A-453E-A040-C7C580BBF700}
       Distribution Units - unicows.dll - C:\WINDOWS\system32\unicows.dll - Microsoft Corporation - {8100D56A-5661-482C-BEE8-AFECE305D968}
       Distribution Units - PhotoUploader55.ocx - C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx - The Facebook - {8100D56A-5661-482C-BEE8-AFECE305D968}
       Distribution Units - npjpi160_37.dll - C:\Program Files\Java\jre6\bin\npjpi160_37.dll - Sun Microsystems, Inc. - {8AD9C840-044E-11D1-B3E9-00805F499D93}
       Distribution Units - npjpi160_37.dll - C:\Program Files\Java\jre6\bin\npjpi160_37.dll - Sun Microsystems, Inc. - {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
       Distribution Units - npjpi160_37.dll - C:\Program Files\Java\jre6\bin\npjpi160_37.dll - Sun Microsystems, Inc. - {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

==========================================================================================

IE Shell

       E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
       Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html

==========================================================================================

Spi

       MSAFD Tcpip [TCP/IP] - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
       MSAFD Tcpip [UDP/IP] - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
       MSAFD Tcpip [RAW/IP] - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
       RSVP UDP Service Provider - C:\WINDOWS\system32\rsvpsp.dll - Microsoft Corporation - {9D60A9E0-337A-11D0-BD88-0000C082E69A}
       RSVP TCP Service Provider - C:\WINDOWS\system32\rsvpsp.dll - Microsoft Corporation - {9D60A9E0-337A-11D0-BD88-0000C082E69A}
       MSAFD nwlnkipx [IPX] - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {11058240-BE47-11CF-95C8-00805F48A192}
       MSAFD nwlnkspx [SPX] - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {11058241-BE47-11CF-95C8-00805F48A192}
       MSAFD nwlnkspx [SPX] [Pseudo Stream] - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {11058241-BE47-11CF-95C8-00805F48A192}
       MSAFD nwlnkspx [SPX II] - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {11058241-BE47-11CF-95C8-00805F48A192}
       MSAFD nwlnkspx [SPX II] [Pseudo Stream] - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {11058241-BE47-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 5 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 5 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{5AEF8D0F-B5AE-4B9B-A136-1B40F9926D56}] SEQPACKET 6 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{5AEF8D0F-B5AE-4B9B-A136-1B40F9926D56}] DATAGRAM 6 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{A5504BA6-A16E-48A7-BD5F-B3442C2B64BE}] SEQPACKET 4 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{A5504BA6-A16E-48A7-BD5F-B3442C2B64BE}] DATAGRAM 4 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{F1040824-DEC8-47D1-BB63-C6A135757F5C}] SEQPACKET 0 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{F1040824-DEC8-47D1-BB63-C6A135757F5C}] DATAGRAM 0 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{E20B5FA1-B9A8-4DD4-9F2E-F3512FD2CB8E}] SEQPACKET 1 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{E20B5FA1-B9A8-4DD4-9F2E-F3512FD2CB8E}] DATAGRAM 1 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{31C75B29-ABE4-4FA1-9662-573F26B386B6}] SEQPACKET 2 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{31C75B29-ABE4-4FA1-9662-573F26B386B6}] DATAGRAM 2 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{2D81F9B5-AEEF-4115-AEF1-113E3E19E1AF}] SEQPACKET 3 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       MSAFD NetBIOS [\Device\NetBT_Tcpip_{2D81F9B5-AEEF-4115-AEF1-113E3E19E1AF}] DATAGRAM 3 - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation - {8D5F1830-C273-11CF-95C8-00805F48A192}
       Tcpip - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
       NTDS - C:\WINDOWS\system32\winrnr.dll - Microsoft Corporation
       Obor nzv sluby Sledovn umstn v sti (NLA) - C:\WINDOWS\system32\mswsock.dll - Microsoft Corporation
       Transportn protokol kompatibiln s NWLink IPX/SPX/NetBIOS - C:\WINDOWS\system32\nwprovau.dll - Microsoft Corporation

==========================================================================================

Hosts File

       127.0.0.1       localhost


==========================================================================================

