Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What is this?


  • Please log in to reply
7 replies to this topic

#1 Spartacus1

Spartacus1

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 28 September 2011 - 04:56 PM

Hello to all who read!
I recently got a really bad (what I am suspecting it to be) rookit on my WinXP machine. My PC rebooted numerous times and after a few I got a Fake AV warning. I ran MalwareBytes, SUPERAntiSpyware, ComboFix, and RKill in safe mode and using a different account (I have found that sometimes malware only runs on the user account it was installed on) and they all froze. A complete reinstall of windows only got rid of the message for a few days but rebooting still occoured
Right now I have a LiveCD of Ubuntu running on it so my family can still use it.
Any ideas?
Thanks!
May thou virus bow at thy mercy when you come to me...

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:31 PM

Posted 28 September 2011 - 08:29 PM

Hello having run ComboFix we need to see that and a DDS log.

Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
Skip the GMER step and instead post the latest ComboFix log you have.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Spartacus1

Spartacus1
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 29 September 2011 - 07:14 AM

Thanks boopme for the response.
However, ComboFix wasn't able to create a log, it didn't get far enough.
The DDS I will post soon...
Thanks anyway.

Edited by Spartacus1, 29 September 2011 - 07:15 AM.

May thou virus bow at thy mercy when you come to me...

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:31 PM

Posted 29 September 2011 - 09:11 AM

Possibly a deeper ,MBR rookit.

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Spartacus1

Spartacus1
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 29 September 2011 - 09:46 AM

I just re-ran RKill, nothing found
Currently rescanning with a recently updated version of SUPERAntiSpyware.
To run GMER after SAS's scan
Kaspersky Rescue didn't find anything.

Edited by Spartacus1, 29 September 2011 - 09:48 AM.

May thou virus bow at thy mercy when you come to me...

#6 Spartacus1

Spartacus1
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 29 September 2011 - 04:22 PM

---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwAssignProcessToJobObject [0xA6D7DFC0]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwCreateFile [0xA6D7EA56]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwCreateThread [0xA6F097F0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDebugActiveProcess [0xA6F09AB0]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwDeleteFile [0xA6D7EBD4]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwDeleteKey [0xA6D8227C]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwDeleteValueKey [0xA6D822AE]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDuplicateObject [0xA6F095D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwLoadDriver [0xA6F098B0]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwLoadKey [0xA6D82410]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwOpenFile [0xA6D7EB2C]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwOpenProcess [0xA6D7E104]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwOpenThread [0xA6D7E2F6]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwProtectVirtualMemory [0xA6D7E428]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwQueryValueKey [0xA6D82386]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwQueueApcThread [0xA6F09630]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwRenameKey [0xA6D822F0]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwReplaceKey [0xA6D82322]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwRestoreKey [0xA6D82354]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwSetContextThread [0xA6D7DF66]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwSetInformationFile [0xA6D7EC40]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetInformationThread [0xA6F094F0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSecurityObject [0xA6F09670]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSystemInformation [0xA6F09870]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwSetValueKey [0xA6D82214]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendProcess [0xA6F093B0]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwSuspendThread [0xA6D7DF02]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSystemDebugControl [0xA6F09830]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwTerminateProcess [0xA6D7DE56]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwTerminateThread [0xA6D7DE9E]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwWriteVirtualMemory [0xA6F095F0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAcceptConnectPort [0x805A4630]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheck [0x805F140E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckAndAuditAlarm [0x805F4C44]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByType [0x805F1440]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeAndAuditAlarm [0x805F4C7E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultList [0x805F1476]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarm [0x805F4CC2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarmByHandle [0x805F4D06]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddAtom [0x80615CEE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddBootEntry [0x80616A30]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAdjustGroupsToken [0x805EC80C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAdjustPrivilegesToken [0x805EC464]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlertResumeThread [0x805D4B7E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlertThread [0x805D4B2E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateLocallyUniqueId [0x80616314]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateUserPhysicalPages [0x805B5FB6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateUuids [0x80615930]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateVirtualMemory [0x805A8ABA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAreMappedFilesTheSame [0x805B05CA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCallbackReturn [0x8050189C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelDeviceWakeupRequest [0x80616A22]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelIoFile [0x80576B0A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelTimer [0x80538C30]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwClearEvent [0x8060EEFE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwClose [0x805BC530]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCloseObjectAuditAlarm [0x805F517E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompactKeys [0x80623CC0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompareTokens [0x805F9692]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompleteConnectPort [0x805A4D1E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompressKey [0x80623F14]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwConnectPort [0x805A45D0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwContinue [0x80544EE4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateDebugObject [0x80642A54]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateDirectoryObject [0x805BE4E0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEvent [0x8060EF4E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEventPair [0x806172A6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateIoCompletion [0x80578A86]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateJobObject [0x805D5606]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateJobSet [0x805D533E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKey [0x806240F0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateMailslotFile [0x805791B6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateMutant [0x8061769E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateNamedPipeFile [0x805790E2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreatePagingFile [0x805AB9EE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreatePort [0x805A50EC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProcess [0x805D1230]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProcessEx [0x805D117A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProfile [0x80617ABE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateSection [0x805AB3C8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateSemaphore [0x8061504E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateSymbolicLinkObject [0x805C39FA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateTimer [0x80616F6E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateToken [0x805F9A3A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateWaitablePort [0x805A5110]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDebugContinue [0x80643C80]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDelayExecution [0x80616972]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteAtom [0x806161A4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteObjectAuditAlarm [0x805F528A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeviceIoControlFile [0x8057926E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDisplayString [0x80612FCC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDuplicateToken [0x805ED6BA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateKey [0x8062493C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateSystemEnvironmentValuesEx [0x80616A14]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateValueKey [0x80624BA6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwExtendSection [0x805B3CD6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFilterToken [0x805ED866]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFindAtom [0x80615F58]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushBuffersFile [0x80576D1C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushInstructionCache [0x805B684A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushKey [0x80624E10]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushVirtualMemory [0x805AC71C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushWriteBuffer [0x805B67EC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFreeUserPhysicalPages [0x805B6358]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFreeVirtualMemory [0x805B2FB2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFsControlFile [0x805792A2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetContextThread [0x805D152A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetDevicePowerState [0x805C8684]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetPlugPlayEvent [0x8059913C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetWriteWatch [0x805211AA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwImpersonateAnonymousToken [0x805F9386]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwImpersonateClientOfPort [0x805A517A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwImpersonateThread [0x805D7802]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwInitializeRegistry [0x80622232]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwInitiatePowerAction [0x805C846A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwIsProcessInJob [0x805D5202]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwIsSystemResumeAutomatic [0x805C8670]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwListenPort [0x805A5386]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLoadKey2 [0x80625F20]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockFile [0x805792D6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockProductActivationKeys [0x806135BE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockRegistryKey [0x80623FC0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockVirtualMemory [0x805B6952]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMakePermanentObject [0x805BE2D6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMakeTemporaryObject [0x805BC5D4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapUserPhysicalPages [0x805B5416]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapUserPhysicalPagesScatter [0x805B5966]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapViewOfSection [0x805B203A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeDirectoryFile [0x80579EEE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeKey [0x806262DE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeMultipleKeys [0x80624F12]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenDirectoryObject [0x805BE5B2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenEvent [0x8060F04E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenEventPair [0x8061737E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenIoCompletion [0x80578B5E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenJobObject [0x805D578C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKey [0x806254CE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenMutant [0x80617776]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenObjectAuditAlarm [0x805F4D4C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenProcessToken [0x805EE054]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenProcessTokenEx [0x805EDCB8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSection [0x805AA3EC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSemaphore [0x80615148]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSymbolicLinkObject [0x805C3BE0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenThreadToken [0x805EE072]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenThreadTokenEx [0x805EDE28]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenTimer [0x80617090]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPlugPlayControl [0x80645D22]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPowerInformation [0x805C94F2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrivilegeCheck [0x805F8438]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrivilegeObjectAuditAlarm [0x805F405E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrivilegedServiceAuditAlarm [0x805F424A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPulseEvent [0x8060F106]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryAttributesFile [0x80576EFA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDebugFilterState [0x8053FC16]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDefaultLocale [0x80610CF8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDefaultUILanguage [0x80611958]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDirectoryFile [0x80579E88]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDirectoryObject [0x805BE652]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryEaFile [0x8057A1D6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryEvent [0x8060F1CE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryFullAttributesFile [0x8057704E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationAtom [0x806161CC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationFile [0x8057AA42]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationJobObject [0x805D5C5E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationPort [0x805A53E4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationProcess [0x805CCF94]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationThread [0x805CBBC2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationToken [0x805EE152]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInstallUILanguage [0x806110F6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryIntervalProfile [0x80617F40]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryIoCompletion [0x80578C06]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryKey [0x80625810]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryMultipleValueKey [0x8062323E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryMutant [0x8061781E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryObject [0x805C52CC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryOpenSubKeys [0x806238EA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryPerformanceCounter [0x80617FCE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryQuotaInformationFile [0x8057B824]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySection [0x805B85E0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySecurityObject [0x805C009A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySemaphore [0x80615200]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySymbolicLinkObject [0x805C3C80]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemEnvironmentValue [0x80616A4C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemEnvironmentValueEx [0x80616A06]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemInformation [0x806119D8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemTime [0x80613198]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryTimer [0x80617148]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryTimerResolution [0x8061322A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryVirtualMemory [0x805B8C6E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryVolumeInformationFile [0x8057BD0E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRaiseException [0x80544F2C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRaiseHardError [0x80614E72]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadFile [0x8057C4AE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadFileScatter [0x8057CA18]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadRequestData [0x805A5E6C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadVirtualMemory [0x805B42C2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRegisterThreadTerminatePort [0x805D2798]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseMutant [0x80617956]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseSemaphore [0x80615330]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRemoveIoCompletion [0x80578EFE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRemoveProcessDebug [0x80643C00]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyPort [0x805A54EC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyWaitReceivePort [0x805A64B4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyWaitReceivePortEx [0x805A5EBC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyWaitReplyPort [0x805A57D6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRequestDeviceWakeup [0x805C8602]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRequestPort [0x805A2A4A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRequestWaitReplyPort [0x805A2D76]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRequestWakeupLatency [0x805C8410]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResetEvent [0x8060F2E0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResetWriteWatch [0x80521692]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResumeProcess [0x805D4AD8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResumeThread [0x805D49BA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSaveKey [0x80625BCC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSaveKeyEx [0x80625CB2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSaveMergedKeys [0x80625DDA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSecureConnectPort [0x805A3D64]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDebugFilterState [0x806468B8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDefaultHardErrorPort [0x80614D1C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDefaultLocale [0x80610E48]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDefaultUILanguage [0x806116BA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetEaFile [0x8057A6EA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetEvent [0x8060F3A0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetEventBoostPriority [0x8060F46A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetHighEventPair [0x8061763A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetHighWaitLowEventPair [0x8061756A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationDebugObject [0x806435CA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationJobObject [0x805D696C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationKey [0x80622E0A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationObject [0x805C4842]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationProcess [0x805CDE8A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationToken [0x805FA7B4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetIntervalProfile [0x80617AA2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetIoCompletion [0x80578E9C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetLdtEntries [0x805D3904]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetLowEventPair [0x806175D6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetLowWaitHighEventPair [0x806174FE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetQuotaInformationFile [0x8057B802]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemEnvironmentValue [0x80616CD0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemPowerState [0x80653E18]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemTime [0x806144A0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetThreadExecutionState [0x805C8324]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetTimer [0x80538DC0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetTimerResolution [0x80613972]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetUuidSeed [0x806157E6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetVolumeInformationFile [0x8057C118]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwShutdownSystem [0x80612F90]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSignalAndWaitForSingleObject [0x80526788]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwStartProfile [0x80617CEC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwStopProfile [0x80617E96]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTerminateJobObject [0x805D7500]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTestAlert [0x805D4C42]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTraceEvent [0x80535156]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTranslateFilePath [0x80616A3E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadDriver [0x805842F4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadKey [0x8062298C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadKeyEx [0x80622BAE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnlockFile [0x8057967A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnlockVirtualMemory [0x805B6EE0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnmapViewOfSection [0x805B2E48]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwVdmControl [0x805FBB6C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForDebugEvent [0x80643332]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForMultipleObjects [0x805C07E4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForSingleObject [0x805C06FA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitHighEventPair [0x8061749A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitLowEventPair [0x80617436]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteFile [0x8057CF16]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteFileGather [0x8057D4FA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteRequestData [0x805A5E94]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwYieldExecution [0x80504B08]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKeyedEvent [0x80618512]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKeyedEvent [0x806185FC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseKeyedEvent [0x806186AE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForKeyedEvent [0x8061890A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

