GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2011-11-15 00:57:06 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.12.0 Running: e7nxk7mc.exe; Driver: C:\Users\PAVILI~1\AppData\Local\Temp\awtcapoc.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x96A32DAA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x96A34FE8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x96A35262] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x96A354D8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x96A336BE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x96A344F2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x96A34A3C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateFile [0x96A3399A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x96A34922] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x96A32998] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x96A347F6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x96A32B40] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x96A34B5C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x96A33344] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x96A3488C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x96A3624A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0x96A33E1C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x96A37458] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x96A33C2A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x96A3633C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x96A36AA4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x96A34AD2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenFile [0x96A33740] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x96A349B2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x96A32FE8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x96A3683E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x96A34BF2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x96A32ED8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x96A357DC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x96A36DDE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x96A366D0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplaceKey [0x96A31652] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x96A34F56] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x96A34E1C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x96A35FE4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRestoreKey [0x96A319CA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x96A372FA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSaveKey [0x96A315EA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x96A34238] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x96A33560] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x96A3587E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSecurityObject [0x96A364DA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x96A36F2E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x96A37020] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x96A3715A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x96A3616E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x96A3318E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x96A330E4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x96A36C82] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x96A3327A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x96A33442] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateUserProcess [0x96A35722] ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 119 852DF89C 4 Bytes [AA, 2D, A3, 96] .text ntkrnlpa.exe!KeSetEvent + 13D 852DF8C0 8 Bytes CALL E7C49C14 .text ntkrnlpa.exe!KeSetEvent + 181 852DF904 4 Bytes [D8, 54, A3, 96] {FCOM DWORD [EBX-0x6a]} .text ntkrnlpa.exe!KeSetEvent + 1A9 852DF92C 4 Bytes [BE, 36, A3, 96] .text ntkrnlpa.exe!KeSetEvent + 1C1 852DF944 4 Bytes [F2, 44, A3, 96] .text ... C:\Program Files\HP\QuickPlay\000.fcl entry point in "" section [0x84B80000] .clc C:\Program Files\HP\QuickPlay\000.fcl unknown last section [0x84B81000, 0x1000, 0x00000000] ---- Devices - GMER 1.0.15 ---- Device \Driver\BTHUSB \Device\000000cf bthport.sys (Sterownik magistrali Bluetooth/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 NBVol.sys (Nero Backup Volume Filter Driver for the Disk Stack/Nero AG) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 NBVol.sys (Nero Backup Volume Filter Driver for the Disk Stack/Nero AG) Device \Driver\BTHUSB \Device\000000d1 bthport.sys (Sterownik magistrali Bluetooth/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186bc9e5b Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet007\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet008\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet009\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet011\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet012\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet013\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet014\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet015\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet016\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet017\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet018\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet018\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet018\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet019\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet019\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet019\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet020\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet020\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet020\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet021\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet021\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet021\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet022\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet022\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet022\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet023\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet023\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet023\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet024\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet024\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet024\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet025\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet025\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet025\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet026\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet026\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet026\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet027\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet027\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet027\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet028\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet028\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet028\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet029\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet029\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet029\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet030\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet030\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet030\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet031\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet031\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet031\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet032\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet032\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet032\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet033\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet033\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet033\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet034\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet034\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet034\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet035\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet035\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet035\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet036\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet036\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet036\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet037\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet037\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet037\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet038\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet038\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet038\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet039\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet039\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet039\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet040\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet040\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet040\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... Reg HKLM\SYSTEM\ControlSet041\Services\BTHPORT\Parameters\Keys\002186bc9e5b (not active ControlSet) Reg HKLM\SYSTEM\ControlSet041\Services\BTHPORT\Parameters\Keys\002186bc9e5b@0022fd390d2f 0x08 0x09 0x4D 0x4B ... Reg HKLM\SYSTEM\ControlSet041\Services\BTHPORT\Parameters\Keys\002186bc9e5b@f49f54c54dbc 0x74 0x19 0x1D 0x4C ... ---- EOF - GMER 1.0.15 ----