Startup

       GrooveMonitor - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run GrooveMonitor]
       ASUSGamerOSD - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe - ASUSTeK Computer Inc. - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ASUSGamerOSD]
       Adobe ARM - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - Adobe Systems Incorporated - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Adobe ARM]
       NvCplDaemon - C:\WINDOWS\system32\nvcpl.dll - NVIDIA Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run NvCplDaemon]
       NvMediaCenter - C:\WINDOWS\system32\nvmctray.dll - NVIDIA Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run NvMediaCenter]
       SunJavaUpdateSched - C:\Program Files\Common Files\Java\Java Update\jusched.exe - Sun Microsystems, Inc. - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SunJavaUpdateSched]
       avast - C:\Program Files\Alwil Software\Avast5\AvastUI.exe - AVAST Software - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run avast]
       WIAWizardMenu - C:\WINDOWS\system32\sti_ci.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce WIAWizardMenu]
       Seznam Postak - C:\Program Files\Seznam.cz\bin\postak.exe -  - [\REGISTRY\USER\S-1-5-21-2052111302-2025429265-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Seznam Postak]
       Skype - C:\Program Files\Skype\Phone\Skype.exe - Skype Technologies S.A. - [\REGISTRY\USER\S-1-5-21-2052111302-2025429265-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Skype]
       ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe - Microsoft Corporation - [\REGISTRY\USER\S-1-5-21-2052111302-2025429265-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ctfmon.exe]
       Vezy obrazovky a sputn aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE - Microsoft Corporation - [C:\Documents and Settings\NoName.NO-4F6B2481B176\Nabdka Start\Programy\Po sputn\Vezy obrazovky a sputn aplikace OneNote 2007.lnk]
       wdmaud.drv - C:\WINDOWS\system32\wdmaud.drv - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 aux]
       wpgldfsh.scr - C:\WINDOWS\system32\wpgldfsh.scr - Microsoft Corporation - [\REGISTRY\USER\S-1-5-21-2052111302-2025429265-1801674531-1004\Control Panel\Desktop SCRNSAVE.EXE]
       Shell - Explorer.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Shell]
       UIHost - logonui.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon UIHost]
       Userinit - C:\WINDOWS\system32\userinit.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit]
       crypt32chain - C:\WINDOWS\system32\crypt32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain DllName]
       cryptnet - C:\WINDOWS\system32\cryptnet.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet DllName]
       cscdll - C:\WINDOWS\system32\cscdll.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll DllName]
       dimsntfy - C:\WINDOWS\system32\dimsntfy.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy DllName]
       ScCertProp - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp DllName]
       Schedule - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule DllName]
       sclgntfy - C:\WINDOWS\system32\sclgntfy.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy DllName]
       SensLogn - C:\WINDOWS\system32\WlNotify.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn DllName]
       termsrv - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv DllName]
       wlballoon - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon DllName]
       WebCheck - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WebCheck]
       WPDShServiceObj - C:\WINDOWS\system32\wpdshserviceobj.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad WPDShServiceObj]
       PostBootReminder - C:\WINDOWS\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad PostBootReminder]
       CDBurn - C:\WINDOWS\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad CDBurn]
       SysTray - C:\WINDOWS\system32\stobject.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad SysTray]
       GrooveShellExtensions.dll({B5A7F190-DDA6-4420-B3BA-52453494E6CD}) - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {B5A7F190-DDA6-4420-B3BA-52453494E6CD}]
       browseui.dll({438755C2-A8BA-11D1-B96B-00A0C90312E1}) - C:\WINDOWS\system32\browseui.dll - Spolenost Microsoft - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler {438755C2-A8BA-11D1-B96B-00A0C90312E1}]
       browseui.dll({8C7461EF-2B13-11d2-BE35-3078302C2030}) - C:\WINDOWS\system32\browseui.dll - Spolenost Microsoft - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler {8C7461EF-2B13-11d2-BE35-3078302C2030}]
       BJ Language Monitor - C:\WINDOWS\system32\cnbjmon.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors BJ Language Monitor]
       HP Standard TCP/IP Port - C:\WINDOWS\system32\HpTcpMon.dll - Hewlett Packard - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors HP Standard TCP/IP Port]