INT 0x00 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80542200
INT 0x01 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054237C
INT 0x03 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80542790
INT 0x04 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80542910
INT 0x05 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80542A70
INT 0x06 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80542BE4
INT 0x07 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054325C
INT 0x09 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80543660
INT 0x0A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80543780
INT 0x0B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805438C0
INT 0x0C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80543B20
INT 0x0D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80543E0C
INT 0x0E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544520
INT 0x0F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x10 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544978
INT 0x11 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544AB4
INT 0x12 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x13 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544C1C
INT 0x14 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x15 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x16 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x17 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x18 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x19 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x1A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x1B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x1C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x1D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x1E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x1F \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E710C
INT 0x2A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541A2E
INT 0x2B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541B30
INT 0x2C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541CE0
INT 0x2D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054266C
INT 0x2E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805414B1
INT 0x2F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544858
INT 0x30 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B70
INT 0x31 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B7A
INT 0x32 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B84
INT 0x33 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B8E
INT 0x34 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B98
INT 0x35 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BA2
INT 0x36 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BAC
INT 0x37 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E6864
INT 0x38 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BC0
INT 0x39 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BCA
INT 0x3A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BD4
INT 0x3B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BDE
INT 0x3C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BE8
INT 0x3D \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E7E2C
INT 0x3E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BFC
INT 0x3F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C06
INT 0x40 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C10
INT 0x41 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E7C88
INT 0x42 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C24
INT 0x43 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C2E
INT 0x44 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C38
INT 0x45 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C42
INT 0x46 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C4C
INT 0x47 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C56
INT 0x48 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C60
INT 0x49 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C6A
INT 0x4A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C74
INT 0x4B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C7E
INT 0x4C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C88
INT 0x4D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C92
INT 0x4E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C9C
INT 0x4F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CA6
INT 0x50 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E693C
INT 0x51 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CBA
INT 0x52 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CC4
INT 0x53 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CCE
INT 0x54 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CD8
INT 0x55 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CE2
INT 0x56 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CEC
INT 0x57 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CF6
INT 0x58 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D00
INT 0x59 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D0A
INT 0x5A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D14
INT 0x5B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D1E
INT 0x5C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D28
INT 0x5D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D32
INT 0x5E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D3C
INT 0x5F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D46
INT 0x60 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D50
INT 0x61 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D5A
INT 0x62 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9F1067E
INT 0x63 \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows ® Server 2003 DDK provider) B93B2DFC
INT 0x64 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D78
INT 0x65 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D82
INT 0x66 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D8C
INT 0x67 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D96
INT 0x68 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DA0
INT 0x69 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DAA
INT 0x6A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DB4
INT 0x6B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DBE
INT 0x6C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DC8
INT 0x6D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DD2
INT 0x6E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DDC
INT 0x6F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DE6
INT 0x70 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DF0
INT 0x71 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DFA
INT 0x72 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E04
INT 0x73 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E0E
INT 0x74 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E18
INT 0x75 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E22
INT 0x76 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E2C
INT 0x77 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E36
INT 0x78 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E40
INT 0x79 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E4A
INT 0x7A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E54
INT 0x7B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E5E
INT 0x7C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E68
INT 0x7D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E72
INT 0x7E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E7C
INT 0x7F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E86
INT 0x80 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E90
INT 0x81 \SystemRoot\system32\DRIVERS\tpm.sys (TPM Device Driver/Winbond Electronics Corp.) BA450D14
INT 0x82 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9F1067E
INT 0x83 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation) B93D9CB8
INT 0x83 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation) B9E20E10
INT 0x83 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B9369E54
INT 0x83 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation) B93D9CB8
INT 0x84 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EB8
INT 0x85 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EC2
INT 0x86 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540ECC
INT 0x87 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540ED6
INT 0x88 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EE0
INT 0x89 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EEA
INT 0x8A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EF4
INT 0x8B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EFE
INT 0x8C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F08
INT 0x8D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F12
INT 0x8E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F1C
INT 0x8F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F26
INT 0x90 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F30
INT 0x91 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F3A
INT 0x92 \SystemRoot\system32\DRIVERS\serial.sys (Serial Device Driver/Microsoft Corporation) BA1289C0
INT 0x93 \SystemRoot\system32\DRIVERS\i8042prt.sys (i8042 Port Driver/Microsoft Corporation) B94FB495
INT 0x94 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B9369E54
INT 0x95 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F62
INT 0x96 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F6C
INT 0x97 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F76
INT 0x98 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F80
INT 0x99 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F8A
INT 0x9A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F94
INT 0x9B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F9E
INT 0x9C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FA8
INT 0x9D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FB2
INT 0x9E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FBC
INT 0x9F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FC6
INT 0xA0 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FD0
INT 0xA1 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FDA
INT 0xA2 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FE4
INT 0xA3 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FEE
INT 0xA4 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B9369E54
INT 0xA5 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541002
INT 0xA6 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054100C
INT 0xA7 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541016
INT 0xA8 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541020
INT 0xA9 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054102A
INT 0xAA \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541034
INT 0xAB \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054103E
INT 0xAC \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541048
INT 0xAD \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541052
INT 0xAE \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054105C
INT 0xAF \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541066
INT 0xB0 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541070
INT 0xB1 ACPI.sys (ACPI Driver for NT/Microsoft Corporation) B9F8431E
INT 0xB2 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541084
INT 0xB3 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054108E
INT 0xB4 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B9369E54
INT 0xB5 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410A2
INT 0xB6 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410AC
INT 0xB7 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410B6
INT 0xB8 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410C0
INT 0xB9 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410CA
INT 0xBA \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410D4
INT 0xBB \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410DE
INT 0xBC \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410E8
INT 0xBD \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410F2
INT 0xBE \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410FC
INT 0xBF \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541106
INT 0xC0 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541110
INT 0xC1 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E6AC0
INT 0xC2 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541124
INT 0xC3 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054112E
INT 0xC4 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541138
INT 0xC5 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541142
INT 0xC6 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054114C
INT 0xC7 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541156
INT 0xC8 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541160
INT 0xC9 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054116A
INT 0xCA \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541174
INT 0xCB \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054117E
INT 0xCC \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541188
INT 0xCD \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541192
INT 0xCE \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054119C
INT 0xCF \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411A6
INT 0xD0 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411B0
INT 0xD1 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E62A0
INT 0xD2 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411C4
INT 0xD3 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411CE
INT 0xD4 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411D8
INT 0xD5 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411E2
INT 0xD6 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411EC
INT 0xD7 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411F6
INT 0xD8 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541200
INT 0xD9 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054120A
INT 0xDA \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541214
INT 0xDB \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054121E
INT 0xDC \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541228
INT 0xDD \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541232
INT 0xDE \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054123C
INT 0xDF \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541246
INT 0xE0 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541250
INT 0xE1 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E7048
INT 0xE2 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541264
INT 0xE3 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E6DAC
INT 0xE4 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541278
INT 0xE5 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541282
INT 0xE6 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054128C
INT 0xE7 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541296
INT 0xE8 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412A0
INT 0xE9 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412AA
INT 0xEA \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412B4
INT 0xEB \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412BE
INT 0xEC \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412C8
INT 0xED \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412D2
INT 0xEE \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412D9
INT 0xEF \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412E0
INT 0xF0 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412E7
INT 0xF1 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412EE
INT 0xF2 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412F5
INT 0xF3 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412FC
INT 0xF4 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541303
INT 0xF5 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054130A
INT 0xF6 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541311
INT 0xF7 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541318
INT 0xF8 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054131F
INT 0xF9 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541326
INT 0xFA \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054132D
INT 0xFB \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541334
INT 0xFC \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054133B
INT 0xFD \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E75A8
INT 0xFE \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E7748
INT 0xFF \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

SYSENTER \WINDOWS\system32\ntkrnlpa.exe 80541580

---- Kernel code sections - GMER 1.0.15 ----

.text hal.dll!HalBeginSystemInterrupt + 994 806E88FC 7 Bytes [D4, 03, 9D, 3D, 80, E3, 11]
.text hal.dll!HalBeginSystemInterrupt + 99C 806E8904 10 Bytes [D4, 03, AE, 35, 02, E3, 20, ...]
.text hal.dll!HalBeginSystemInterrupt + 9A7 806E890F 11 Bytes [F0, 5E, 0A, 6A, 09, 1E, 09, ...]
.text hal.dll!HalBeginSystemInterrupt + 9B4 806E891C 4 Bytes [C0, 03, 7D, 25]
.text hal.dll!HalBeginSystemInterrupt + 9B9 806E8921 1 Byte [C0]
.text ...
.text ntkrnlpa.exe!ZwYieldExecution + 31D8 805044CC 4 Bytes [C0, DF, D7, A6] {RCR BH, 0xd7; CMPSB }
.text ntkrnlpa.exe!ZwYieldExecution + 3220 80504514 4 Bytes JMP 8A86A6D7
.text ntkrnlpa.exe!ZwYieldExecution + 3260 80504554 4 Bytes [F0, 97, F0, A6]
.text ntkrnlpa.exe!ZwYieldExecution + 3270 80504564 4 Bytes [B0, 9A, F0, A6]
.text ntkrnlpa.exe!ZwYieldExecution + 3284 80504578 8 Bytes [D4, EB, D7, A6, 7C, 22, D8, ...]
.text ...
.text ntkrnlpa.exe!KeReleaseInStackQueuedSpinLockFromDpcLevel + C72 8054177A 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 2BE 80545CEE 18 Bytes [E0, 25, 7F, FF, FF, FF, 0F, ...]
.text ntkrnlpa.exe!KiDispatchInterrupt + 2D6 80545D06 1 Byte [00]
.text ntkrnlpa.exe!RtlPrefetchMemoryNonTemporal 805466F4 1 Byte [90]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[464] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 00401410 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
UPX1 C:\Documents and Settings\Administrator\My Documents\Downloads\eh2y4s1r.exe[1684] C:\Documents and Settings\Administrator\My Documents\Downloads\eh2y4s1r.exe entry point in "UPX1" section [0x004B8360]
.text C:\WINDOWS\system32\spoolsv.exe[2008] mdimon.dll!InitializePrintMonitor2 00A51410 4 Bytes [9B, ED, 75, 1B] {WAIT ; IN EAX, DX; JNZ 0x1f}
.text C:\WINDOWS\system32\spoolsv.exe[2008] mdippr.dll!ControlPrintProcessor 00D212FC 4 Bytes [B4, E5, 43, 55] {MOV AH, 0xe5; INC EBX; PUSH EBP}

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\wuauclt.exe[448] @ C:\WINDOWS\system32\wucltui.dll [COMCTL32.dll!InitCommonControlsEx] [773D4088] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\system32\wuauclt.exe[448] @ C:\WINDOWS\system32\wuaucpl.cpl [COMCTL32.dll!DestroyPropertySheetPage] [773D7AD7] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\system32\wuauclt.exe[448] @ C:\WINDOWS\system32\wuaucpl.cpl [COMCTL32.dll!PropertySheetW] [773DCF45] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\system32\wuauclt.exe[448] @ C:\WINDOWS\system32\wuaucpl.cpl [COMCTL32.dll!CreatePropertySheetPageW] [773D7E56] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\system32\wuauclt.exe[448] @ C:\WINDOWS\system32\mucltui.dll [COMCTL32.dll!InitCommonControlsEx] [773D4088] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[464] @ C:\WINDOWS\system32\COMDLG32.dll [COMCTL32.dll!PropertySheetW] [773DCF45] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[464] @ C:\WINDOWS\system32\COMDLG32.dll [COMCTL32.dll!CreatePropertySheetPageW] [773D7E56] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[464] @ C:\WINDOWS\system32\COMDLG32.dll [COMCTL32.dll!InitCommonControlsEx] [773D4088] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[464] @ C:\WINDOWS\system32\COMDLG32.dll [COMCTL32.dll!ImageList_GetIconSize] [773E566B] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[464] @ C:\WINDOWS\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Destroy] [773E511F] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[464] @ C:\WINDOWS\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Draw] [773E5468] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[464] @ C:\WINDOWS\system32\COMDLG32.dll [COMCTL32.dll!CreateToolbarEx] [77444B09] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[464] @ C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll [COMCTL32.dll!_TrackMouseEvent] [773D57CD] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[464] @ C:\WINDOWS\system32\RASAPI32.dll [TAPI32.dll!lineGetTranslateCapsW] [76ECFB54] C:\WINDOWS\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[464] @ C:\WINDOWS\system32\RASAPI32.dll [TAPI32.dll!lineGetCountryW] [76EB88E6] C:\WINDOWS\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation)
IAT C:\Program Files\Mozilla Firefox\firefox.exe[464] @ C:\WINDOWS\system32\RASAPI32.dll [TAPI32.dll!lineTranslateAddressW] [76ECFFA2] C:\WINDOWS\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\explorer.exe [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\BROWSEUI.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\OLEAUT32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\SHDOCVW.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\MSASN1.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\CRYPTUI.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\VERSION.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\urlmon.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\iertutil.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\WINTRUST.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\IMAGEHLP.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\WLDAP32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\UxTheme.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\WINMM.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\MSACM32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\IMM32.DLL [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\comctl32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\apphelp.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\msctfime.ime [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\CLBCATQ.DLL [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\System32\cscui.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\System32\CSCDLL.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\themeui.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\LINKINFO.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\ntshrui.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\ATL.DLL [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\NETSHELL.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\credui.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\WTSAPI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\eappcfg.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\msi.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\SETUPAPI.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\ieframe.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\MLANG.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\webcheck.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\stobject.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\BatMeter.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\upnpui.dll [COMCTL32.dll!PropertySheetW] [773DCF45] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\upnpui.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\WINHTTP.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\WPDShServiceObj.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\mydocs.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\PortableDeviceTypes.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\PortableDeviceApi.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\MPR.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\System32\ntlanman.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\System32\NETUI0.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\System32\davclnt.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\DUSER.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\explorer.exe[472] @ C:\WINDOWS\system32\SXS.DLL [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\notepad.exe[808] @ C:\WINDOWS\system32\notepad.exe [COMCTL32.dll!CreateStatusWindowW] [773DD270] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\system32\notepad.exe[808] @ C:\WINDOWS\system32\comdlg32.dll [COMCTL32.dll!PropertySheetW] [773DCF45] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\system32\notepad.exe[808] @ C:\WINDOWS\system32\comdlg32.dll [COMCTL32.dll!CreatePropertySheetPageW] [773D7E56] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\system32\notepad.exe[808] @ C:\WINDOWS\system32\comdlg32.dll [COMCTL32.dll!InitCommonControlsEx] [773D4088] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\system32\notepad.exe[808] @ C:\WINDOWS\system32\comdlg32.dll [COMCTL32.dll!ImageList_GetIconSize] [773E566B] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\system32\notepad.exe[808] @ C:\WINDOWS\system32\comdlg32.dll [COMCTL32.dll!ImageList_Destroy] [773E511F] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\system32\notepad.exe[808] @ C:\WINDOWS\system32\comdlg32.dll [COMCTL32.dll!ImageList_Draw] [773E5468] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\system32\notepad.exe[808] @ C:\WINDOWS\system32\comdlg32.dll [COMCTL32.dll!CreateToolbarEx] [77444B09] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1512] @ C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [COMCTL32.dll!InitCommonControlsEx] [773D4088] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1840] @ C:\WINDOWS\system32\RASAPI32.dll [TAPI32.dll!lineGetTranslateCapsW] [76ECFB54] C:\WINDOWS\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1840] @ C:\WINDOWS\system32\RASAPI32.dll [TAPI32.dll!lineGetCountryW] [76EB88E6] C:\WINDOWS\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[1840] @ C:\WINDOWS\system32\RASAPI32.dll [TAPI32.dll!lineTranslateAddressW] [76ECFFA2] C:\WINDOWS\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)

