GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2011-12-29 22:49:52 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FB4O Running: r5n85kb4.exe; Driver: C:\Users\MIKOAJ~1\AppData\Local\Temp\uwliifog.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x93639DAA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x9363BFE8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x9363C262] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x9363C4D8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x9363A6BE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x9363B4F2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x9363BA3C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateFile [0x9363A99A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x9363B922] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x93639998] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x9363B7F6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x93639B40] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x9363BB5C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x9363A344] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x9363B88C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x9363D24A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0x9363AE1C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x9363E458] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x9363AC2A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x9363D33C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x9363DAA4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x9363BAD2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenFile [0x9363A740] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x9363B9B2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x93639FE8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x9363D83E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x9363BBF2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x93639ED8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x9363C7DC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x9363DDDE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x9363D6D0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplaceKey [0x93638652] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x9363BF56] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x9363BE1C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x9363CFE4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRestoreKey [0x936389CA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x9363E2FA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSaveKey [0x936385EA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x9363B238] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x9363A560] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x9363C87E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSecurityObject [0x9363D4DA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x9363DF2E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x9363E020] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x9363E15A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x9363D16E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x9363A18E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x9363A0E4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x9363DC82] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x9363A27A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x9363A442] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateUserProcess [0x9363C722] INT 0x62 ? 89BFDD68 INT 0x72 ? 89BFDD68 INT 0x81 ? 9162C050 INT 0x91 ? 9162C2D0 INT 0x92 ? 89BFDD68 INT 0xA2 ? 89BFDD68 INT 0xA2 ? 89BFDD68 INT 0xB2 ? 879ACCB8 INT 0xB2 ? 89BFDD68 INT 0xB2 ? 89BFDD68 INT 0xB2 ? 89BFDD68 INT 0xB2 ? 879ACCB8 ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 119 84AF089C 4 Bytes [AA, 9D, 63, 93] .text ntkrnlpa.exe!KeSetEvent + 13D 84AF08C0 8 Bytes CALL E7426C84 .text ntkrnlpa.exe!KeSetEvent + 181 84AF0904 4 Bytes [D8, C4, 63, 93] .text ntkrnlpa.exe!KeSetEvent + 1A9 84AF092C 4 Bytes [BE, A6, 63, 93] .text ntkrnlpa.exe!KeSetEvent + 1C1 84AF0944 4 Bytes [F2, B4, 63, 93] .text ... .text sptd.sys 80692000 32 Bytes [C0, 4E, A1, 84, 06, E1, A1, ...] .text sptd.sys 80692024 104 Bytes [EA, 23, A8, 84, 41, 1B, B3, ...] .text sptd.sys 8069208D 103 Bytes [D1, A8, 84, 81, 1B, AF, 84, ...] .text sptd.sys 806920F5 23 Bytes [98, A8, 84, F0, 32, A6, 84, ...] .text sptd.sys 8069210D 191 Bytes [9A, A8, 84, 1C, 53, AF, 84, ...] .text ... .sptd2 C:\Windows\System32\Drivers\sptd.sys entry point in ".sptd2" section [0x8073E1AA] ? C:\Windows\System32\Drivers\sptd.sys Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. .text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x9020E340, 0x3FC377, 0xE8000020] .text USBPORT.SYS!DllUnload 90AF441B 5 Bytes JMP 89BFD278 ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4640] ntdll.dll!DbgUiRemoteBreakin 7776CD84 1 Byte [C3] ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [80693EEE] \SystemRoot\System32\Drivers\sptd.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [8069420E] \SystemRoot\System32\Drivers\sptd.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8069370C] \SystemRoot\System32\Drivers\sptd.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [806940CC] \SystemRoot\System32\Drivers\sptd.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [80693832] \SystemRoot\System32\Drivers\sptd.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [806938F0] \SystemRoot\System32\Drivers\sptd.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [806A7F56] \SystemRoot\System32\Drivers\sptd.sys ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\Windows Sidebar\sidebar.exe[1476] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01A42F20] C:\Windows\TEMP\logishrd\LVPrcInj03.dll (Camera Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Sidebar\sidebar.exe[1476] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose] [01A42CF0] C:\Windows\TEMP\logishrd\LVPrcInj03.dll (Camera Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Sidebar\sidebar.exe[1476] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01A42C90] C:\Windows\TEMP\logishrd\LVPrcInj03.dll (Camera Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Sidebar\sidebar.exe[1476] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01A42CC0] C:\Windows\TEMP\logishrd\LVPrcInj03.dll (Camera Helper Library./Logitech Inc.) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74157817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [741AA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7415BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7414F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [741575E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7414E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74188395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7415DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7414FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7414FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [741471CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [741DCAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7417C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7414D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74146853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7414687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3880] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74152AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Program Files\Windows Sidebar\sidebar.exe[5928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile] [004D2F20] C:\Windows\TEMP\logishrd\LVPrcInj03.dll (Camera Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Sidebar\sidebar.exe[5928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose] [004D2CF0] C:\Windows\TEMP\logishrd\LVPrcInj03.dll (Camera Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Sidebar\sidebar.exe[5928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [004D2C90] C:\Windows\TEMP\logishrd\LVPrcInj03.dll (Camera Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Sidebar\sidebar.exe[5928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [004D2CC0] C:\Windows\TEMP\logishrd\LVPrcInj03.dll (Camera Helper Library./Logitech Inc.) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 879B01E8 AttachedDevice \FileSystem\Ntfs \Ntfs tvtumon.sys (Windows Update Monitor Driver/Lenovo) AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Dynamiczna struktura WDF/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-0 89F101E8 Device \Driver\netbt \Device\NetBT_Tcpip_{B7C22D20-1B5F-4170-9284-F47D989CCE42} 93D50430 Device \Driver\usbuhci \Device\USBPDO-1 89F101E8 Device \Driver\usbuhci \Device\USBPDO-2 89F101E8 Device \Driver\usbehci \Device\USBPDO-3 89E561E8 Device \Driver\PCI_PNP5018 \Device\00000054 sptd.sys Device \Driver\PCI_PNP5018 \Device\00000054 sptd.sys Device \Driver\usbuhci \Device\USBPDO-4 89F101E8 AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) Device \Driver\usbuhci \Device\USBPDO-5 89F101E8 Device \Driver\usbuhci \Device\USBPDO-6 89F101E8 Device \Driver\usbehci \Device\USBPDO-7 89E561E8 Device \Driver\cdrom \Device\CdRom0 89E611E8 Device \Driver\iaStor \Device\Ide\iaStor0 [858C1720] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [858C1720] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\iaStor \Device\Ide\IAAStorageDevice-1 [858C1720] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\cdrom \Device\CdRom1 89E611E8 Device \Driver\netbt \Device\NetBT_Tcpip_{47ADD6D6-E0D7-426F-A582-A8B7F9380EC8} 93D50430 Device \Driver\netbt \Device\NetBt_Wins_Export 93D50430 Device \Driver\Smb \Device\NetbiosSmb 93425430 Device \Driver\iScsiPrt \Device\RaidPort0 8A0431E8 AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) Device \Driver\usbuhci \Device\USBFDO-0 89F101E8 Device \Driver\usbuhci \Device\USBFDO-1 89F101E8 Device \Driver\usbuhci \Device\USBFDO-2 89F101E8 Device \Driver\usbehci \Device\USBFDO-3 89E561E8 Device \Driver\usbuhci \Device\USBFDO-4 89F101E8 Device \Driver\usbuhci \Device\USBFDO-5 89F101E8 Device \Driver\usbuhci \Device\USBFDO-6 89F101E8 Device \Driver\usbehci \Device\USBFDO-7 89E561E8 Device \Driver\auvxj0ee \Device\Scsi\auvxj0ee1Port2Path0Target0Lun0 89F9F1E8 Device \Driver\auvxj0ee \Device\Scsi\auvxj0ee1 89F9F1E8 Device \FileSystem\cdfs \Cdfs 84326430 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002556f22694 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x69 0x2E 0xD8 0x43 ... Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet005\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet006\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet007\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet008\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet009\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet010\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet011\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet012\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet013\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet014\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet015\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet015\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet015\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet015\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet015\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet015\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet015\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet015\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet015\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet015\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet016\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet017\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet018\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet019\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFF 0x98 0xFA 0x2D ... Reg HKLM\SYSTEM\ControlSet020\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x69 0x2E 0xD8 0x43 ... Reg HKLM\SYSTEM\ControlSet021\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x69 0x2E 0xD8 0x43 ... Reg HKLM\SYSTEM\ControlSet022\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x69 0x2E 0xD8 0x43 ... Reg HKLM\SYSTEM\ControlSet023\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x69 0x2E 0xD8 0x43 ... Reg HKLM\SYSTEM\ControlSet024\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x69 0x2E 0xD8 0x43 ... Reg HKLM\SYSTEM\ControlSet025\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x69 0x2E 0xD8 0x43 ... Reg HKLM\SYSTEM\ControlSet026\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x69 0x2E 0xD8 0x43 ... Reg HKLM\SYSTEM\ControlSet027\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x69 0x2E 0xD8 0x43 ... Reg HKLM\SYSTEM\ControlSet028\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x69 0x2E 0xD8 0x43 ... Reg HKLM\SYSTEM\ControlSet029\Services\BTHPORT\Parameters\Keys\002556f22694 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0x60 0x0D 0x71 ... Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA9 0x1A 0xB1 0x38 ... Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x69 0x2E 0xD8 0x43 ... ---- Files - GMER 1.0.15 ---- File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.ci 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.dir 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wid 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.ci 77824 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.dir 4096 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.ci 65536 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.dir 4096 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.ci 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.dir 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.ci 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.dir 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.ci 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.dir 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.ci 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.dir 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.ci 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.dir 4096 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.ci 77824 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.dir 4096 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.wid 65536 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.ci 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.dir 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.ci 28672 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.dir 4096 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.ci 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.dir 4096 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.wid 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.ci 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.dir 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.wid 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0061D.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0061F.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00620.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00621.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00622.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00623.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00624.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00625.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00626.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00627.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00628.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00629.log 0 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0062A.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0062B.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0062C.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0062D.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0062E.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0062F.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00631.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00632.log 131072 bytes File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00633.log 131072 bytes ---- EOF - GMER 1.0.15 ----