       LIDIL hpzll054 - C:\WINDOWS\system32\hpzll054.dll - Hewlett-Packard Company - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors LIDIL hpzll054]
       Local Port - C:\WINDOWS\system32\localspl.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors Local Port]
       PCL hpz3l054 - C:\WINDOWS\system32\hpz3l054.dll - Hewlett-Packard Company - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors PCL hpz3l054]
       PJL Language Monitor - C:\WINDOWS\system32\pjlmon.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors PJL Language Monitor]
       Send To Microsoft OneNote Monitor - C:\WINDOWS\system32\msonpmon.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors Send To Microsoft OneNote Monitor]
       Standard TCP/IP Port - C:\WINDOWS\system32\tcpmon.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors Standard TCP/IP Port]
       USB Monitor - C:\WINDOWS\system32\usbmon.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Monitors USB Monitor]
       Internet Print Provider - C:\WINDOWS\system32\inetpp.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Providers Internet Print Provider]
       LanMan Print Services - C:\WINDOWS\system32\win32spl.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Providers LanMan Print Services]
       NetWare or Compatible Network - C:\WINDOWS\system32\nwprovau.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Print\Providers NetWare or Compatible Network]
       advapi32 - C:\WINDOWS\system32\advapi32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs advapi32]
       comdlg32 - C:\WINDOWS\system32\comdlg32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs comdlg32]
       gdi32 - C:\WINDOWS\system32\gdi32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs gdi32]
       imagehlp - C:\WINDOWS\system32\imagehlp.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs imagehlp]
       kernel32 - C:\WINDOWS\system32\kernel32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs kernel32]
       lz32 - C:\WINDOWS\system32\lz32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs lz32]
       ole32 - C:\WINDOWS\system32\ole32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs ole32]
       oleaut32 - C:\WINDOWS\system32\oleaut32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs oleaut32]
       olecli32 - C:\WINDOWS\system32\olecli32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs olecli32]
       olecnv32 - C:\WINDOWS\system32\olecnv32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs olecnv32]
       olesvr32 - C:\WINDOWS\system32\olesvr32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs olesvr32]
       olethk32 - C:\WINDOWS\system32\olethk32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs olethk32]
       rpcrt4 - C:\WINDOWS\system32\rpcrt4.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs rpcrt4]
       shell32 - C:\WINDOWS\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs shell32]
       url - C:\WINDOWS\system32\url.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs url]
       urlmon - C:\WINDOWS\system32\urlmon.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs urlmon]
       user32 - C:\WINDOWS\system32\user32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs user32]
       version - C:\WINDOWS\system32\version.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs version]
       wininet - C:\WINDOWS\system32\wininet.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs wininet]
       wldap32 - C:\WINDOWS\system32\wldap32.dll - Microsoft Corporation - [\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs wldap32]
       ashShell.dll(avast) - C:\Program Files\Alwil Software\Avast5\ashShell.dll - AVAST Software - [\Registry\Machine\SOFTWARE\Classes\*\shellex\ContextMenuHandlers avast]
       ShellEx_101.dll(FormatFactoryShell) - C:\Documents and Settings\NoName.NO-4F6B2481B176\Dokumenty\Staen soubory\FormatFactory\ShellEx_101.dll - Free Time - [\Registry\Machine\SOFTWARE\Classes\*\shellex\ContextMenuHandlers FormatFactoryShell]
       cscui.dll(Offline Files) - C:\WINDOWS\system32\cscui.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Classes\*\shellex\ContextMenuHandlers Offline Files]
       shell32.dll(Open With) - C:\WINDOWS\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Classes\*\shellex\ContextMenuHandlers Open With]
       shell32.dll(Open With EncryptionMenu) - C:\WINDOWS\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Classes\*\shellex\ContextMenuHandlers Open With EncryptionMenu]
       RarExt.dll(WinRAR) - C:\Program Files\WinRAR\RarExt.dll -  - [\Registry\Machine\SOFTWARE\Classes\*\shellex\ContextMenuHandlers WinRAR]
       GrooveShellExtensions.dll(XXX Groove GFS Context Menu Handler XXX) - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Classes\*\shellex\ContextMenuHandlers XXX Groove GFS Context Menu Handler XXX]