Device \FileSystem\Fastfat \FatCdrom Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device \FileSystem\Fastfat \FatCdrom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fastfat \FatCdrom Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device \FileSystem\Fastfat \FatCdrom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Mup \Dfs Mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \FileSystem\Mup \Dfs Mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \Driver\Beep \Device\Beep Beep.SYS (BEEP Driver/Microsoft Corporation)
Device \Driver\Beep \Device\Beep ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000019
Device \Device\00000025
Device \Device\00000032
Device \Driver\RasPppoe \Device\{B41A593D-2B4A-469D-B086-0914AEF3EF09} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\KSecDD \Device\KsecDD KSecDD.sys (Kernel Security Support Provider Interface/Microsoft Corporation)
Device \Driver\KSecDD \Device\KsecDD ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\NDIS \Device\Ndis NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Device\00000026
Device \Device\00000033
Device \FileSystem\NetBIOS \Device\Netbios netbios.sys (NetBIOS interface driver/Microsoft Corporation)
Device \FileSystem\NetBIOS \Device\Netbios ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\smi2 \Device\SMI2Services smi2.sys (SMI BIOS driver/IBM Corp.)
Device \Driver\smi2 \Device\SMI2Services ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Tcpip \Device\Ip tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Device\00000027
Device \Device\00000034
Device \Driver\TermDD \Device\RDP_CONSOLE0 termdd.sys (Terminal Server Driver/Microsoft Corporation)
Device \Driver\psadd \Device\PsaDD0 psadd.sys (SMBIOS Driver/Lenovo (United States) Inc.)
Device \Driver\psadd \Device\PsaDD0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000040
Device \Device\00000028
Device \Device\00000035
Device \Driver\TermDD \Device\RDP_CONSOLE1 termdd.sys (Terminal Server Driver/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000041 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000041 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\ehdrv
Device \Device\Video0
Device \Driver\Fips \Device\Fips Fips.SYS (FIPS Crypto Driver/Microsoft Corporation)
Device \Driver\Fips \Device\Fips ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\VMnetAdapter \Device\{D24A6BA1-904E-44EF-8DB0-0F7B581C7E26} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\Kbdclass \Device\KeyboardClass0 kbdclass.sys (Keyboard Class Driver/Microsoft Corporation)
Device \Driver\Kbdclass \Device\KeyboardClass0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000029
Device \Device\00000036
Device \Driver\NDProxy \Device\NDProxy NDProxy.SYS (NDIS Proxy/Microsoft Corporation)
Device \Driver\NDProxy \Device\NDProxy ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000042 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000042 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\Video1
Device \Driver\Kbdclass \Device\KeyboardClass1 kbdclass.sys (Keyboard Class Driver/Microsoft Corporation)
Device \Driver\Kbdclass \Device\KeyboardClass1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\0000000a
Device \Device\00000037
Device \Device\RdpDrDvMgr
Device \Driver\PnpManager \Device\00000043 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000043 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000050 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000050 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Serial \Device\Serial0 serial.sys (Serial Device Driver/Microsoft Corporation)
Device \Driver\Serial \Device\Serial0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Mouclass \Device\PointerClass0 mouclass.sys (Mouse Class Driver/Microsoft Corporation)
Device \Driver\Mouclass \Device\PointerClass0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\Video2
Device \Device\0000000b
Device \Device\00000038
Device \Device\Processor
Device \Driver\PnpManager \Device\00000044 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000044 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\PointerClass1
Device \Device\Video3
Device \Driver\usbuhci \Device\USBPDO-0 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-0 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\PROCDD \Device\ProcDD PROCDD.SYS (IPS Helper Driver/Lenovo Ltd.)
Device \Driver\PROCDD \Device\ProcDD ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\0000000c
Device \Device\00000039
Device \Driver\ACPI_HAL \Device\00000052 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\00000052 hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\dmio \Device\DmControl\DmIoDaemon dmio.sys (NT Disk Manager I/O Driver/Microsoft Corp., Veritas Software)
Device \Driver\dmio \Device\DmControl\DmIoDaemon ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\dmio \Device\DmControl\DmConfig dmio.sys (NT Disk Manager I/O Driver/Microsoft Corp., Veritas Software)
Device \Driver\dmio \Device\DmControl\DmConfig ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\dmio \Device\DmControl\DmPnP dmio.sys (NT Disk Manager I/O Driver/Microsoft Corp., Veritas Software)
Device \Driver\dmio \Device\DmControl\DmPnP ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\dmio \Device\DmControl\DmInfo dmio.sys (NT Disk Manager I/O Driver/Microsoft Corp., Veritas Software)
Device \Driver\dmio \Device\DmControl\DmInfo ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000045 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000045 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\i
Device \Driver\usbuhci \Device\USBPDO-1 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-1 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\rdpdr \Device\RdpDrPort rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-2 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-2 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\ACPI \Device\00000060 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0001 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0001 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-3 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-3 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\RasAcd \Device\RasAcd rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation)
Device \Driver\RasAcd \Device\RasAcd ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000061 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\GEARAspiWDM \Device\GEARAspiWDMDevice GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.)
Device \Driver\PSched \Device\PSched NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0002 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0002 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000048 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000048 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-4 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-4 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-4 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\Tcpip \Device\Tcp tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Driver\Parport \Device\ParallelPort0 parport.sys (Parallel Port Driver/Microsoft Corporation)
Device \Driver\Parport \Device\ParallelPort0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000056 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0003 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0003 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\e1express \Device\INTELPRO_{F0EB35E8-EE91-4F3C-BDD5-B08705047636} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0010 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0010 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\i2omgmt \Device\I2OExec i2omgmt.SYS (I2O Utility Filter/Microsoft Corporation)
Device \Driver\i2omgmt \Device\I2OExec ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pelusblf \Device\PrimaxUSBMouseLowFilterDriver pelusblf.sys (USB Mouse Low Filter Driver(Win2000 only)/Primax Electronics Ltd.)
Device \Driver\PnpManager \Device\00000049 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000049 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000057 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\ACPI \Device\00000063 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\rdpdr \Device\RdpDr rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation)
Device \Driver\PSched \Device\{A8C8DEE7-4AB0-493E-8639-150E13015496} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\LVUSBSta \Device\LogiUSBSta LVUSBSta.sys (USB Statistic Driver/Logitech Inc.)
Device \Driver\ACPI \Device\00000070 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\VMnetAdapter \Device\{901B6FE8-607C-44C9-8F78-81D721285CBB} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-6 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-6 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-6 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\IpFilterDriver \Device\IPFILTERDRIVER ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume1 ftdisk.sys (FT Disk Driver/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0012 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0012 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\ACPI \Device\00000058 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\RapportEI \Device\rapport_service_early_injection RapportEI.sys (RapportEI/Trusteer Ltd.)
Device \Driver\usbhub \Device\USBPDO-7 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-7 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-7 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\ACPI \Device\00000059 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\TermDD \Device\Termdd termdd.sys (Terminal Server Driver/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0006 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0006 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \FileSystem\Rdbss \Device\FsWrap rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
Device \FileSystem\Rdbss \Device\FsWrap ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume2 ftdisk.sys (FT Disk Driver/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Cdrom \Device\CdRom0 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Cdrom \Device\CdRom0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort1 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde0Channel0-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde0Channel0-0 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde0Channel1-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde0Channel1-1 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation)
Device \Device\Ide\PciIde0
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\isapnp \Device\00000066 isapnp.sys (PNP ISA Bus Driver/Microsoft Corporation)
Device \Driver\isapnp \Device\00000066 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000073 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0007 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0007 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\Parport \Device\Parallel0 parport.sys (Parallel Port Driver/Microsoft Corporation)
Device \Driver\Parport \Device\Parallel0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Cdrom \Device\CdRom1 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Cdrom \Device\CdRom1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Modem \Device\00000080 Modem.SYS (Modem Device Driver/Microsoft Corporation)
Device \Driver\Modem \Device\00000080 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\LgBttPort \Device\LGSIVPORT1 lgbtport.sys (LG Bluetooth Transport Driver/LG Electronics Inc.)
Device \Driver\ACPI \Device\00000074 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0015 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0015 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0008 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0008 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\PxHelp20 \Device\PxHelperDevice0 PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions)
Device \Driver\TPM \Device\Tpm tpm.sys (TPM Device Driver/Winbond Electronics Corp.)
Device \Driver\TPM \Device\Tpm ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0009 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0009 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\ACPI \Device\00000075 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\ACPI \Device\00000076 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004a ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004a ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000077 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\usbhub \Device\00000083 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000083 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\00000083 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\NetBT \Device\NetBt_Wins_Export netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBt_Wins_Export ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\hcmon \Device\hcmon hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\hcmon \Device\hcmon ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000078 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\00000084 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000084 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\00000084 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\pwwdqfob \Device\pwwdqfob pwwdqfob.sys
Device \Driver\pwwdqfob \Device\pwwdqfob ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\LGVMODEM \Device\LGSIVMDM1 lgvmodem.sys (LG Virtual Modem Driver/LG Electronics Inc.)
Device \Driver\usbhub \Device\00000085 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000085 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\00000085 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\NetBT \Device\NetbiosSmb netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetbiosSmb ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000005a ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\usbhub \Device\00000086 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000086 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\00000086 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\RapportPG \Device\rapport_service_process_guard RapportPG.sys (RapportPG/Trusteer Ltd.)
Device \Driver\ibmfilter \Device\IBMFilter ibmfilter.sys (IBM Rescue and Recovery filter driver/IBM)
Device \Driver\MountMgr \Device\MountPointManager MountMgr.sys (Mount Manager/Microsoft Corporation)
Device \Driver\MountMgr \Device\MountPointManager ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004e ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004e ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\00000087 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000087 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\00000087 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\SASDIFSV \Device\SASDIFSV SASDIFSV.SYS (SASDIFSV.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com)
Device \Driver\SASDIFSV \Device\SASDIFSV ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\EGATHDRV \Device\egathdrv EGATHDRV.SYS (IBM eGatherer Kernel Module/IBM Corporation)
Device \Driver\EGATHDRV \Device\egathdrv ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pelmouse \Device\PrimaxPointingDeviceFilter pelmouse.sys (Mouse Suite Driver (For Windows 2000 and Whistler Only)/Primax Electronics Ltd.)
Device \Driver\Wanarp \Device\WANARP wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation)
Device \FileSystem\Mup \Device\Mup Mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \FileSystem\Mup \Device\Mup Mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \Driver\Tcpip \Device\Udp tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Driver\ACPI \Device\0000005d ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\usbhub \Device\00000089 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000089 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\00000089 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Device\Harddisk0\DP(1)0x7e00-0x11cd802200+1
Device \Device\Harddisk0\DP(2)0x11cd80a000-0xd4c66400+2
Device \Driver\Disk \Device\Harddisk0\DR0 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk0\DR0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000005e ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\NdisWan \Device\NdisWanIp NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\SASKUTIL \Device\SASKUTIL SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com)
Device \Driver\SASKUTIL \Device\SASKUTIL ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Tcpip \Device\RawIp tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Driver\ACPI \Device\0000005f ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\ACPI \Device\0000006b ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\RapportCerberus_29574 \Device\rapport_cerberus_v2_29574 RapportCerberus32_29574.sys
Device \Driver\RapportCerberus_29574 \Device\rapport_cerberus_v2_29574 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\cpuz134 \Device\cpuz134 cpuz134_x32.sys (CPUID Driver/Windows ® Win 7 DDK provider)
Device \Driver\cpuz134 \Device\cpuz134 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000003 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000003 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\RapportKELL \Device\rapport_akl_ll RapportKELL.sys (RapportKE/Trusteer Ltd.)
Device \Driver\Null \Device\Null Null.SYS (NULL Driver/Microsoft Corporation)
Device \Driver\Null \Device\Null ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pmem \Device\PMEM pmemnt.sys (Physical Memory Driver/Microsoft Corporation)
Device \Driver\pmem \Device\PMEM ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{901B6FE8-607C-44C9-8F78-81D721285CBB} netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{901B6FE8-607C-44C9-8F78-81D721285CBB} ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-0 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-0 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\Ptilink \Device\ParTechInc0 ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.)
Device \Driver\Ptilink \Device\ParTechInc0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\IPSec \Device\IPSEC ipsec.sys (IPSec Driver/Microsoft Corporation)
Device \Driver\IPSec \Device\IPSEC ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-1 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-1 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\dmload \Device\DmLoader dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.)
Device \Driver\dmload \Device\DmLoader ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000007b ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\NdisTapi \Device\NdisTapi ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation)
Device \Driver\NdisTapi \Device\NdisTapi ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\NdisWan \Device\NdisWan NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\PSched \Device\{2F0135D4-7706-4AE7-A51C-F370FEED5A2B} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\Tcpip \Device\IPMULTICAST tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{D24A6BA1-904E-44EF-8DB0-0F7B581C7E26} netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{D24A6BA1-904E-44EF-8DB0-0F7B581C7E26} ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-2 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-2 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\ACPI \Device\0000007c ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\Gpc \Device\Gpc msgpc.sys (MS General Packet Classifier/Microsoft Corporation)
Device \FileSystem\MRxSmb \Device\LanmanRedirector mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-3 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-3 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\Ftdisk \Device\FtControl ftdisk.sys (FT Disk Driver/Microsoft Corporation)
Device \Driver\Ftdisk \Device\FtControl ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000007d ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\epfwtdir \Device\EpfwRedirector epfwtdir.sys (ESET Antivirus Network Redirector/ESET)
Device \Driver\vstor2-ws60 \Device\vstor2-ws60 vstor2-ws60.sys (VMware Virtual Storage Volume Driver/VMware, Inc.)
Device \Driver\vstor2-ws60 \Device\vstor2-ws60 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Npfs \Device\NamedPipe Npfs.SYS (NPFS Driver/Microsoft Corporation)
Device \FileSystem\Npfs \Device\NamedPipe ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-4 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-4 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-4 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\lgbusenum \Device\0000007e lgbtbus.sys (LG BT Bus Enumerator/LG Electronics Inc.)
Device \Driver\lgbusenum \Device\0000007e ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbccgp \Device\0000008a usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation)
Device \Driver\usbccgp \Device\0000008a ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Msfs \Device\Mailslot Msfs.SYS (Mailslot driver/Microsoft Corporation)
Device \FileSystem\Msfs \Device\Mailslot ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PrivateDisk \Device\PrivateDisk PrivateDiskM.sys (SafeGuard® PrivateDisk Driver/Utimaco Safeware AG)
Device \Driver\PrivateDisk \Device\PrivateDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\AFD \Device\Afd afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation)
Device \Driver\lgbusenum \Device\0000007f lgbtbus.sys (LG BT Bus Enumerator/LG Electronics Inc.)
Device \Driver\lgbusenum \Device\0000007f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\e1express \Device\{F0EB35E8-EE91-4F3C-BDD5-B08705047636} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{F0EB35E8-EE91-4F3C-BDD5-B08705047636} netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{F0EB35E8-EE91-4F3C-BDD5-B08705047636} ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Mup \Device\WinDfs\Root Mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \FileSystem\Mup \Device\WinDfs\Root Mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \Driver\PptpMiniport \Device\{F68E36F0-C28B-4848-AA65-02DA66767B30} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \FileSystem\Fastfat \Fat Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device \FileSystem\Fastfat \Fat ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fastfat \Fat Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device \FileSystem\Fastfat \Fat ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Filters\FltMgrMsg
Device \FileSystem\Filters\SystemRestore
Device \FileSystem\FltMgr \FileSystem\Filters\FltMgr fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