       ashShell.dll(00avast) - C:\Program Files\Alwil Software\Avast5\ashShell.dll - AVAST Software - [\Registry\Machine\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers 00avast]
       shell32.dll(Send To) - C:\WINDOWS\system32\shell32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers Send To]
       GrooveShellExtensions.dll(XXX Groove GFS Context Menu Handler XXX) - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers XXX Groove GFS Context Menu Handler XXX]
       ashShell.dll(avast) - C:\Program Files\Alwil Software\Avast5\ashShell.dll - AVAST Software - [\Registry\Machine\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers avast]
       nwprovau.dll(NetWareUNCMenu) - C:\WINDOWS\system32\nwprovau.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers NetWareUNCMenu]
       RarExt.dll(WinRAR) - C:\Program Files\WinRAR\RarExt.dll -  - [\Registry\Machine\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers WinRAR]
       GrooveShellExtensions.dll(XXX Groove GFS Context Menu Handler XXX) - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers XXX Groove GFS Context Menu Handler XXX]
       Aktualizace verze aplikace Internet Explorer(<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}) - C:\WINDOWS\system32\ieudinit.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
       Windows Media Player(>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}) - C:\WINDOWS\inf\unregmp2.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components >{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
       Internet Explorer(>{26923b43-4d38-484f-9b9e-de460746276c}) - C:\WINDOWS\system32\ie4uinit.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components >{26923b43-4d38-484f-9b9e-de460746276c}]
       Browser Customizations(>{60B49E34-C7CC-11D0-8953-00A0C90347FF}) - C:\WINDOWS\system32\iedkcs32.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components >{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
       Vlastn nastaven prohlee(>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS) - C:\WINDOWS\system32\IEDKCS32.DLL - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
       Outlook Express(>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}) - C:\WINDOWS\system32\shmgrate.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components >{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
       ({2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}) -  -  - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
       Microsoft Windows Media Player 6.4({22d6f312-b0f6-11d0-94ab-0080c74c7e95}) -  -  - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
       Themes Setup({2C7339CF-2B09-4501-B3F3-F3508C9228ED}) - C:\WINDOWS\system32\regsvr32.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
       Media Center({407408d4-94ed-4d86-ab69-a7f649d112ee}) - setupapi - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {407408d4-94ed-4d86-ab69-a7f649d112ee}]
       Microsoft Outlook Express 6({44BBA840-CC51-11CF-AAFA-00AA00B6015C}) - C:\Program Files\Outlook Express\setup50.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
       NetMeeting 3.01({44BBA842-CC51-11CF-AAFA-00AA00B6015B}) - C:\WINDOWS\system32\advpack.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
       Windows Messenger 4.7({5945c046-1e7d-11d1-bc44-00c04fd912be}) - C:\WINDOWS\system32\advpack.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {5945c046-1e7d-11d1-bc44-00c04fd912be}]
       Microsoft Windows Media Player({6BF52A52-394A-11d3-B153-00C04F79FAA6}) - C:\WINDOWS\system32\advpack.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {6BF52A52-394A-11d3-B153-00C04F79FAA6}]
       Adres 6({7790769C-0471-11d2-AF11-00C04FA35D02}) - C:\Program Files\Outlook Express\setup50.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {7790769C-0471-11d2-AF11-00C04FA35D02}]
       Aktualizace plochy systmu Windows({89820200-ECBD-11cf-8B85-00AA005B4340}) - C:\WINDOWS\system32\regsvr32.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {89820200-ECBD-11cf-8B85-00AA005B4340}]
       Internet Explorer({89820200-ECBD-11cf-8B85-00AA005B4383}) - C:\WINDOWS\system32\ie4uinit.exe - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {89820200-ECBD-11cf-8B85-00AA005B4383}]
       ({89B4C1CD-B018-4511-B0A1-5476DBF70820}) - C:\WINDOWS\system32\mscories.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {89B4C1CD-B018-4511-B0A1-5476DBF70820}]
       Google Chrome({8A69D345-D564-463c-AFF1-A69D9E530F96}) - C:\Program Files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe - Google Inc. - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {8A69D345-D564-463c-AFF1-A69D9E530F96}]
       Postrann panel systmu Windows({D58F39FF-953E-4F45-898F-59F243B9A523}) - C:\WINDOWS\system32\advpack.dll - Microsoft Corporation - [\Registry\Machine\SOFTWARE\Microsoft\Active Setup\Installed Components {D58F39FF-953E-4F45-898F-59F243B9A523}]

==========================================================================================

Service

       AdobeFlashPlayerUpdateSvc - Stopped - Manual - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe - Adobe Systems Incorporated -  - 
       Alerter - Stopped - Disabled - C:\WINDOWS\system32\svchost.exe -k LocalService - Microsoft Corporation -  - 
       ALG - Started - Manual - C:\WINDOWS\system32\alg.exe - Microsoft Corporation -  - 
       AppMgmt - Stopped - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       ARSVC - Started - Automatic - C:\WINDOWS\arservice.exe - Microsoft -  - 
       aspnet_state - Stopped - Manual - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe - Microsoft Corporation -  - 
       ATKKeyboardService - Started - Automatic - C:\WINDOWS\ATKKBService.exe - ASUSTeK COMPUTER INC. -  - 
       AudioSrv - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       avast! Antivirus - Started - Automatic - "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" - AVAST Software -  - 
       avast! Firewall - Started - Automatic - "C:\Program Files\Alwil Software\Avast5\afwServ.exe" - AVAST Software -  - 
       BITS - Started - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       Browser - Stopped - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       CiSvc - Stopped - Manual - C:\WINDOWS\system32\cisvc.exe - Microsoft Corporation -  - 
       ClipSrv - Stopped - Manual - C:\WINDOWS\system32\clipsrv.exe - Microsoft Corporation -  - 
       clr_optimization_v2.0.50727_32 - Stopped - Manual - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - Microsoft Corporation -  - 
       COMSysApp - Started - Manual - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} - Microsoft Corporation -  - 
       CryptSvc - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       DcomLaunch - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k DcomLaunch - Microsoft Corporation -  - 
       Dhcp - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       dmadmin - Stopped - Manual - C:\WINDOWS\System32\dmadmin.exe /com - Microsoft Corp., Veritas Software -  - 
       dmserver - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       Dnscache - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k NetworkService - Microsoft Corporation -  - 
       Dot3svc - Stopped - Manual - C:\WINDOWS\System32\svchost.exe -k dot3svc - Microsoft Corporation -  - 
       EapHost - Stopped - Manual - C:\WINDOWS\System32\svchost.exe -k eapsvcs - Microsoft Corporation -  - 
       ehRecvr - Started - Automatic - C:\WINDOWS\ehome\ehRecvr.exe - Microsoft Corporation -  - 
       ehSched - Started - Automatic - C:\WINDOWS\ehome\ehSched.exe - Microsoft Corporation -  - 
       ERSvc - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       Eventlog - Started - Automatic - C:\WINDOWS\system32\services.exe - Microsoft Corporation -  - 
       EventSystem - Started - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       FastUserSwitchingCompatibility - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       FontCache3.0.0.0 - Stopped - Manual - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - Microsoft Corporation -  - 
       gupdate - Stopped - Automatic - "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc - Google Inc. -  - 
       gupdatem - Stopped - Manual - "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc - Google Inc. -  - 
       helpsvc - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       HidServ - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       hkmsvc - Stopped - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       HTTPFilter - Stopped - Manual - C:\WINDOWS\System32\svchost.exe -k HTTPFilter - Microsoft Corporation -  - 
       IDriverT - Stopped - Manual - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" - Macrovision Corporation -  - 
       idsvc - Stopped - Manual - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" - Microsoft Corporation -  - 
       ImapiService - Stopped - Manual - C:\WINDOWS\system32\imapi.exe - Microsoft Corporation -  - 
       JavaQuickStarterService - Started - Automatic - "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" - Sun Microsystems, Inc. -  - 
       LanmanServer - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       lanmanworkstation - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       LmHosts - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k LocalService - Microsoft Corporation -  - 
       McrdSvc - Started - Automatic - C:\WINDOWS\ehome\mcrdsvc.exe - Microsoft Corporation -  - 
       Messenger - Stopped - Disabled - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       Microsoft Office Groove Audit Service - Stopped - Manual - "C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe" - Microsoft Corporation -  - 
       mnmsrvc - Stopped - Manual - C:\WINDOWS\system32\mnmsrvc.exe - Microsoft Corporation -  - 
       MSDTC - Stopped - Manual - C:\WINDOWS\system32\msdtc.exe - Microsoft Corporation -  - 
       MSIServer - Stopped - Manual - C:\WINDOWS\system32\msiexec.exe /V - Microsoft Corporation -  - 
       napagent - Stopped - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       NetDDE - Stopped - Disabled - C:\WINDOWS\system32\netdde.exe - Microsoft Corporation -  - 
       NetDDEdsdm - Stopped - Disabled - C:\WINDOWS\system32\netdde.exe - Microsoft Corporation -  - 