---- Modules - GMER 1.0.15 ----

Module \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 804D7000-806E5000 (2154496 bytes)
Module \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E5000-80705D00 (134400 bytes)
Module \WINDOWS\system32\KDCOM.DLL (Kernel Debugger HW Extension DLL/Microsoft Corporation) BA5A8000-BA5AA000 (8192 bytes)
Module \WINDOWS\system32\BOOTVID.dll (VGA Boot Driver/Microsoft Corporation) BA4B8000-BA4BB000 (12288 bytes)
Module ACPI.sys (ACPI Driver for NT/Microsoft Corporation) B9F79000-B9FA7000 (188416 bytes)
Module \WINDOWS\system32\DRIVERS\WMILIB.SYS (WMILIB WMI support library Dll/Microsoft Corporation) BA5AA000-BA5AC000 (8192 bytes)
Module pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) B9F68000-B9F79000 (69632 bytes)
Module isapnp.sys (PNP ISA Bus Driver/Microsoft Corporation) BA0A8000-BA0B2000 (40960 bytes)
Module pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) BA670000-BA671000 (4096 bytes)
Module \WINDOWS\system32\DRIVERS\PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation) BA328000-BA32F000 (28672 bytes)
Module MountMgr.sys (Mount Manager/Microsoft Corporation) BA0B8000-BA0C3000 (45056 bytes)
Module ftdisk.sys (FT Disk Driver/Microsoft Corporation) B9F49000-B9F68000 (126976 bytes)
Module dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) BA5AC000-BA5AE000 (8192 bytes)
Module dmio.sys (NT Disk Manager I/O Driver/Microsoft Corp., Veritas Software) B9F23000-B9F49000 (155648 bytes)
Module PartMgr.sys (Partition Manager/Microsoft Corporation) BA330000-BA335000 (20480 bytes)
Module VolSnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) BA0C8000-BA0D5000 (53248 bytes)
Module atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9F0B000-B9F23000 (98304 bytes)
Module disk.sys (PnP Disk Driver/Microsoft Corporation) BA0D8000-BA0E1000 (36864 bytes)
Module \WINDOWS\system32\DRIVERS\CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation) BA0E8000-BA0F5000 (53248 bytes)
Module fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) B9EEB000-B9F0B000 (131072 bytes)
Module sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation) B9ED9000-B9EEB000 (73728 bytes)
Module PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) BA0F8000-BA101000 (36864 bytes)
Module KSecDD.sys (Kernel Security Support Provider Interface/Microsoft Corporation) B9EC2000-B9ED9000 (94208 bytes)
Module Ntfs.sys (NT File System Driver/Microsoft Corporation) B9E35000-B9EC2000 (577536 bytes)
Module NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation) B9E08000-B9E35000 (184320 bytes)
Module RapportKELL.sys (RapportKE/Trusteer Ltd.) BA108000-BA114000 (49152 bytes)
Module Mup.sys (Multiple UNC Provider driver/Microsoft Corporation) B9DEE000-B9E08000 (106496 bytes)
Module \SystemRoot\system32\DRIVERS\intelppm.sys (Processor Device Driver/Microsoft Corporation) B950B000-B9514000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\igxpmp32.sys (Intel Graphics Miniport Driver/Intel Corporation) B93EC000-B94FB000 (1110016 bytes)
Module \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation) B93D8000-B93EC000 (81920 bytes)
Module \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows ® Server 2003 DDK provider) B93B0000-B93D8000 (163840 bytes)
Module \SystemRoot\system32\DRIVERS\e1e5132.sys (Intel® PRO/1000 Adapter NDIS 5.2 deserialized driver/Intel Corporation) B9373000-B93B0000 (249856 bytes)
Module \SystemRoot\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) BA428000-BA42E000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B934F000-B9373000 (147456 bytes)
Module \SystemRoot\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) BA430000-BA438000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\i8042prt.sys (i8042 Port Driver/Microsoft Corporation) B94FB000-B9508000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\kbdclass.sys (Keyboard Class Driver/Microsoft Corporation) BA438000-BA43E000 (24576 bytes)
Module \??\C:\WINDOWS\system32\drivers\VMkbd.sys (VMware keyboard filter driver (32-bit)/VMware, Inc.) BA440000-BA445000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) BA448000-BA44F000 (28672 bytes)
Module \SystemRoot\system32\DRIVERS\serial.sys (Serial Device Driver/Microsoft Corporation) BA128000-BA138000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) BA58C000-BA590000 (16384 bytes)
Module \SystemRoot\system32\DRIVERS\parport.sys (Parallel Port Driver/Microsoft Corporation) B933B000-B934F000 (81920 bytes)
Module \SystemRoot\system32\DRIVERS\tpm.sys (TPM Device Driver/Winbond Electronics Corp.) BA450000-BA455000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) BA138000-BA148000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\redbook.sys (Redbook Audio Filter Driver/Microsoft Corporation) BA148000-BA157000 (61440 bytes)
Module \SystemRoot\system32\DRIVERS\ks.sys (Kernel CSA Library/Microsoft Corporation) B9318000-B933B000 (143360 bytes)
Module \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) BA458000-BA45E000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) BA158000-BA163000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) BA76F000-BA770000 (4096 bytes)
Module \SystemRoot\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) BA1B8000-BA1C5000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) BA594000-BA597000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) B92B3000-B92CA000 (94208 bytes)
Module \SystemRoot\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) BA1C8000-BA1D3000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) BA1D8000-BA1E4000 (49152 bytes)
Module \SystemRoot\system32\DRIVERS\TDI.SYS (TDI Wrapper/Microsoft Corporation) BA460000-BA465000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) B92A2000-B92B3000 (69632 bytes)
Module \SystemRoot\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) BA1E8000-BA1F1000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) BA468000-BA46D000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\raspti.sys (PTI DirectParallel® mini-port/call-manager driver/Microsoft Corporation) BA470000-BA475000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) B731B000-B734B000 (196608 bytes)
Module \SystemRoot\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) BA1F8000-BA202000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) BA478000-BA47E000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\psadd.sys (SMBIOS Driver/Lenovo (United States) Inc.) BA480000-BA486000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) BA5F0000-BA5F2000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) B72BD000-B731B000 (385024 bytes)
Module \SystemRoot\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) B9DB1000-B9DB5000 (16384 bytes)
Module \SystemRoot\system32\DRIVERS\lgbtbus.sys (LG BT Bus Enumerator/LG Electronics Inc.) B9DAD000-B9DB0000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\vmnetadapter.sys (VMware virtual network adapter driver (32-bit)/VMware, Inc.) B9DA9000-B9DAC000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\VMNET.SYS (VMware virtual network driver (32-bit)/VMware, Inc.) B9DA5000-B9DA8000 (12288 bytes)
Module \SystemRoot\System32\Drivers\NDProxy.SYS (NDIS Proxy/Microsoft Corporation) BA228000-BA232000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\lgvmodem.sys (LG Virtual Modem Driver/LG Electronics Inc.) BA54C000-BA550000 (16384 bytes)
Module \SystemRoot\System32\Drivers\Modem.SYS (Modem Device Driver/Microsoft Corporation) BA488000-BA490000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\lgbtport.sys (LG Bluetooth Transport Driver/LG Electronics Inc.) BA550000-BA553000 (12288 bytes)
Module \SystemRoot\system32\drivers\ADIHdAud.sys (High Definition Audio Function Driver(Release Candidate 1)/Analog Devices, Inc.) A71A6000-A71D5000 (192512 bytes)
Module \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation) A7182000-A71A6000 (147456 bytes)
Module \SystemRoot\system32\drivers\drmk.sys (Microsoft Kernel DRM Descrambler Filter/Microsoft Corporation) BA258000-BA267000 (61440 bytes)
Module \SystemRoot\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) BA278000-BA287000 (61440 bytes)
Module \SystemRoot\system32\DRIVERS\USBD.SYS (Universal Serial Bus Driver/Microsoft Corporation) BA5FA000-BA5FC000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\flpydisk.sys (Floppy Driver/Microsoft Corporation) BA490000-BA495000 (20480 bytes)
Module \SystemRoot\System32\Drivers\i2omgmt.SYS (I2O Utility Filter/Microsoft Corporation) BA568000-BA56B000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\pelusblf.sys (USB Mouse Low Filter Driver(Win2000 only)/Primax Electronics Ltd.) BA570000-BA573000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\pelmouse.sys (Mouse Suite Driver (For Windows 2000 and Whistler Only)/Primax Electronics Ltd.) BA574000-BA578000 (16384 bytes)
Module \SystemRoot\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) BA57C000-BA57F000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\HIDCLASS.SYS (Hid Class Library/Microsoft Corporation) BA298000-BA2A1000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\HIDPARSE.SYS (Hid Parsing Library/Microsoft Corporation) BA498000-BA49F000 (28672 bytes)
Module \SystemRoot\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) BA4A0000-BA4A8000 (32768 bytes)
Module \??\C:\Documents_and_Settings\All_Users\Application_Data\Trusteer\Rapport\store\exts\RapportCerberus\29574\RapportCerberus32_29574.sys A6F28000-A6F5B000 (208896 bytes)
Module \SystemRoot\System32\Drivers\Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) BA5FC000-BA5FE000 (8192 bytes)
Module \SystemRoot\System32\Drivers\Null.SYS (NULL Driver/Microsoft Corporation) BA73F000-BA740000 (4096 bytes)
Module \SystemRoot\System32\Drivers\Beep.SYS (BEEP Driver/Microsoft Corporation) BA5FE000-BA600000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) A6F08000-A6F28000 (131072 bytes)
Module \SystemRoot\system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) BA580000-BA583000 (12288 bytes)
Module \SystemRoot\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) BA4B0000-BA4B6000 (24576 bytes)
Module \SystemRoot\System32\Drivers\mnmdd.SYS (Frame buffer simulator/Microsoft Corporation) BA600000-BA602000 (8192 bytes)
Module \SystemRoot\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) BA602000-BA604000 (8192 bytes)
Module \SystemRoot\System32\Drivers\Msfs.SYS (Mailslot driver/Microsoft Corporation) BA340000-BA345000 (20480 bytes)
Module \SystemRoot\System32\Drivers\Npfs.SYS (NPFS Driver/Microsoft Corporation) BA360000-BA368000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) BA584000-BA587000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) A6ED5000-A6EE8000 (77824 bytes)
Module \SystemRoot\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) A6E7C000-A6ED5000 (364544 bytes)
Module \SystemRoot\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) A6E54000-A6E7C000 (163840 bytes)
Module \SystemRoot\system32\DRIVERS\epfwtdir.sys (ESET Antivirus Network Redirector/ESET) A6E12000-A6E2C000 (106496 bytes)
Module \SystemRoot\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) BA2A8000-BA2B1000 (36864 bytes)
Module \SystemRoot\System32\drivers\ws2ifsl.sys (Winsock2 IFS Layer/Microsoft Corporation) B7363000-B7366000 (12288 bytes)
Module \SystemRoot\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) A6DF0000-A6E12000 (139264 bytes)
Module \SystemRoot\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) BA2B8000-BA2C1000 (36864 bytes)
Module \??\C:\Program_Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) A6DCE000-A6DF0000 (139264 bytes)
Module \??\C:\Program_Files\SUPERAntiSpyware\SASDIFSV.SYS (SASDIFSV.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) BA370000-BA376000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) A6DA3000-A6DCE000 (176128 bytes)
Module \??\C:\Program_Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) A6D7D000-A6DA3000 (155648 bytes)
Module \??\C:\Program_Files\Trusteer\Rapport\bin\RapportEI.sys (RapportEI/Trusteer Ltd.) BA2D8000-BA2E8000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) A6D0D000-A6D7D000 (458752 bytes)
Module \SystemRoot\System32\Drivers\Fips.SYS (FIPS Crypto Driver/Microsoft Corporation) BA2E8000-BA2F3000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\LVMVDrv.sys (Logitech Machine Vision Engine Loader/Logitech Inc.) A6B03000-A6D0D000 (2138112 bytes)
Module \SystemRoot\system32\drivers\LVUSBSta.sys (USB Statistic Driver/Logitech Inc.) BA2F8000-BA301000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\Camdrl.sys (Universal Serial Bus Camera Driver/Logitech Inc.) A695E000-A6A63000 (1069056 bytes)
Module \SystemRoot\system32\drivers\usbaudio.sys (USB Audio Class Driver/Microsoft Corporation) BA308000-BA317000 (61440 bytes)
Module \SystemRoot\System32\Drivers\Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation) B954B000-B955B000 (65536 bytes)
Module \SystemRoot\System32\Drivers\dump_atapi.sys A6946000-A695E000 (98304 bytes)
Module \SystemRoot\System32\Drivers\dump_WMILIB.SYS BA5E8000-BA5EA000 (8192 bytes)
Module \SystemRoot\System32\win32k.sys (Multi-User Win32 Driver/Microsoft Corporation) BF800000-BF9C6000 (1859584 bytes)
Module \SystemRoot\System32\drivers\Dxapi.sys (DirectX API Driver/Microsoft Corporation) A70DA000-A70DD000 (12288 bytes)
Module \SystemRoot\System32\watchdog.sys (Watchdog Driver/Microsoft Corporation) BA3E0000-BA3E5000 (20480 bytes)
Module \SystemRoot\System32\drivers\dxg.sys (DirectX Graphics Driver/Microsoft Corporation) BF000000-BF012000 (73728 bytes)
Module \SystemRoot\System32\drivers\dxgthk.sys (DirectX Graphics Driver Thunk/Microsoft Corporation) BA79B000-BA79C000 (4096 bytes)
Module \SystemRoot\System32\igxpgd32.dll (Intel Graphics 2D Driver/Intel Corporation) BF022000-BF049000 (159744 bytes)
Module \SystemRoot\System32\igxprd32.dll (Intel Graphics 2D Rotation Driver/Intel Corporation) BF012000-BF022000 (65536 bytes)
Module \SystemRoot\System32\igxpdv32.DLL (Component GHAL Driver/Intel Corporation) BF049000-BF188000 (1306624 bytes)
Module \SystemRoot\System32\igxpdx32.DLL (DirectDraw® Driver for Intel® Graphics Technology/Intel Corporation) BF188000-BF38E000 (2121728 bytes)
Module \SystemRoot\system32\DRIVERS\eamon.sys (Amon monitor/ESET) A673B000-A6806000 (831488 bytes)
Module \SystemRoot\System32\ATMFD.DLL (Windows NT OpenType/Type 1 Font Driver/Adobe Systems Incorporated) BF38E000-BF3D5000 (290816 bytes)
Module \??\C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes' Anti-Malware/Malwarebytes Corporation) BA4CC000-BA4D0000 (16384 bytes)
Module \SystemRoot\system32\DRIVERS\vmnetbridge.sys (VMware bridge driver (32-bit)/VMware, Inc.) BA398000-BA39F000 (28672 bytes)
Module \??\C:\WINDOWS\system32\drivers\hcmon.sys (VMware USB monitor/VMware, Inc.) A6A83000-A6A8D000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\PROCDD.SYS (IPS Helper Driver/Lenovo Ltd.) BA3C0000-BA3C7000 (28672 bytes)
Module \??\C:\WINDOWS\system32\Drivers\vmci.sys (VMware kernel driver/VMware, Inc.) A6A73000-A6A83000 (65536 bytes)
Module \??\C:\WINDOWS\system32\Drivers\VMparport.sys (VMware parallel port driver/VMware, Inc.) BA3D0000-BA3D5000 (20480 bytes)
Module \??\C:\WINDOWS\system32\Drivers\vmx86.sys (VMware kernel driver/VMware, Inc.) A64DC000-A65AB000 (847872 bytes)
Module \??\C:\WINDOWS\system32\drivers\cpuz134_x32.sys (CPUID Driver/Windows ® Win 7 DDK provider) A671B000-A671F000 (16384 bytes)
Module \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS (IBM eGatherer Kernel Module/IBM Corporation) BA66A000-BA66C000 (8192 bytes)
Module \??\C:\WINDOWS\system32\drivers\ibmfilter.sys (IBM Rescue and Recovery filter driver/IBM) A6703000-A6707000 (16384 bytes)
Module \??\C:\WINDOWS\System32\drivers\pmemnt.sys (Physical Memory Driver/Microsoft Corporation) BA5B2000-BA5B4000 (8192 bytes)
Module \??\C:\Program_Files\IBM_ThinkVantage\SafeGuard_PrivateDisk\PrivateDiskM.sys (SafeGuard® PrivateDisk Driver/Utimaco Safeware AG) A68AE000-A68BA000 (49152 bytes)
Module \??\C:\Program_Files\SMI2\smi2.sys (SMI BIOS driver/IBM Corp.) BA736000-BA737000 (4096 bytes)
Module \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys (VMware network application interface driver (32-bit)/VMware, Inc.) BA3F8000-BA3FD000 (20480 bytes)
Module \??\C:\Program_Files\VMware\VMware_Player\vstor2-ws60.sys (VMware Virtual Storage Volume Driver/VMware, Inc.) A66D7000-A66DB000 (16384 bytes)
Module \SystemRoot\System32\Drivers\Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation) A61E8000-A620C000 (147456 bytes)
Module \SystemRoot\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) A62F4000-A62FD000 (36864 bytes)
Module \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pwwdqfob.sys (GMER) A60B7000-A60D0000 (102400 bytes)
Module \WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation)

---- Processes - GMER 1.0.15 ----

Process System Idle 0
Process System 4
Process C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (Core Service/SUPERAntiSpyware.com) 316
Library C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (Core Service/SUPERAntiSpyware.com) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000

Process C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes' Anti-Malware/Malwarebytes Corporation) 344
Library C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes' Anti-Malware/Malwarebytes Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll (Malwarebytes' Anti-Malware/Malwarebytes Corporation) 0x10000000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll (Malwarebytes' Anti-Malware/Malwarebytes Corporation) 0x00460000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x77C70000
Library C:\WINDOWS\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x76790000

Process C:\WINDOWS\system32\wuauclt.exe (Windows Update/Microsoft Corporation) 448
Library C:\WINDOWS\system32\wuauclt.exe (Windows Update/Microsoft Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\wucltui.dll (Windows Update Client UI Plugin/Microsoft Corporation) 0x507E0000
Library C:\WINDOWS\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x76380000
Library C:\WINDOWS\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x75150000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x009E0000
Library C:\WINDOWS\system32\wups2.dll (Windows Update client proxy stub 2/Microsoft Corporation) 0x50F00000
Library C:\WINDOWS\system32\wuaucpl.cpl (Automatic Updates Control Panel/Microsoft Corporation) 0x508E0000
Library C:\WINDOWS\system32\mucltui.dll (Microsoft Update Client UI Plugin/Microsoft Corporation) 0x509E0000

Process C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) 464
Library C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) 0x10000000
Library C:\Program Files\Mozilla Firefox\mozsqlite3.dll (SQLite Database Library/sqlite.org) 0x00290000
Library C:\Program Files\Mozilla Firefox\MOZCRT19.dll (User-Generated Microsoft ® C/C++ Runtime Library/Mozilla Foundation) 0x78130000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\Program Files\Mozilla Firefox\mozjs.dll 0x004E0000
Library C:\Program Files\Mozilla Firefox\nspr4.dll (NSPR Library/Mozilla Foundation) 0x00350000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\WSOCK32.dll (Windows Socket 32-Bit DLL/Microsoft Corporation) 0x71AD0000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\Program Files\Mozilla Firefox\smime3.dll (NSS S/MIME Library/Mozilla Foundation) 0x00390000
Library C:\Program Files\Mozilla Firefox\nss3.dll (NSS Base Library/Mozilla Foundation) 0x006B0000
Library C:\Program Files\Mozilla Firefox\nssutil3.dll (NSS Utility Library/Mozilla Foundation) 0x003B0000
Library C:\Program Files\Mozilla Firefox\plc4.dll (PLC Library/Mozilla Foundation) 0x003D0000
Library C:\Program Files\Mozilla Firefox\plds4.dll (PLDS Library/Mozilla Foundation) 0x003E0000
Library C:\Program Files\Mozilla Firefox\ssl3.dll (NSS SSL Library/Mozilla Foundation) 0x00750000
Library C:\Program Files\Mozilla Firefox\mozalloc.dll (Mozilla Foundation) 0x003F0000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73000000
Library C:\WINDOWS\system32\COMDLG32.dll (Common Dialogs DLL/Microsoft Corporation) 0x763B0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\IMM32.dll (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x76380000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x74D90000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\Program Files\Mozilla Firefox\MOZCPP19.dll (User-Generated Microsoft ® C/C++ Runtime Library/Mozilla Foundation) 0x7C420000
Library C:\Program Files\Mozilla Firefox\xpcom.dll (Mozilla Foundation) 0x00780000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\dbghelp.dll (Windows Image Helper/Microsoft Corporation) 0x59A60000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000
Library C:\Program Files\Mozilla Firefox\components\browsercomps.dll (Mozilla Foundation) 0x01740000
Library C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll (Click to Call with Skype for Firefox/Skype Technologies S.A.) 0x02A00000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) 0x4EC50000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x03300000
Library C:\WINDOWS\system32\userenv.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\netapi32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\cryptnet.dll (Crypto Network Related API/Microsoft Corporation) 0x75E60000
Library C:\WINDOWS\system32\SensApi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x722B0000
Library C:\WINDOWS\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x4D4F0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll (Skype Phone Number Recognizer/Skype Technologies S.A.) 0x049C0000
Library C:\WINDOWS\system32\t2embed.dll (Microsoft T2Embed Font Embedding/Microsoft Corporation) 0x73CE0000
Library C:\WINDOWS\system32\LZ32.dll (LZ Expand/Compress API DLL/Microsoft Corporation) 0x73DC0000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x76FB0000
Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x64000000
Library C:\WINDOWS\system32\mscms.dll (Microsoft Color Matching System DLL/Microsoft Corporation) 0x73B30000
Library C:\WINDOWS\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x76FC0000
Library C:\Program Files\Mozilla Firefox\softokn3.dll (NSS PKCS #11 Library/Mozilla Foundation) 0x03D20000
Library C:\Program Files\Mozilla Firefox\nssdbm3.dll (Legacy Database Driver/Mozilla Foundation) 0x03D50000
Library C:\Program Files\Mozilla Firefox\freebl3.dll (NSS freebl Library/Mozilla Foundation) 0x03D70000
Library C:\Program Files\Mozilla Firefox\nssckbi.dll (NSS Builtin Trusted Root CAs/Mozilla Foundation) 0x05F70000
Library C:\WINDOWS\system32\feclient.dll (Windows NT File Encryption Client Interfaces/Microsoft Corporation) 0x693F0000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\shdocvw.dll (Shell Doc Object and Control Library/Microsoft Corporation) 0x7E290000
Library C:\WINDOWS\system32\CRYPTUI.dll (Microsoft Trust UI Provider/Microsoft Corporation) 0x754D0000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x3D930000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x07F10000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x07F20000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x3DFD0000
Library C:\WINDOWS\System32\cscui.dll (Client Side Caching UI/Microsoft Corporation) 0x77A20000
Library C:\WINDOWS\System32\CSCDLL.dll (Offline Network Agent/Microsoft Corporation) 0x76600000
Library C:\WINDOWS\system32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x76EE0000
Library C:\WINDOWS\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x76E90000
Library C:\WINDOWS\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation) 0x76EB0000
Library C:\WINDOWS\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x76E80000
Library C:\WINDOWS\system32\BROWSEUI.dll (Shell Browser UI Library/Microsoft Corporation) 0x75F80000
Library C:\PROGRA~1\WIFD1F~1\MpOAv.dll (IOfficeAntiVirus Module/Microsoft Corporation) 0x5F800000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x08F10000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x09880000
Library C:\PROGRA~1\WIFD1F~1\MpShHook.dll (Shell Execution Monitor/Microsoft Corporation) 0x05650000
Library C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Windows Search Namespace Manager/Microsoft Corporation) 0x05680000
Library C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (ShellExecuteHook/SuperAdBlocker.com) 0x056D0000
Library C:\WINDOWS\system32\ieframe.dll (Internet Explorer/Microsoft Corporation) 0x3E1C0000

Process C:\WINDOWS\explorer.exe (Windows Explorer/Microsoft Corporation) 472
Library C:\WINDOWS\explorer.exe (Windows Explorer/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\BROWSEUI.dll (Shell Browser UI Library/Microsoft Corporation) 0x75F80000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\SHDOCVW.dll (Shell Doc Object and Control Library/Microsoft Corporation) 0x7E290000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\CRYPTUI.dll (Microsoft Trust UI Provider/Microsoft Corporation) 0x754D0000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x3D930000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x00400000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x78130000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x3DFD0000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\System32\cscui.dll (Client Side Caching UI/Microsoft Corporation) 0x77A20000
Library C:\WINDOWS\System32\CSCDLL.dll (Offline Network Agent/Microsoft Corporation) 0x76600000
Library C:\WINDOWS\system32\themeui.dll (Windows Theme API/Microsoft Corporation) 0x5BA60000
Library C:\WINDOWS\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x76380000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x01100000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\LINKINFO.dll (Windows Volume Tracking/Microsoft Corporation) 0x76980000
Library C:\WINDOWS\system32\ntshrui.dll (Shell extensions for sharing/Microsoft Corporation) 0x76990000
Library C:\WINDOWS\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library C:\WINDOWS\system32\NETSHELL.dll (Network Connections Shell/Microsoft Corporation) 0x76400000
Library C:\WINDOWS\system32\credui.dll (Credential Manager User Interface/Microsoft Corporation) 0x76C00000
Library C:\WINDOWS\system32\dot3api.dll (802.3 Autoconfiguration API/Microsoft Corporation) 0x478C0000
Library C:\WINDOWS\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x76E80000
Library C:\WINDOWS\system32\dot3dlg.dll (802.3 UI Helper/Microsoft Corporation) 0x736D0000
Library C:\WINDOWS\system32\OneX.DLL (IEEE 802.1X supplicant library/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\eappcfg.dll (Eap Peer Config/Microsoft Corporation) 0x745B0000
Library C:\WINDOWS\system32\MSVCP60.dll (Microsoft ® C++ Runtime Library/Microsoft Corporation) 0x76080000
Library C:\WINDOWS\system32\eappprxy.dll (Microsoft EAPHost Peer Client DLL/Microsoft Corporation) 0x5DCD0000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x7D1E0000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\ieframe.dll (Internet Explorer/Microsoft Corporation) 0x3E1C0000
Library C:\WINDOWS\system32\MLANG.dll (Multi Language Support DLL/Microsoft Corporation) 0x75CF0000
Library C:\WINDOWS\system32\webcheck.dll (Web Site Monitor/Microsoft Corporation) 0x01490000
Library C:\WINDOWS\system32\stobject.dll (Systray shell service object/Microsoft Corporation) 0x76280000
Library C:\WINDOWS\system32\BatMeter.dll (Battery Meter Helper DLL/Microsoft Corporation) 0x74AF0000
Library C:\WINDOWS\system32\POWRPROF.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74AD0000
Library C:\WINDOWS\system32\upnpui.dll (UPNP Tray Monitor and Folder/Microsoft Corporation) 0x5AF80000
Library C:\WINDOWS\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x4D4F0000
Library C:\WINDOWS\system32\WPDShServiceObj.dll (Windows Portable Device Shell Service Object/Microsoft Corporation) 0x164A0000
Library C:\WINDOWS\system32\mydocs.dll (My Documents Folder UI/Microsoft Corporation) 0x72410000
Library C:\WINDOWS\system32\PortableDeviceTypes.dll (Windows Portable Device (Parameter) Types Component/Microsoft Corporation) 0x109C0000
Library C:\WINDOWS\system32\PortableDeviceApi.dll (Windows Portable Device API Components/Microsoft Corporation) 0x10930000
Library C:\PROGRA~1\WIFD1F~1\MpShHook.dll (Shell Execution Monitor/Microsoft Corporation) 0x5F800000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x023E0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x7C420000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library C:\WINDOWS\System32\drprov.dll (Microsoft Terminal Server Network Provider/Microsoft Corporation) 0x75F60000
Library C:\WINDOWS\System32\ntlanman.dll (Microsoft® Lan Manager/Microsoft Corporation) 0x71C10000
Library C:\WINDOWS\System32\NETUI0.dll (NT LM UI Common Code - GUI Classes/Microsoft Corporation) 0x71CD0000
Library C:\WINDOWS\System32\NETUI1.dll (NT LM UI Common Code - Networking classes/Microsoft Corporation) 0x71C90000
Library C:\WINDOWS\System32\NETRAP.dll (Net Remote Admin Protocol DLL/Microsoft Corporation) 0x71C80000
Library C:\WINDOWS\System32\davclnt.dll (Web DAV Client DLL/Microsoft Corporation) 0x75F70000
Library C:\WINDOWS\system32\browselc.dll (Shell Browser UI Library/Microsoft Corporation) 0x71600000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x78520000
Library C:\WINDOWS\system32\DUSER.dll (Windows DirectUser Engine/Microsoft Corporation) 0x6C1B0000
Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (PDF Shell Extension/Adobe Systems, Inc.) 0x027A0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x78480000
Library C:\WINDOWS\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x7E720000

Process C:\WINDOWS\System32\smss.exe (Windows NT Session Manager/Microsoft Corporation) 768
Library C:\WINDOWS\System32\smss.exe (Windows NT Session Manager/Microsoft Corporation) 0x48580000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000

Process C:\WINDOWS\system32\notepad.exe (Notepad/Microsoft Corporation) 808
Library C:\WINDOWS\system32\notepad.exe (Notepad/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\comdlg32.dll (Common Dialogs DLL/Microsoft Corporation) 0x763B0000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73000000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000

Process C:\WINDOWS\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 816
Library C:\WINDOWS\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 0x4A680000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\CSRSRV.dll (Client Server Runtime Process/Microsoft Corporation) 0x75B40000
Library C:\WINDOWS\system32\basesrv.dll (Windows NT BASE API Server DLL/Microsoft Corporation) 0x75B50000
Library C:\WINDOWS\system32\winsrv.dll (Windows Server DLL/Microsoft Corporation) 0x75B60000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\KERNEL32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\sxs.dll (Fusion 2.5/Microsoft Corporation) 0x7E720000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000

Process C:\WINDOWS\system32\winlogon.exe (Windows NT Logon Application/Microsoft Corporation) 844
Library C:\WINDOWS\system32\winlogon.exe (Windows NT Logon Application/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x776C0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\NDdeApi.dll (Network DDE Share Management APIs/Microsoft Corporation) 0x75940000
Library C:\WINDOWS\system32\PROFMAP.dll (Userenv/Microsoft Corporation) 0x75930000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\REGAPI.dll (Registry Configuration APIs/Microsoft Corporation) 0x76BC0000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\MSGINA.dll (Windows NT Logon GINA DLL/Microsoft Corporation) 0x75970000
Library C:\WINDOWS\system32\COMCTL32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\ODBC32.dll (Microsoft Data Access - ODBC Driver Manager/Microsoft Corporation) 0x74320000
Library C:\WINDOWS\system32\comdlg32.dll (Common Dialogs DLL/Microsoft Corporation) 0x763B0000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\odbcint.dll (Microsoft Data Access - ODBC Resources/Microsoft Corporation) 0x00970000
Library C:\WINDOWS\system32\SHSVCS.dll (Windows Shell Services Dll/Microsoft Corporation) 0x776E0000
Library C:\WINDOWS\system32\sfc.dll (Windows File Protection/Microsoft Corporation) 0x76BB0000
Library C:\WINDOWS\system32\sfc_os.dll (Windows File Protection/Microsoft Corporation) 0x76C60000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\Apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\WINSCARD.DLL (Microsoft Smart Card API/Microsoft Corporation) 0x723D0000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\sxs.dll (Fusion 2.5/Microsoft Corporation) 0x7E720000
Library C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware WinLogon Processor/SUPERAntiSpyware.com) 0x10000000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x3D930000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x00AD0000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x78130000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x3DFD0000
Library C:\WINDOWS\system32\cscdll.dll (Offline Network Agent/Microsoft Corporation) 0x76600000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\System32\dimsntfy.dll (DIMS Notification Handler/Microsoft Corporation) 0x47020000
Library C:\WINDOWS\system32\WlNotify.dll (Common DLL to receive Winlogon notifications/Microsoft Corporation) 0x75950000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73000000
Library C:\WINDOWS\system32\WgaLogon.dll (Windows Genuine Advantage Notifications/Microsoft Corporation) 0x01510000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x77C70000
Library C:\WINDOWS\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x76790000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\cscui.dll (Client Side Caching UI/Microsoft Corporation) 0x77A20000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x01720000

Process C:\WINDOWS\system32\services.exe (Services and Controller app/Microsoft Corporation) 888
Library C:\WINDOWS\system32\services.exe (Services and Controller app/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\NCObjAPI.DLL (Microsoft Corporation) 0x5F770000
Library C:\WINDOWS\system32\MSVCP60.dll (Microsoft ® C++ Runtime Library/Microsoft Corporation) 0x76080000
Library C:\WINDOWS\system32\SCESRV.dll (Windows Security Configuration Editor Engine/Microsoft Corporation) 0x7DBD0000
Library C:\WINDOWS\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x776C0000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\umpnpmgr.dll (User-mode Plug-and-Play Service/Microsoft Corporation) 0x7DBA0000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcAdProc.dll (Windows Compatibility DLL/Microsoft Corporation) 0x47260000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\Apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000

Process C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) 900
Library C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\LSASRV.dll (LSA Server DLL/Microsoft Corporation) 0x75730000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\NTDSAPI.dll (NT5DS/Microsoft Corporation) 0x767A0000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\SAMSRV.dll (SAM Server DLL/Microsoft Corporation) 0x74440000
Library C:\WINDOWS\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x76790000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\msprivs.dll (Microsoft Privilege Translations/Microsoft Corporation) 0x4D200000
Library C:\WINDOWS\system32\kerberos.dll (Kerberos Security Package/Microsoft Corporation) 0x71CF0000
Library C:\WINDOWS\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x77C70000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\netlogon.dll (Net Logon Services DLL/Microsoft Corporation) 0x744B0000
Library C:\WINDOWS\system32\w32time.dll (Windows Time Service/Microsoft Corporation) 0x767C0000
Library C:\WINDOWS\system32\MSVCP60.dll (Microsoft ® C++ Runtime Library/Microsoft Corporation) 0x76080000
Library C:\WINDOWS\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x767F0000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\wdigest.dll (Microsoft Digest Access/Microsoft Corporation) 0x7DFC0000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\setupapi.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\scecli.dll (Windows Security Configuration Editor Client Engine/Microsoft Corporation) 0x74410000
Library C:\Program Files\IBM ThinkVantage\Client Security Solution\csspwntfy.dll (Password change notification/Lenovo Group Limited) 0x10000000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtsp.dll (tcscom/IBM) 0x00CB0000
Library C:\Program Files\IBM ThinkVantage\Client Security Solution\tcsrpc.dll (calltcsg Dynamic Link Library/IBM) 0x00D10000
Library C:\Program Files\IBM ThinkVantage\Client Security Solution\cssuserdatadispatcher.dll (User data dispatcher/Lenovo Group Limited) 0x00DC0000
Library C:\WINDOWS\system32\dssenh.dll (Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider/Microsoft Corporation) 0x68100000

Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1084
Library C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library c:\windows\system32\rpcss.dll (Distributed COM Services/Microsoft Corporation) 0x76A80000
Library c:\windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library c:\windows\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x006B0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\Apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000

Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1120
Library C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library c:\windows\system32\rpcss.dll (Distributed COM Services/Microsoft Corporation) 0x76A80000
Library c:\windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library c:\windows\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x006B0000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x76FB0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x64000000
Library C:\WINDOWS\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x76FC0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000

Process C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes' Anti-Malware/Malwarebytes Corporation) 1512
Library C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes' Anti-Malware/Malwarebytes Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll (Malwarebytes' Anti-Malware/Malwarebytes Corporation) 0x10000000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll (Malwarebytes' Anti-Malware/Malwarebytes Corporation) 0x00960000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000

Process C:\Documents and Settings\Administrator\My Documents\Downloads\eh2y4s1r.exe 1684
Library C:\Documents and Settings\Administrator\My Documents\Downloads\eh2y4s1r.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\COMCTL32.DLL (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\VERSION.DLL (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\Comdlg32.dll (Common Dialogs DLL/Microsoft Corporation) 0x763B0000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\ntshrui.dll (Shell extensions for sharing/Microsoft Corporation) 0x76990000
Library C:\WINDOWS\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library C:\WINDOWS\System32\drprov.dll (Microsoft Terminal Server Network Provider/Microsoft Corporation) 0x75F60000
Library C:\WINDOWS\System32\ntlanman.dll (Microsoft® Lan Manager/Microsoft Corporation) 0x71C10000
Library C:\WINDOWS\System32\NETUI0.dll (NT LM UI Common Code - GUI Classes/Microsoft Corporation) 0x71CD0000
Library C:\WINDOWS\System32\NETUI1.dll (NT LM UI Common Code - Networking classes/Microsoft Corporation) 0x71C90000
Library C:\WINDOWS\System32\NETRAP.dll (Net Remote Admin Protocol DLL/Microsoft Corporation) 0x71C80000
Library C:\WINDOWS\System32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\System32\davclnt.dll (Web DAV Client DLL/Microsoft Corporation) 0x75F70000
Library C:\WINDOWS\system32\MSGINA.dll (Windows NT Logon GINA DLL/Microsoft Corporation) 0x75970000
Library C:\WINDOWS\system32\ODBC32.dll (Microsoft Data Access - ODBC Driver Manager/Microsoft Corporation) 0x74320000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\odbcint.dll (Microsoft Data Access - ODBC Resources/Microsoft Corporation) 0x01D40000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x01D60000

Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1840
Library C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00630000
Library c:\windows\system32\dhcpcsvc.dll (DHCP Client Service/Microsoft Corporation) 0x7D4B0000
Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library c:\windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library c:\windows\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library c:\windows\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000
Library c:\windows\system32\wkssvc.dll (Workstation Service DLL/Microsoft Corporation) 0x76E40000
Library c:\windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library c:\windows\system32\NTDSAPI.dll (NT5DS/Microsoft Corporation) 0x767A0000
Library c:\windows\system32\qmgr.dll (Background Intelligent Transfer Service/Microsoft Corporation) 0x5B9F0000
Library c:\windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library c:\windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library c:\windows\system32\SHFOLDER.dll (Shell Folder Service/Microsoft Corporation) 0x76780000
Library c:\windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library c:\windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library c:\windows\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x4D4F0000
Library c:\windows\system32\cryptsvc.dll (Cryptographic Services/Microsoft Corporation) 0x76CE0000
Library c:\windows\system32\certcli.dll (Microsoft® Certificate Services Client/Microsoft Corporation) 0x77B90000
Library c:\windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library c:\windows\system32\CRYPTUI.dll (Microsoft Trust UI Provider/Microsoft Corporation) 0x754D0000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x3D930000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x00F60000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x78130000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x3DFD0000
Library c:\windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library c:\windows\system32\ESENT.dll (Server Database Storage Engine/Microsoft Corporation) 0x606B0000
Library c:\windows\system32\ersvc.dll (Windows Error Reporting Service/Microsoft Corporation) 0x74F80000
Library c:\windows\pchealth\helpctr\binaries\pchsvc.dll (Microsoft PCHealth Service Holder/Microsoft Corporation) 0x74F40000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x77C70000
Library C:\WINDOWS\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x76790000
Library C:\WINDOWS\system32\netman.dll (Network Connections Manager/Microsoft Corporation) 0x77D00000
Library C:\WINDOWS\system32\MPRAPI.dll (Windows NT MP Router Administration DLL/Microsoft Corporation) 0x76D40000
Library C:\WINDOWS\system32\ACTIVEDS.dll (ADs Router Layer DLL/Microsoft Corporation) 0x77CC0000
Library C:\WINDOWS\system32\adsldpc.dll (ADs LDAP Provider C DLL/Microsoft Corporation) 0x76E10000
Library C:\WINDOWS\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x76E80000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\netshell.dll (Network Connections Shell/Microsoft Corporation) 0x76400000
Library C:\WINDOWS\system32\credui.dll (Credential Manager User Interface/Microsoft Corporation) 0x76C00000
Library C:\WINDOWS\system32\dot3api.dll (802.3 Autoconfiguration API/Microsoft Corporation) 0x478C0000
Library C:\WINDOWS\system32\dot3dlg.dll (802.3 UI Helper/Microsoft Corporation) 0x736D0000
Library C:\WINDOWS\system32\OneX.DLL (IEEE 802.1X supplicant library/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\system32\eappcfg.dll (Eap Peer Config/Microsoft Corporation) 0x745B0000
Library C:\WINDOWS\system32\MSVCP60.dll (Microsoft ® C++ Runtime Library/Microsoft Corporation) 0x76080000
Library C:\WINDOWS\system32\eappprxy.dll (Microsoft EAPHost Peer Client DLL/Microsoft Corporation) 0x5DCD0000
Library C:\WINDOWS\system32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x76EE0000
Library C:\WINDOWS\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x76E90000
Library C:\WINDOWS\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation) 0x76EB0000
Library C:\WINDOWS\system32\WZCSAPI.DLL (Wireless Zero Configuration service API/Microsoft Corporation) 0x73030000
Library C:\WINDOWS\system32\WZCSvc.DLL (Wireless Zero Configuration Service/Microsoft Corporation) 0x7DB10000
Library C:\WINDOWS\system32\WMI.dll (WMI DC and DP functionality/Microsoft Corporation) 0x76D30000
Library C:\WINDOWS\system32\EapolQec.dll (Microsoft EAPOL NAP Enforcement Client/Microsoft Corporation) 0x72810000
Library C:\WINDOWS\system32\QUtil.dll (Quarantine Utilities/Microsoft Corporation) 0x726C0000
Library c:\windows\system32\seclogon.dll (Secondary Logon Service DLL/Microsoft Corporation) 0x73D20000
Library c:\windows\system32\srsvc.dll (System Restore Service/Microsoft Corporation) 0x751A0000
Library c:\windows\system32\POWRPROF.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74AD0000
Library c:\windows\system32\wbem\wmisvc.dll (WMI/Microsoft Corporation) 0x59490000
Library C:\WINDOWS\system32\VSSAPI.DLL (Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL/Microsoft Corporation) 0x753E0000
Library c:\windows\system32\wuauserv.dll (Windows Update AutoUpdate Service/Microsoft Corporation) 0x50000000
Library C:\WINDOWS\system32\wuaueng.dll (Windows Update Agent/Microsoft Corporation) 0x50040000
Library C:\WINDOWS\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73000000
Library C:\WINDOWS\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x75150000
Library C:\WINDOWS\system32\mspatcha.dll (Microsoft® Patch Engine/Microsoft Corporation) 0x600A0000
Library c:\windows\system32\wscsvc.dll (Windows Security Center Service/Microsoft Corporation) 0x4C0A0000
Library c:\windows\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x7D1E0000
Library C:\WINDOWS\system32\es.dll (Microsoft Corporation) 0x77710000
Library C:\WINDOWS\system32\wbem\wbemcomn.dll (WMI/Microsoft Corporation) 0x75290000
Library C:\WINDOWS\system32\wbem\wbemcore.dll (WMI/Microsoft Corporation) 0x762C0000
Library C:\WINDOWS\system32\wbem\esscli.dll (WMI/Microsoft Corporation) 0x75310000
Library C:\WINDOWS\system32\wbem\FastProx.dll (WMI/Microsoft Corporation) 0x75690000
Library C:\WINDOWS\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x74ED0000
Library C:\WINDOWS\system32\sfc.dll (Windows File Protection/Microsoft Corporation) 0x76BB0000
Library C:\WINDOWS\system32\sfc_os.dll (Windows File Protection/Microsoft Corporation) 0x76C60000
Library C:\WINDOWS\system32\wbem\wmiutils.dll (WMI/Microsoft Corporation) 0x75020000
Library C:\WINDOWS\system32\wbem\repdrvfs.dll (WMI/Microsoft Corporation) 0x75200000
Library C:\WINDOWS\system32\Apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\system32\wbem\wmiprvsd.dll (WMI/Microsoft Corporation) 0x3F1E0000
Library C:\WINDOWS\system32\NCObjAPI.DLL (Microsoft Corporation) 0x5F770000
Library C:\WINDOWS\system32\wbem\wbemess.dll (WMI/Microsoft Corporation) 0x75390000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\wbem\ncprov.dll (Non-COM WMI Event Provision APIs/Microsoft Corporation) 0x5F740000
Library C:\WINDOWS\system32\wups2.dll (Windows Update client proxy stub 2/Microsoft Corporation) 0x50F00000

Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1856
Library C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library c:\windows\system32\dnsrslvr.dll (DNS Caching Resolver Service/Microsoft Corporation) 0x76770000
Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library c:\windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library c:\windows\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library c:\windows\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000

Process C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 2008
Library C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\SPOOLSS.DLL (Spooler SubSystem DLL/Microsoft Corporation) 0x742E0000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x76FC0000
Library C:\WINDOWS\system32\localspl.dll (Local Spooler DLL/Microsoft Corporation) 0x75BB0000
Library C:\WINDOWS\system32\sfc_os.dll (Windows File Protection/Microsoft Corporation) 0x76C60000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\winspool.drv (Windows Spooler Driver/Microsoft Corporation) 0x73000000
Library C:\WINDOWS\system32\netapi32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\cnbjmon.dll (Langage Monitor for Canon Bubble-Jet Printer/Microsoft Corporation) 0x742A0000
Library C:\WINDOWS\system32\CNMLM7B.DLL (IJ Language Monitor/CANON INC.) 0x66F40000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\mdimon.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x00A50000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x78130000
Library C:\WINDOWS\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x7D1E0000
Library C:\WINDOWS\system32\pjlmon.dll (PJL Language monitor/Microsoft Corporation) 0x74280000
Library C:\WINDOWS\system32\tcpmon.dll (Standard TCP/IP Port Monitor DLL/Microsoft Corporation) 0x72400000
Library C:\WINDOWS\system32\usbmon.dll (Standard Dynamic Printing Port Monitor DLL/Microsoft Corporation) 0x723F0000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD7B.DLL (IJ Print Processor Dispatcher/CANON INC.) 0x00D10000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x00D20000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll (Print Filter Pipeline Proxy/Microsoft Corporation) 0x3F420000
Library C:\WINDOWS\System32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x76FB0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x64000000
Library C:\WINDOWS\system32\win32spl.dll (32-bit Spooler API DLL/Microsoft Corporation) 0x75C10000
Library C:\WINDOWS\system32\NETRAP.dll (Net Remote Admin Protocol DLL/Microsoft Corporation) 0x71C80000
Library C:\WINDOWS\system32\NTDSAPI.dll (NT5DS/Microsoft Corporation) 0x767A0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x01010000
Library C:\WINDOWS\system32\inetpp.dll (Internet Print Provider DLL/Microsoft Corporation)