       Netlogon - Stopped - Manual - C:\WINDOWS\system32\lsass.exe - Microsoft Corporation -  - 
       Netman - Started - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       NetTcpPortSharing - Stopped - Disabled - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" - Microsoft Corporation -  - 
       Nla - Started - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       NtLmSsp - Stopped - Manual - C:\WINDOWS\system32\lsass.exe - Microsoft Corporation -  - 
       NtmsSvc - Stopped - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       NVSvc - Started - Automatic - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Corporation -  - 
       NWCWorkstation - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       odserv - Stopped - Manual - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" - Microsoft Corporation -  - 
       ose - Stopped - Manual - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" - Microsoft Corporation -  - 
       PlugPlay - Started - Automatic - C:\WINDOWS\system32\services.exe - Microsoft Corporation -  - 
       Pml Driver HPZ12 - Started - Automatic - C:\WINDOWS\system32\HPZipm12.exe - HP -  - 
       PolicyAgent - Started - Automatic - C:\WINDOWS\system32\lsass.exe - Microsoft Corporation -  - 
       ProtectedStorage - Started - Automatic - C:\WINDOWS\system32\lsass.exe - Microsoft Corporation -  - 
       ProtexisLicensing - Started - Automatic - C:\WINDOWS\system32\PSIService.exe -  -  - 
       RasAuto - Stopped - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       RasMan - Started - Manual - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       RDSessMgr - Stopped - Manual - C:\WINDOWS\system32\sessmgr.exe - Microsoft Corporation -  - 
       RemoteAccess - Stopped - Disabled - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       RemoteRegistry - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k LocalService - Microsoft Corporation -  - 
       RpcLocator - Stopped - Manual - C:\WINDOWS\system32\locator.exe - Microsoft Corporation -  - 
       RpcSs - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k rpcss - Microsoft Corporation -  - 
       RSVP - Stopped - Manual - C:\WINDOWS\system32\rsvp.exe - Microsoft Corporation -  - 
       SamSs - Started - Automatic - C:\WINDOWS\system32\lsass.exe - Microsoft Corporation -  - 
       SCardSvr - Stopped - Manual - C:\WINDOWS\system32\scardsvr.exe - Microsoft Corporation -  - 
       Schedule - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       seclogon - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       SENS - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       SharedAccess - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       ShellHWDetection - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       SkypeUpdate - Stopped - Automatic - "C:\Program Files\Skype\Updater\Updater.exe" - Skype Technologies -  - 
       Spooler - Started - Automatic - C:\WINDOWS\system32\spoolsv.exe - Microsoft Corporation -  - 
       srservice - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       SSDPSRV - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k LocalService - Microsoft Corporation -  - 
       stisvc - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k imgsvc - Microsoft Corporation -  - 
       SwPrv - Stopped - Manual - C:\WINDOWS\system32\dllhost.exe /Processid:{3894D7B5-3FEE-4AAA-9927-86D4EB80B1B9} - Microsoft Corporation -  - 
       SysmonLog - Stopped - Manual - C:\WINDOWS\system32\smlogsvc.exe - Microsoft Corporation -  - 
       TapiSrv - Started - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       TermService - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k DComLaunch - Microsoft Corporation -  - 
       Themes - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       TlntSvr - Stopped - Manual - C:\WINDOWS\system32\tlntsvr.exe - Microsoft Corporation -  - 
       TrkWks - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       upnphost - Stopped - Manual - C:\WINDOWS\system32\svchost.exe -k LocalService - Microsoft Corporation -  - 
       UPS - Stopped - Manual - C:\WINDOWS\system32\ups.exe - Microsoft Corporation -  - 
       VSS - Stopped - Manual - C:\WINDOWS\system32\vssvc.exe - Microsoft Corporation -  - 
       W32Time - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       WebClient - Start pending - Automatic - C:\WINDOWS\system32\svchost.exe -k LocalService - Microsoft Corporation -  - 
       winmgmt - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       WmdmPmSN - Stopped - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       Wmi - Stopped - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       WmiApSrv - Stopped - Manual - C:\WINDOWS\system32\wbem\wmiapsrv.exe - Microsoft Corporation -  - 
       WMPNetworkSvc - Stopped - Manual - "C:\Program Files\Windows Media Player\WMPNetwk.exe" - Microsoft Corporation -  - 
       wscsvc - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       wuauserv - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       WudfSvc - Started - Automatic - C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup - Microsoft Corporation -  - 
       WZCSVC - Started - Automatic - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 
       xmlprov - Stopped - Manual - C:\WINDOWS\System32\svchost.exe -k netsvcs - Microsoft Corporation -  - 