---- Services - GMER 1.0.15 ----

Service C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (Core Service/SUPERAntiSpyware.com) [AUTO] !SASCORE
Service .NET CLR Data
Service .NET CLR Networking
Service .NET CLR Networking 4.0.0.0
Service .NET Data Provider for Oracle
Service .NET Data Provider for SqlServer
Service .NETFramework
Service [DISABLED] Abiosdsk
Service C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS (AdvanSys SCSI Controller Driver/Microsoft Corporation) [DISABLED] abp480n5
Service C:\WINDOWS\system32\drivers\ac97intc.sys (Intel® Integrated Controller Hub Audio Driver/Intel Corporation) [MANUAL] ac97intc
Service C:\WINDOWS\system32\DRIVERS\ACPI.sys (ACPI Driver for NT/Microsoft Corporation) [BOOT] ACPI
Service (ACPI Embedded Controller Driver/Microsoft Corporation) [DISABLED] ACPIEC
Service C:\WINDOWS\system32\drivers\ADIHdAud.sys (High Definition Audio Function Driver(Release Candidate 1)/Analog Devices, Inc.) [MANUAL] ADIHdAudAddService
Service C:\WINDOWS\system32\DRIVERS\adpu160m.sys (Adaptec Ultra160 SCSI miniport/Microsoft Corporation) [DISABLED] adpu160m
Service system32\drivers\AEAudio.sys [MANUAL] AEAudioService
Service C:\WINDOWS\system32\drivers\aec.sys (Microsoft Acoustic Echo Canceller/Microsoft Corporation) [MANUAL] aec
Service C:\WINDOWS\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service C:\WINDOWS\system32\DRIVERS\agp440.sys (440 NT AGP Filter/Microsoft Corporation) [DISABLED] agp440
Service C:\WINDOWS\system32\DRIVERS\agpCPQ.sys (CompatNT AGP Filter/Microsoft Corporation) [DISABLED] agpCPQ
Service C:\WINDOWS\system32\DRIVERS\aha154x.sys (Adaptec AHA-154x series SCSI miniport/Microsoft Corporation) [DISABLED] Aha154x
Service C:\WINDOWS\system32\DRIVERS\aic78u2.sys (Adaptec Ultra2 SCSI miniport/Microsoft Corporation) [DISABLED] aic78u2
Service C:\WINDOWS\system32\DRIVERS\aic78xx.sys (Adaptec Ultra SCSI miniport/Microsoft Corporation) [DISABLED] aic78xx
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Alerter
Service C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [DISABLED] ALG
Service C:\WINDOWS\system32\DRIVERS\aliide.sys (ALi mini IDE Driver/Acer Laboratories Inc.) [DISABLED] AliIde
Service C:\WINDOWS\system32\DRIVERS\alim1541.sys (ALi M1541 NT AGP Filter/Microsoft Corporation) [DISABLED] alim1541
Service C:\WINDOWS\system32\DRIVERS\amdagp.sys (AMD Win2000 AGP Filter/Advanced Micro Devices, Inc.) [DISABLED] amdagp
Service C:\WINDOWS\system32\DRIVERS\amsint.sys (AMD SCSI/NET Controller/Microsoft Corporation) [DISABLED] amsint
Service C:\WINDOWS\system32\DRIVERS\lgandbus.sys (LGE Android Platform Driver/LG Electronics Inc.) [MANUAL] Andbus
Service C:\WINDOWS\system32\DRIVERS\lganddiag.sys (LGE Android Platform Driver/LG Electronics Inc.) [MANUAL] AndDiag
Service C:\WINDOWS\system32\DRIVERS\lgandgps.sys (LGE Android Platform Driver/LG Electronics Inc.) [MANUAL] AndGps
Service C:\WINDOWS\system32\DRIVERS\lgandmodem.sys (LGE Android Platform Driver/LG Electronics Inc.) [MANUAL] ANDModem
Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (MobileDeviceService/Apple Inc.) [DISABLED] Apple Mobile Device
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] AppMgmt
Service C:\WINDOWS\system32\DRIVERS\asc.sys (AdvanSys SCSI Controller Driver/Advanced System Products, Inc.) [DISABLED] asc
Service C:\WINDOWS\system32\DRIVERS\asc3350p.sys (AdvanSys SCSI Card Driver/Microsoft Corporation) [DISABLED] asc3350p
Service C:\WINDOWS\system32\DRIVERS\asc3550.sys (AdvanSys Ultra-Wide PCI SCSI Driver/Advanced System Products, Inc.) [DISABLED] asc3550
Service ASP.NET
Service ASP.NET_1.1.4322
Service ASP.NET_2.0.50727
Service C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft ASP.NET State Server/Microsoft Corporation) [DISABLED] aspnet_state
Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\WINDOWS\system32\DRIVERS\atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) [BOOT] atapi
Service [DISABLED] Atdisk
Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys (IP/ATM Arp Client/Microsoft Corporation) [MANUAL] Atmarpc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] AudioSrv
Service C:\WINDOWS\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) [MANUAL] audstub
Service BattC
Service C:\Program Files\Microsoft\BingBar\BBSvc.EXE (BingBar Service/Microsoft Corporation.) [DISABLED] BBSvc
Service C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft SeaPort Search Enhancement Broker/Microsoft Corporation) [DISABLED] BBUpdate
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] BITS
Service C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc.) [DISABLED] Bonjour Service
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Browser
Service C:\WINDOWS\system32\DRIVERS\Camdrl.sys (Universal Serial Bus Camera Driver/Logitech Inc.) [MANUAL] CamDrL
Service C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [MANUAL] catchme
Service C:\WINDOWS\system32\DRIVERS\cbidf2k.sys (CardBus/PCMCIA IDE Miniport Driver/Microsoft Corporation) [DISABLED] cbidf
Service (CardBus/PCMCIA IDE Miniport Driver/Microsoft Corporation) [DISABLED] cbidf2k
Service C:\WINDOWS\system32\DRIVERS\CCDECODE.sys (WDM Closed Caption VBI Codec/Microsoft Corporation) [MANUAL] CCDECODE
Service C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys (IBM Portable CD-ROM Drive Miniport/Microsoft Corporation) [DISABLED] cd20xrnt
Service (CD-ROM Audio Filter Driver/Microsoft Corporation) [SYSTEM] Cdaudio
Service (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] Cdfs
Service C:\WINDOWS\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] Cdrom
Service [SYSTEM] Changer
Service C:\WINDOWS\system32\cisvc.exe (Content Index service/Microsoft Corporation) [MANUAL] CiSvc
Service C:\WINDOWS\system32\clipsrv.exe (Windows NT DDE Server/Microsoft Corporation) [MANUAL] ClipSrv
Service c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [DISABLED] clr_optimization_v2.0.50727_32
Service C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [DISABLED] clr_optimization_v4.0.30319_32
Service C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD PCI IDE Bus Driver/CMD Technology, Inc.) [DISABLED] CmdIde
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service ContentFilter
Service ContentIndex
Service C:\WINDOWS\system32\DRIVERS\cpqarray.sys (Compaq Drive Array Controllers SCSI Miniport Driver/Microsoft Corporation) [DISABLED] Cpqarray
Service C:\WINDOWS\system32\drivers\cpuz134_x32.sys (CPUID Driver/Windows ® Win 7 DDK provider) [AUTO] cpuz134
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] CryptSvc
Service C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Disk Array Controller Driver/Mylex Corporation) [DISABLED] dac2w2k
Service C:\WINDOWS\system32\DRIVERS\dac960nt.sys (Mylex Disk Array Controller Driver/Microsoft Corporation) [DISABLED] dac960nt
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dhcp
Service C:\WINDOWS\system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] Disk
Service C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (DKSERVICE.EXE/Diskeeper Corporation) [DISABLED] Diskeeper
Service C:\WINDOWS\System32\dmadmin.exe (Logical Disk Manager service process/Microsoft Corp., Veritas Software) [DISABLED] dmadmin
Service C:\WINDOWS\System32\drivers\dmboot.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software) [DISABLED] dmboot
Service C:\WINDOWS\System32\drivers\dmio.sys (NT Disk Manager I/O Driver/Microsoft Corp., Veritas Software) [BOOT] dmio
Service C:\WINDOWS\System32\drivers\dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) [BOOT] dmload
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] dmserver
Service C:\WINDOWS\system32\drivers\DMusic.sys (Microsoft Kernel DLS Synthesizer/Microsoft Corporation) [MANUAL] DMusic
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dnscache
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Dot3svc
Service C:\WINDOWS\system32\DRIVERS\dpti2o.sys (DPT SmartRAID miniport/Microsoft Corporation) [DISABLED] dpti2o
Service C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud
Service C:\WINDOWS\system32\DRIVERS\e100b325.sys (NDIS 5 driver/Intel Corporation) [MANUAL] E100B
Service C:\WINDOWS\system32\DRIVERS\e1e5132.sys (Intel® PRO/1000 Adapter NDIS 5.2 deserialized driver/Intel Corporation) [MANUAL] e1express
Service C:\WINDOWS\system32\DRIVERS\eamon.sys (Amon monitor/ESET) [AUTO] eamon
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] EapHost
Service C:\WINDOWS\SYSTEM32\EGATHDRV.SYS (IBM eGatherer Kernel Module/IBM Corporation) [AUTO] EGATHDRV
Service C:\WINDOWS\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) [SYSTEM] ehdrv
Service C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET Service/ESET) [DISABLED] ekrn
Service C:\WINDOWS\system32\DRIVERS\epfwtdir.sys (ESET Antivirus Network Redirector/ESET) [SYSTEM] epfwtdir
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ERSvc
Service C:\WINDOWS\system32\services.exe (Services and Controller app/Microsoft Corporation) [DISABLED] Eventlog
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] EventSystem
Service (Fast FAT File System Driver/Microsoft Corporation) [DISABLED] Fastfat
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] FastUserSwitchingCompatibility
Service C:\WINDOWS\system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) [MANUAL] Fdc
Service (FIPS Crypto Driver/Microsoft Corporation) [SYSTEM] Fips
Service C:\WINDOWS\system32\DRIVERS\flpydisk.sys (Floppy Driver/Microsoft Corporation) [MANUAL] Flpydisk
Service C:\WINDOWS\system32\drivers\fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr
Service c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (PresentationFontCache.exe/Microsoft Corporation) [DISABLED] FontCache3.0.0.0
Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec
Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys (FT Disk Driver/Microsoft Corporation) [BOOT] Ftdisk
Service C:\Program Files\WildTangent Games\App\GamesAppService.exe (GamesAppService/WildTangent, Inc.) [DISABLED] GamesAppService
Service C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) [MANUAL] GEARAspiWDM
Service C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google Desktop/Google) [DISABLED] GoogleDesktopManager-051210-111108
Service C:\WINDOWS\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) [MANUAL] Gpc
Service C:\Program [DISABLED] gupdate1c9e4b71d4e60d6
Service C:\Program [DISABLED] gupdatem
Service C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc/Google) [DISABLED] gusvc
Service C:\WINDOWS\system32\drivers\hcmon.sys (VMware USB monitor/VMware, Inc.) [AUTO] hcmon
Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows ® Server 2003 DDK provider) [MANUAL] HDAudBus
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] helpsvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] HidServ
Service C:\WINDOWS\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] HidUsb
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] hkmsvc
Service C:\WINDOWS\system32\DRIVERS\hpn.sys (NetRAID-4M Miniport Driver/Microsoft Corporation) [DISABLED] hpn
Service C:\WINDOWS\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] HTTPFilter
Service (I2O Utility Filter/Microsoft Corporation) [SYSTEM] i2omgmt
Service C:\WINDOWS\system32\DRIVERS\i2omp.sys (I2O Miniport Driver/Microsoft Corporation) [DISABLED] i2omp
Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys (i8042 Port Driver/Microsoft Corporation) [SYSTEM] i8042prt
Service C:\WINDOWS\system32\DRIVERS\igxpmp32.sys (Intel Graphics Miniport Driver/Intel Corporation) [MANUAL] ialm
Service C:\WINDOWS\system32\drivers\ibmfilter.sys (IBM Rescue and Recovery filter driver/IBM) [AUTO] ibmfilter
Service C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [DISABLED] IDriverT
Service c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Windows CardSpace/Microsoft Corporation) [DISABLED] idsvc
Service C:\WINDOWS\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) [SYSTEM] Imapi
Service C:\WINDOWS\system32\imapi.exe (Image Mastering API/Microsoft Corporation) [DISABLED] ImapiService
Service inetaccs
Service C:\WINDOWS\system32\DRIVERS\ini910u.sys (INITIO ini910u SCSI miniport/Microsoft Corporation) [DISABLED] ini910u
Service Inport
Service C:\WINDOWS\system32\DRIVERS\intelide.sys (Intel PCI IDE Driver/Microsoft Corporation) [DISABLED] IntelIde
Service C:\WINDOWS\system32\DRIVERS\intelppm.sys (Processor Device Driver/Microsoft Corporation) [SYSTEM] intelppm
Service C:\WINDOWS\system32\drivers\ip6fw.sys (IPv6 Windows Firewall Driver/Microsoft Corporation) [MANUAL] Ip6Fw
Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver
Service C:\WINDOWS\system32\DRIVERS\ipinip.sys (IP in IP Encapsulation Driver/Microsoft Corporation) [MANUAL] IpInIp
Service C:\WINDOWS\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IpNat
Service C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (32-bit)/Apple Inc.) [DISABLED] iPod Service
Service C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) [SYSTEM] IPSec
Service C:\WINDOWS\system32\IPSSVC.EXE (IPS Core Service/Lenovo Ltd.) [DISABLED] IPSSVC
Service C:\WINDOWS\system32\DRIVERS\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM
Service ISAPISearch
Service C:\WINDOWS\system32\DRIVERS\isapnp.sys (PNP ISA Bus Driver/Microsoft Corporation) [BOOT] isapnp
Service C:\Program Files\Java\jre6\bin\jqs.exe (Java™ Quick Starter Service/Sun Microsystems, Inc.) [DISABLED] JavaQuickStarterService
Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys (Keyboard Class Driver/Microsoft Corporation) [SYSTEM] Kbdclass
Service C:\WINDOWS\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) [MANUAL] kmixer
Service (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] lanmanserver
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanworkstation
Service [SYSTEM] lbrtfdc
Service ldap
Service C:\WINDOWS\system32\DRIVERS\lgbtport.sys (LG Bluetooth Transport Driver/LG Electronics Inc.) [MANUAL] LgBttPort
Service C:\WINDOWS\system32\DRIVERS\lgbtbus.sys (LG BT Bus Enumerator/LG Electronics Inc.) [MANUAL] lgbusenum
Service C:\WINDOWS\system32\DRIVERS\lgvmodem.sys (LG Virtual Modem Driver/LG Electronics Inc.) [MANUAL] LGVMODEM
Service LicenseService
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] LmHosts
Service C:\WINDOWS\system32\DRIVERS\LVcKap.sys (Logitech Kernel Audio Processing Filter Driver/Logitech Inc.) [MANUAL] LVcKap
Service C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Video COM Service/Logitech Inc.) [DISABLED] LVCOMSer
Service C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys (Logitech Machine Vision Engine Loader/Logitech Inc.) [MANUAL] LVMVDrv
Service C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [MANUAL] LVPr2Mon
Service C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech LVPrcSrv Module./Logitech Inc.) [DISABLED] LVPrcSrv
Service C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe (LogitechService Launcher/Logitech Inc.) [DISABLED] LVSrvLauncher
Service C:\WINDOWS\system32\drivers\LVUSBSta.sys (USB Statistic Driver/Logitech Inc.) [MANUAL] LVUSBSta
Service C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes' Anti-Malware/Malwarebytes Corporation) [MANUAL] MBAMProtector
Service C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes' Anti-Malware/Malwarebytes Corporation) [AUTO] MBAMService
Service C:\Program Files\Common Files\Motive\McciCMService.exe (mcci+McciCMService/Alcatel-Lucent) [DISABLED] McciCMService
Service C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Machine Debug Manager/Microsoft Corporation) [DISABLED] MDM
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Messenger
Service (Frame buffer simulator/Microsoft Corporation) [SYSTEM] mnmdd
Service C:\WINDOWS\system32\mnmsrvc.exe (NetMeeting Remote Desktop Sharing/Microsoft Corporation) [DISABLED] mnmsrvc
Service (Modem Device Driver/Microsoft Corporation) [MANUAL] Modem
Service C:\WINDOWS\system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) [SYSTEM] Mouclass
Service C:\WINDOWS\system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) [MANUAL] mouhid
Service (Mount Manager/Microsoft Corporation) [BOOT] MountMgr
Service C:\WINDOWS\system32\DRIVERS\mraid35x.sys (MegaRAID RAID Controller Driver for Windows Whistler 32/American Megatrends Inc.) [DISABLED] mraid35x
Service C:\Program Files\Common Files\Motive\MREMP50.sys (PCAUSA NDIS 5.0 MPR Protocol Driver/Printing Communications Assoc., Inc. (PCAUSA)) [MANUAL] MREMP50
Service C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [MANUAL] MREMP50a64
Service C:\Program Files\Common Files\Motive\MRESP50.sys (PCAUSA NDIS 5.0 SPR Protocol Driver/Printing Communications Assoc., Inc. (PCAUSA)) [MANUAL] MRESP50
Service C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [MANUAL] MRESP50a64
Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [SYSTEM] MRxSmb
Service C:\WINDOWS\system32\msdtc.exe (MS DTC console program/Microsoft Corporation) [DISABLED] MSDTC
Service MSDTC Bridge 3.0.0.0
Service MSDTC Bridge 4.0.0.0
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\WINDOWS\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [DISABLED] MSIServer
Service C:\WINDOWS\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\WINDOWS\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service MSSCNTRS
Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service C:\WINDOWS\system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE
Service (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys (WDM NABTS/FEC VBI Codec/Microsoft Corporation) [MANUAL] NABTSFEC
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] napagent
Service (NDIS 5.1 wrapper driver/Microsoft Corporation) [BOOT] NDIS
Service C:\WINDOWS\system32\DRIVERS\NdisIP.sys (Microsoft IP Driver/Microsoft Corporation) [MANUAL] NdisIP
Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) [MANUAL] Ndisuio
Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service C:\WINDOWS\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] NetBT