==========================================================================================

Schedule Task

       GoogleUpdateTaskMachineUA.job - GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe - Udruje software Google aktualizovan. Je-li tato loha zakzna nebo zastavena, nebude v software Google udrovn v aktualizovanm stavu. To znamen, e nemus bt opravena zjitn slab msta v zabezpeen a urit funkce nemus fungovat. Pokud tuto lohu dn software Google nepouv, sama se odinstaluje. - Enable - Google Inc.
       GoogleUpdateTaskMachineCore.job - GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe - Udruje software Google aktualizovan. Je-li tato loha zakzna nebo zastavena, nebude v software Google udrovn v aktualizovanm stavu. To znamen, e nemus bt opravena zjitn slab msta v zabezpeen a urit funkce nemus fungovat. Pokud tuto lohu dn software Google nepouv, sama se odinstaluje. - Enable - Google Inc.
       avast! Emergency Update.job - avast! Emergency Update.job - C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe -  - Enable - AVAST Software
       Adobe Flash Player Updater.job - Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe - Tato loha udruje instalaci pehrvae Adobe Flash Player v aktualizovanm stavu s pouitm nejnovjch rozen a oprav zabezpeen. Pi zakzn nebo odebrn tto lohy nebude moci pehrva Adobe Flash Player pout automatick zabezpeen potae pomoc nejnovjch oprav zabezpeen. - Enable - Adobe Systems Incorporated

==========================================================================================

File Association

       .bat - "%1" %* - HKEY_CLASSES_ROOT\.bat
       .cmd - "%1" %* - HKEY_CLASSES_ROOT\.cmd
       .com - "%1" %* - HKEY_CLASSES_ROOT\.com
       .exe - "%1" %* - HKEY_CLASSES_ROOT\.exe
       .scr - "%1" /S - HKEY_CLASSES_ROOT\.scr
       .txt - %SystemRoot%\system32\NOTEPAD.EXE %1 - HKEY_CLASSES_ROOT\.txt
       .ini - %SystemRoot%\System32\NOTEPAD.EXE %1 - HKEY_CLASSES_ROOT\.ini
       .pif - "%1" %* - HKEY_CLASSES_ROOT\.pif
       .reg - regedit.exe "%1" - HKEY_CLASSES_ROOT\.reg
       .inf - %SystemRoot%\System32\NOTEPAD.EXE %1 - HKEY_CLASSES_ROOT\.inf
       .hlp - %SystemRoot%\System32\winhlp32.exe %1 - HKEY_CLASSES_ROOT\.hlp
       .chm - "%SYSTEMROOT%\hh.exe" %1 - HKEY_CLASSES_ROOT\.chm
       .vbs - %SystemRoot%\System32\WScript.exe "%1" %* - HKEY_CLASSES_ROOT\.vbs
       .js - %SystemRoot%\System32\WScript.exe "%1" %* - HKEY_CLASSES_ROOT\.js
       .lnk - lnkfile - HKEY_CLASSES_ROOT\.lnk
       batfile - "%1" %* - HKEY_CLASSES_ROOT\batfile\Shell\Open\Command
       cmdfile - "%1" %* - HKEY_CLASSES_ROOT\cmdfile\Shell\Open\Command
       comfile - "%1" %* - HKEY_CLASSES_ROOT\comfile\Shell\Open\Command
       exefile - "%1" %* - HKEY_CLASSES_ROOT\exefile\Shell\Open\Command
       scrfile - "%1" /S - HKEY_CLASSES_ROOT\scrfile\Shell\Open\Command
       txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1 - HKEY_CLASSES_ROOT\txtfile\Shell\Open\Command
       inifile - %SystemRoot%\System32\NOTEPAD.EXE %1 - HKEY_CLASSES_ROOT\inifile\Shell\Open\Command
       piffile - "%1" %* - HKEY_CLASSES_ROOT\piffile\Shell\Open\Command
       regfile - regedit.exe "%1" - HKEY_CLASSES_ROOT\regfile\Shell\Open\Command
       inffile - %SystemRoot%\System32\NOTEPAD.EXE %1 - HKEY_CLASSES_ROOT\inffile\Shell\Open\Command
       hlpfile - %SystemRoot%\System32\winhlp32.exe %1 - HKEY_CLASSES_ROOT\hlpfile\Shell\Open\Command
       chm.file - "%SYSTEMROOT%\hh.exe" %1 - HKEY_CLASSES_ROOT\chm.file\Shell\Open\Command
       vbsfile - %SystemRoot%\System32\WScript.exe "%1" %* - HKEY_CLASSES_ROOT\vbsfile\Shell\Open\Command
       jsfile - %SystemRoot%\System32\WScript.exe "%1" %* - HKEY_CLASSES_ROOT\jsfile\Shell\Open\Command
       HKCU .txt Progid - %SystemRoot%\system32\NOTEPAD.EXE %1 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
       HKCU .ini Progid - %SystemRoot%\System32\NOTEPAD.EXE %1 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
       HKCU .reg Progid - regedit.exe "%1" - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\OpenWithProgids
       HKCU .inf Progid - %SystemRoot%\System32\NOTEPAD.EXE %1 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
       HKCU .js Progid - %SystemRoot%\System32\WScript.exe "%1" %* - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.js\OpenWithProgids

==========================================================================================

IFEO

       Nothing

==========================================================================================

IME

       Spojen krlovstv -  -  - C:\WINDOWS\system32\KBDUK.DLL - Microsoft Corporation
       esk -  -  - C:\WINDOWS\system32\KBDCZ.DLL - Microsoft Corporation

==========================================================================================

Firewall Rule

       %windir%\Network Diagnostic\xpnetdiag.exe - Domain App - Enabled - 
       %windir%\system32\sessmgr.exe - Domain App - Enabled - 
       %windir%\Network Diagnostic\xpnetdiag.exe - Standard App - Enabled - 
       %windir%\system32\sessmgr.exe - Standard App - Enabled - 
       C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE - Standard App - Enabled - 
       C:\Program Files\Microsoft Office\Office12\GROOVE.EXE - Standard App - Enabled - 
       C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE - Standard App - Enabled - 
       C:\Program Files\Messenger\msmsgs.exe - Standard App - Enabled - 
       C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe - Standard App - Enabled - 
       C:\Program Files\uTorrent\uTorrent.exe - Standard App - Enabled - 
       C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - Standard App - Enabled - 
       C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe - Standard App - Enabled - 
       C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe - Standard App - Enabled - 
       C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe - Standard App - Enabled - 
       C:\Program Files\HP\Digital Imaging\bin\hposid01.exe - Standard App - Enabled - 
       C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe - Standard App - Enabled - 
       C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe - Standard App - Enabled - 
       C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe - Standard App - Enabled - 
       C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe - Standard App - Enabled - 
       C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe - Standard App - Enabled - 
       C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe - Standard App - Enabled - 
       C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe - Standard App - Enabled - 
       C:\Program Files\THQ\Titan Quest\Titan Quest.exe - Standard App - Enabled - 
       C:\WINDOWS\system32\msiexec.exe - Standard App - Enabled - 
       F:\Dokumenty\HRY\World_of_Tanks\WOTLauncher.exe - Standard App - Enabled - 
       F:\Dokumenty\HRY\World_of_Tanks\WorldOfTanks.exe - Standard App - Enabled - 
       C:\WINDOWS\system32\dpvsetup.exe - Standard App - Enabled - 
       F:\Dokumenty\HRY\World_of_Warplanes\WorldOfWarplanes.exe - Standard App - Enabled - 
       C:\Program Files\Skype\Phone\Skype.exe - Standard App - Enabled - 
       1900:UDP - Open Port - Disable - 
       58728:TCP - Open Port - Enabled - 
       58728:UDP - Open Port - Enabled - 
       2869:TCP - Open Port - Disable - 
       3389:TCP - Open Port - Enabled - 
       65533:TCP - Open Port - Enabled - 
       52344:TCP - Open Port - Enabled - 

==========================================================================================

System User Name

       Administrator
       ASPNET
       Guest
       HelpAssistant
       NoName
       SUPPORT_388945a0
       UpdatusUser

==========================================================================================

Scan MBR Rootkit

       MBR OK!