Service C:\WINDOWS\system32\netdde.exe (Network DDE - DDE Communication/Microsoft Corporation) [DISABLED] NetDDE
Service C:\WINDOWS\system32\netdde.exe (Network DDE - DDE Communication/Microsoft Corporation) [DISABLED] NetDDEdsdm
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [DISABLED] Netlogon
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Netman
Service c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation) [DISABLED] NetTcpPortSharing
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Nla
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service (NT File System Driver/Microsoft Corporation) [DISABLED] Ntfs
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [DISABLED] NtLmSsp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] NtmsSvc
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 /NVIDIA Corporation) [MANUAL] nv
Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys (NWLINK2 Traffic Filter Driver/Microsoft Corporation) [MANUAL] NwlnkFlt
Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys (NWLINK2 Forwarder Driver/Microsoft Corporation) [MANUAL] NwlnkFwd
Service C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Office Diagnostics/Microsoft Corporation) [DISABLED] odserv
Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [DISABLED] ose
Service Outlook
Service C:\WINDOWS\system32\DRIVERS\parport.sys (Parallel Port Driver/Microsoft Corporation) [MANUAL] Parport
Service (Partition Manager/Microsoft Corporation) [BOOT] PartMgr
Service (VDM Parallel Driver/Microsoft Corporation) [DISABLED] ParVdm
Service C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys (PCDR NDIS User mode I/O Driver/Windows ® 2000 DDK provider) [MANUAL] PcdrNdisuio
Service C:\WINDOWS\system32\DRIVERS\pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) [BOOT] PCI
Service [SYSTEM] PCIDump
Service C:\WINDOWS\system32\DRIVERS\pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [BOOT] PCIIde
Service (PCMCIA Bus Driver/Microsoft Corporation) [DISABLED] Pcmcia
Service [MANUAL] PDCOMP
Service [MANUAL] PDFRAME
Service [MANUAL] PDRELI
Service [MANUAL] PDRFRAME
Service C:\WINDOWS\system32\DRIVERS\pelmouse.sys (Mouse Suite Driver (For Windows 2000 and Whistler Only)/Primax Electronics Ltd.) [MANUAL] pelmouse
Service C:\WINDOWS\system32\DRIVERS\pelusblf.sys (USB Mouse Low Filter Driver(Win2000 only)/Primax Electronics Ltd.) [MANUAL] pelusblf
Service C:\WINDOWS\system32\DRIVERS\perc2.sys (PERC 2 Miniport Driver/Microsoft Corporation) [DISABLED] perc2
Service C:\WINDOWS\system32\DRIVERS\perc2hib.sys (PERC 2 Hibernate Driver/Microsoft Corporation) [DISABLED] perc2hib
Service PerfDisk
Service PerfNet
Service PerfOS
Service PerfProc
Service C:\fguh7y9856\pev.3XE [AUTO] PEVSystemStart
Service C:\WINDOWS\system32\services.exe (Services and Controller app/Microsoft Corporation) [DISABLED] PlugPlay
Service C:\WINDOWS\System32\drivers\pmemnt.sys (Physical Memory Driver/Microsoft Corporation) [AUTO] pmem
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [DISABLED] PolicyAgent
Service C:\WINDOWS\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport
Service C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\PrivateDiskM.sys (SafeGuard® PrivateDisk Driver/Utimaco Safeware AG) [AUTO] PrivateDisk
Service C:\WINDOWS\system32\DRIVERS\PROCDD.SYS (IPS Helper Driver/Lenovo Ltd.) [AUTO] PROCDD
Service C:\WINDOWS\system32\DRIVERS\processr.sys (Processor Device Driver/Microsoft Corporation) [SYSTEM] Processor
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [DISABLED] ProtectedStorage
Service C:\WINDOWS\system32\DRIVERS\psadd.sys (SMBIOS Driver/Lenovo (United States) Inc.) [MANUAL] psadd
Service C:\WINDOWS\system32\PsaSrv.exe [DISABLED] PsaSrv
Service C:\WINDOWS\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) [MANUAL] PSched
Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service C:\WINDOWS\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20
Service C:\WINDOWS\system32\DRIVERS\ql1080.sys (Miniport Driver for QLogic ISP PCI Adapters/QLogic Corporation) [DISABLED] ql1080
Service C:\WINDOWS\system32\DRIVERS\ql10wnt.sys (Miniport Driver for QLogic ISP PCI Adapters/Microsoft Corporation) [DISABLED] Ql10wnt
Service C:\WINDOWS\system32\DRIVERS\ql12160.sys (Miniport Driver for QLogic ISP PCI Adapters/QLogic Corporation) [DISABLED] ql12160
Service C:\WINDOWS\system32\DRIVERS\ql1240.sys (QLogic ISP PCI Adapters/Microsoft Corporation) [DISABLED] ql1240
Service C:\WINDOWS\system32\DRIVERS\ql1280.sys (Miniport Driver for QLogic ISP PCI Adapters/QLogic Corporation) [DISABLED] ql1280
Service C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\29574\RapportCerberus32_29574.sys [SYSTEM] RapportCerberus_29574
Service C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (RapportEI/Trusteer Ltd.) [SYSTEM] RapportEI
Service C:\WINDOWS\System32\Drivers\RapportKELL.sys (RapportKE/Trusteer Ltd.) [BOOT] RapportKELL
Service C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (RapportMgmtService/Trusteer Ltd.) [DISABLED] RapportMgmtService
Service C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) [SYSTEM] RapportPG
Service C:\WINDOWS\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RasAuto
Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RasMan
Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe
Service C:\WINDOWS\system32\DRIVERS\raspti.sys (PTI DirectParallel® mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Raspti
Service C:\WINDOWS\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] Rdbss
Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD
Service RDPDD
Service C:\WINDOWS\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [MANUAL] rdpdr
Service RDPNP
Service (RDP Terminal Stack Driver (US/Canada Only, Not for Export)/Microsoft Corporation) [MANUAL] RDPWD
Service C:\WINDOWS\system32\sessmgr.exe (Microsoft® Remote Desktop Help Session Manager/Microsoft Corporation) [DISABLED] RDSessMgr
Service C:\WINDOWS\system32\DRIVERS\redbook.sys (Redbook Audio Filter Driver/Microsoft Corporation) [SYSTEM] redbook
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteRegistry
Service C:\WINDOWS\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RpcSs
Service C:\WINDOWS\system32\rsvp.exe (Microsoft RSVP/Microsoft Corporation) [DISABLED] RSVP
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [DISABLED] SamSs
Service C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SASDIFSV.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) [SYSTEM] SASDIFSV
Service C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) [SYSTEM] SASKUTIL
Service C:\WINDOWS\System32\SCardSvr.exe (Smart Card Resource Management Server/Microsoft Corporation) [DISABLED] SCardSvr
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Schedule
Service C:\WINDOWS\system32\drivers\scsiport.sys (SCSI Port Driver/Microsoft Corporation) ScsiPort
Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [MANUAL] Secdrv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] seclogon
Service system32\drivers\Senfilt.sys [MANUAL] SenFiltService
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] SENS
Service C:\WINDOWS\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] serenum
Service C:\WINDOWS\system32\DRIVERS\serial.sys (Serial Device Driver/Microsoft Corporation) [SYSTEM] Serial
Service ServiceModelEndpoint 3.0.0.0
Service ServiceModelEndpoint 4.0.0.0
Service ServiceModelOperation 3.0.0.0
Service ServiceModelOperation 4.0.0.0
Service ServiceModelService 3.0.0.0
Service ServiceModelService 4.0.0.0
Service (SCSI Floppy Driver/Microsoft Corporation) [SYSTEM] Sfloppy
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] SharedAccess
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] ShellHWDetection
Service [DISABLED] Simbad
Service C:\WINDOWS\system32\DRIVERS\sisagp.sys (SiS NT AGP Filter/Silicon Integrated Systems Corporation) [DISABLED] sisagp
Service C:\WINDOWS\system32\DRIVERS\SLIP.sys (Microsoft Slip Deframing Filter Minidriver/Microsoft Corporation) [MANUAL] SLIP
Service C:\Program Files\SMI2\smi2.sys (SMI BIOS driver/IBM Corp.) [AUTO] smi2
Service SMSvcHost 3.0.0.0
Service SMSvcHost 4.0.0.0
Service C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec AIC-6x60 series SCSI miniport/Adaptec, Inc.) [DISABLED] Sparrow
Service C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Kernel Audio Splitter/Microsoft Corporation) [MANUAL] splitter
Service C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\WINDOWS\system32\DRIVERS\sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation) [BOOT] sr
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] srservice
Service C:\WINDOWS\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] Srv
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] SSDPSRV
Service [MANUAL] StarOpen
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] stisvc
Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip
Service C:\WINDOWS\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft GS Wavetable Synthesizer/Microsoft Corporation) [MANUAL] swmidi
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [DISABLED] SwPrv
Service swwd
Service C:\WINDOWS\system32\DRIVERS\sym_hi.sys (Symbios Hi-Perf SCSI Miniport Driver/LSI Logic) [DISABLED] sym_hi
Service C:\WINDOWS\system32\DRIVERS\sym_u3.sys (Symbios Ultra3 SCSI Miniport Driver/LSI Logic) [DISABLED] sym_u3
Service C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc. SCSI Miniport Driver/Symbios Logic Inc.) [DISABLED] symc810
Service C:\WINDOWS\system32\DRIVERS\symc8xx.sys (Symbios 8XX SCSI Miniport Driver/LSI Logic) [DISABLED] symc8xx
Service C:\WINDOWS\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation) [MANUAL] sysaudio
Service C:\WINDOWS\system32\smlogsvc.exe (Performance Logs and Alerts Service/Microsoft Corporation) [DISABLED] SysmonLog
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] TapiSrv
Service C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) [SYSTEM] Tcpip
Service (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\WINDOWS\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] TermService
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Themes
Service C:\WINDOWS\system32\tlntsvr.exe (Telnet/Microsoft Corporation) [MANUAL] TlntSvr
Service C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (Windows Service for TomTom HOME/TomTom) [DISABLED] TomTomHOMEService
Service C:\WINDOWS\system32\DRIVERS\toside.sys (Toshiba PCI IDE Controller/Microsoft Corporation) [DISABLED] TosIde
Service C:\WINDOWS\system32\DRIVERS\tpm.sys (TPM Device Driver/Winbond Electronics Corp.) [MANUAL] TPM
Service C:\WINDOWS\system32\DRIVERS\nsctpm12.sys (TPM 1.2 Device Driver/National Semiconductor Corp.) [MANUAL] TPM12
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] TrkWks
Service TSDDD
Service C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe (ibmtcsd Application/IBM) [DISABLED] TSSCoreService
Service C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe [DISABLED] TVT Backup Service
Service C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe [DISABLED] TVT Scheduler
Service C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe [DISABLED] UCLauncherService
Service (UDF File System Driver/Microsoft Corporation) [DISABLED] Udfs
Service C:\Program Files\VMware\VMware Player\vmware-ufad.exe (VMware Host Process for Ufa Services/VMware, Inc.) [DISABLED] ufad-ws60
Service UGatherer
Service UGTHRSVC
Service C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Ultra66 Miniport Driver/Promise Technology, Inc.) [DISABLED] ultra
Service C:\WINDOWS\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) [MANUAL] Update
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] upnphost
Service C:\WINDOWS\System32\ups.exe (UPS Service/Microsoft Corporation) [MANUAL] UPS
Service usb
Service C:\WINDOWS\system32\drivers\usbaudio.sys (USB Audio Class Driver/Microsoft Corporation) [MANUAL] usbaudio
Service C:\WINDOWS\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [MANUAL] usbccgp
Service C:\WINDOWS\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci
Service C:\WINDOWS\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub
Service C:\WINDOWS\system32\DRIVERS\usbprint.sys (USB Printer driver/Microsoft Corporation) [MANUAL] usbprint
Service C:\WINDOWS\system32\DRIVERS\usbscan.sys (USB Scanner Driver/Microsoft Corporation) [MANUAL] usbscan
Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR
Service C:\WINDOWS\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbuhci
Service C:\WINDOWS\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave
Service C:\WINDOWS\system32\DRIVERS\viaagp.sys (VIA NT AGP Filter/Microsoft Corporation) [DISABLED] viaagp
Service C:\WINDOWS\system32\DRIVERS\viaide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [DISABLED] ViaIde
Service C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware Authorization Service/VMware, Inc.) [DISABLED] VMAuthdService
Service C:\WINDOWS\system32\Drivers\vmci.sys (VMware kernel driver/VMware, Inc.) [AUTO] vmci
Service C:\WINDOWS\system32\drivers\VMkbd.sys (VMware keyboard filter driver (32-bit)/VMware, Inc.) [MANUAL] vmkbd
Service C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys (VMware virtual network adapter driver (32-bit)/VMware, Inc.) [MANUAL] VMnetAdapter
Service C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys (VMware bridge driver (32-bit)/VMware, Inc.) [AUTO] VMnetBridge
Service C:\WINDOWS\system32\vmnetdhcp.exe (VMware VMnet DHCP service/VMware, Inc.) [DISABLED] VMnetDHCP
Service C:\WINDOWS\system32\drivers\vmnetuserif.sys (VMware network application interface driver (32-bit)/VMware, Inc.) [AUTO] VMnetuserif
Service C:\WINDOWS\system32\Drivers\VMparport.sys (VMware parallel port driver/VMware, Inc.) [AUTO] VMparport
Service C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware USB Arbitration Service/VMware, Inc.) [DISABLED] VMUSBArbService
Service VMware
Service C:\WINDOWS\system32\vmnat.exe (VMware NAT Service/VMware, Inc.) [DISABLED] VMware NAT Service
Service C:\WINDOWS\system32\Drivers\vmx86.sys (VMware kernel driver/VMware, Inc.) [AUTO] vmx86
Service (Volume Shadow Copy Driver/Microsoft Corporation) [BOOT] VolSnap
Service C:\WINDOWS\System32\vssvc.exe (Microsoft® Volume Shadow Copy Service/Microsoft Corporation) [MANUAL] VSS
Service C:\Program Files\VMware\VMware Player\vstor2-ws60.sys (VMware Virtual Storage Volume Driver/VMware, Inc.) [AUTO] vstor2-ws60
Service vxd
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] W32Time
Service W3SVC
Service C:\WINDOWS\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp
Service C:\WINDOWS\system32\DRIVERS\wceusbsh.sys (Windows CE USB Serial Host/Microsoft Corporation) [SYSTEM] wceusbsh
Service [MANUAL] WDICA
Service C:\WINDOWS\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation) [MANUAL] wdmaud
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] WebClient
Service WebPost
Service C:\Program Files\Windows Defender\MsMpEng.exe (Service Executable/Microsoft Corporation) [DISABLED] WinDefend
Service Windows Workflow Foundation 3.0.0.0
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] winmgmt
Service [MANUAL] Winsock
Service WinSock2
Service WinTrust
Service C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft® Windows Live ID Service/Microsoft Corporation) [DISABLED] wlidsvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WmdmPmSN
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Wmi
Service WmiApRpl
Service C:\WINDOWS\system32\wbem\wmiapsrv.exe (WMI Performance Adapter Service/Microsoft Corporation) [DISABLED] WmiApSrv
Service C:\Program Files\Windows Media Player\WMPNetwk.exe (Windows Media Player Network Sharing Service/Microsoft Corporation) [DISABLED] WMPNetworkSvc
Service C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (wpffontcache_v0400.exe/Microsoft Corporation) [DISABLED] WPFFontCache_v0400
Service C:\WINDOWS\System32\drivers\ws2ifsl.sys (Winsock2 IFS Layer/Microsoft Corporation) [SYSTEM] WS2IFSL
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wscsvc
Service C:\WINDOWS\system32\SearchIndexer.exe (Microsoft Windows Search Indexer/Microsoft Corporation) [DISABLED] WSearch
Service WSearchIdxPi
Service C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS (WDM WST Codec Driver/Microsoft Corporation) [MANUAL] WSTCODEC
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wuauserv
Service C:\WINDOWS\system32\DRIVERS\WudfPf.sys (Windows Driver Foundation - User-mode Driver Framework Platform Driver/Microsoft Corporation) [MANUAL] WudfPf
Service C:\WINDOWS\system32\DRIVERS\wudfrd.sys (Windows Driver Foundation - User-mode Driver Framework Reflector/Microsoft Corporation) [MANUAL] WudfRd
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] WudfSvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] WZCSVC
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] xmlprov
Service {901B6FE8-607C-44C9-8F78-81D721285CBB}
Service {A6FF55FD-4F16-4D4D-9EA3-6D92E2DD3FF2}
Service {D24A6BA1-904E-44EF-8DB0-0F7B581C7E26}
Service {F0EB35E8-EE91-4F3C-BDD5-B08705047636}

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@LoadAppInit_DLLs 1
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

---- EOF - GMER 1.0.15 ----
May thou virus bow at thy mercy when you come to me...

#7 Spartacus1

Spartacus1
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 29 September 2011 - 04:25 PM

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 29/09/2011 at 16:51:34.
Operating System: Microsoft Windows XP


Processes terminated by Rkill or while it was running:

C:\WINDOWS\system32\userinit.exe


Rkill completed on 29/09/2011 at 16:51:39.
May thou virus bow at thy mercy when you come to me...

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:31 PM

Posted 29 September 2011 - 07:36 PM

You may have a userinit infection that we cannot see and do not treat here in AII.
Please do Post 2
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users