GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-08-18 13:50:14 Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST980811AS rev.3.ALC Running: qoumbrpq.exe; Driver: C:\DOCUME~1\WACICI~1\USTAWI~1\Temp\afayqpob.sys ---- System - GMER 1.0.15 ---- SSDT spbm.sys ZwCreateKey [0xF74BA0E0] SSDT spbm.sys ZwEnumerateKey [0xF74D7CA2] SSDT spbm.sys ZwEnumerateValueKey [0xF74D8030] SSDT spbm.sys ZwOpenKey [0xF74BA0C0] SSDT spbm.sys ZwQueryKey [0xF74D8108] SSDT spbm.sys ZwQueryValueKey [0xF74D7F88] SSDT spbm.sys ZwSetValueKey [0xF74D819A] INT 0x62 ? 863DABF8 INT 0x82 ? 863DABF8 INT 0xA4 ? 86288F00 INT 0xB4 ? 86288F00 ---- Kernel code sections - GMER 1.0.15 ---- ? spbm.sys Nie można odnaleźć określonego pliku. ! .text USBPORT.SYS!DllUnload F720F62C 5 Bytes JMP 862884E0 .text altz7o33.SYS F7192384 1 Byte [20] .text altz7o33.SYS F7192384 37 Bytes [20, 00, 00, 68, 00, 00, 00, ...] .text altz7o33.SYS F71923AA 24 Bytes [00, 00, 20, 00, 00, E0, 00, ...] .text altz7o33.SYS F71923C4 3 Bytes [00, 00, 00] .text altz7o33.SYS F71923C9 1 Byte [00] .text ... ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Mozilla Firefox\plugin-container.exe[256] USER32.dll!SetPropW + 11B 77D3DECE 7 Bytes JMP 1067C453 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[256] USER32.dll!SetWindowLongA + 19 77D3DEEC 7 Bytes JMP 1067C3E2 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[256] USER32.dll!GetWindowInfo 77D3F122 5 Bytes JMP 1043BACC C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[256] USER32.dll!GetMenuContextHelpId + 1A 77D84F11 7 Bytes JMP 1043C0F9 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[1864] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 0116B52A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[1864] kernel32.dll!lstrlenW + 43 7C809A7C 7 Bytes JMP 0141B6F5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[1864] kernel32.dll!MapViewOfFileEx + 6A 7C80B788 7 Bytes JMP 0141B6D2 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[1864] GDI32.dll!SetWindowOrgEx + 15E 77F1960B 7 Bytes JMP 0141B653 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \windows\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 863DC5E0 IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F74EA93C] spbm.sys IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F74EA990] spbm.sys IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F74BB040] spbm.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F74BB13C] spbm.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74BB0BE] spbm.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F74BB7FC] spbm.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74BB6D2] spbm.sys IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 862885E0 IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F74CAD92] spbm.sys IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!RtlInitUnicodeString] 9252D2DB IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!swprintf] [804FC5C0] \windows\system32\ntoskrnl.exe (Jądro i system NT/Microsoft Corporation) IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeSetEvent] 8E44C8C9 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoCreateSymbolicLink] A475EBF6 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoGetConfigurationInformation] AA7EE6FF IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] B863F1E4 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmFreeMappingAddress] B668FCED IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 0CB1670A IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 02BA6A03 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmUnmapIoSpace] 10A77D18 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 1EAC7011 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IofCompleteRequest] 349D532E IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!RtlCompareUnicodeString] 3A965E27 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IofCallDriver] 288B493C IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmAllocateMappingAddress] 26804435 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] 7CE90F42 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoConnectInterrupt] 72E2024B IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoDetachDevice] 60FF1550 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeWaitForSingleObject] 6EF41859 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeInitializeEvent] 44C53B66 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] 4ACE366F IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!RtlInitAnsiString] 58D32174 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] 56D82C7D IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoQueueWorkItem] 377A0CA1 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmMapIoSpace] 397101A8 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 2B6C16B3 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoReportDetectedDevice] 25671BBA IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoReportResourceForDetection] 0F563885 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 015D358C IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!NlsMbCodePageTag] 13402297 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!PoRequestPowerIrp] 1D4B2F9E IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 472264E9 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] 492969E0 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!sprintf] 5B347EFB IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] 553F73F2 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!ObfDereferenceObject] 7F0E50CD IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 71055DC4 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 63184ADF IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!ZwClose] 6D1347D6 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] D7CADC31 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] D9C1D138 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] CBDCC623 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!PoStartNextPowerIrp] C5D7CB2A IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!PoCallDriver] EFE6E815 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoCreateDevice] E1EDE51C IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] F3F0F207 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!RtlQueryRegistryValues] FDFBFF0E IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!ZwOpenKey] A792B479 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!RtlFreeUnicodeString] A999B970 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoStartTimer] BB84AE6B IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeInitializeTimer] B58FA362 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoInitializeTimer] 9FBE805D IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeInitializeDpc] 91B58D54 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeInitializeSpinLock] 83A89A4F IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoInitializeIrp] 8DA39746 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!ZwCreateKey] 00000063 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 0000007C IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 00000077 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!ZwSetValueKey] 0000007B IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeInsertQueueDpc] 000000F2 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 0000006B IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoStartPacket] 0000006F IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 000000C5 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 00000030 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoFreeMdl] 00000001 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmUnlockPages] 00000067 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 0000002B IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 000000FE IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 000000D7 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 000000AB IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeSynchronizeExecution] 00000076 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoStartNextPacket] 000000CA IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeBugCheckEx] 00000082 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 000000C9 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeSetTimer] 0000007D IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeCancelTimer] 000000FA IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!_allmul] 00000059 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmProbeAndLockPages] 00000047 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!_except_handler3] 000000F0 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!PoSetPowerState] 000000AD IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] 000000D4 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!RtlWriteRegistryValue] 000000A2 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!_aulldiv] 000000AF IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!strstr] 0000009C IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!_strupr] 000000A4 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeQuerySystemTime] 00000072 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 000000C0 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!KeTickCount] 000000B7 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 000000FD IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoDeleteDevice] 00000093 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 00000026 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoAllocateWorkItem] 00000036 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoAllocateIrp] 0000003F IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoAllocateMdl] 000000F7 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 000000CC IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmLockPagableDataSection] 00000034 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 000000A5 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 000000E5 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!ExFreePoolWithTag] 000000F1 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoFreeIrp] 00000071 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!IoFreeWorkItem] 000000D8 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!InitSafeBootMode] 00000031 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!RtlCompareMemory] 00000015 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!RtlCopyUnicodeString] 00000004 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!memmove] 000000C7 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[ntoskrnl.exe!MmHighestUserAddress] 00000023 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!KfAcquireSpinLock] 0A64D90F IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!READ_PORT_UCHAR] 046FD406 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!KeGetCurrentIrql] 1672C31D IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!KfRaiseIrql] 1879CE14 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!KfLowerIrql] 3248ED2B IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!HalGetInterruptVector] 3C43E022 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!HalTranslateBusAddress] 2E5EF739 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!KeStallExecutionProcessor] 2055FA30 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!KfReleaseSpinLock] EC01B79A IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] E20ABA93 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!READ_PORT_USHORT] F017AD88 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] FE1CA081 IAT \SystemRoot\System32\Drivers\altz7o33.SYS[HAL.dll!WRITE_PORT_UCHAR] D42D83BE IAT \SystemRoot\System32\Drivers\altz7o33.SYS[WMILIB.SYS!WmiSystemControl] C83B99AC IAT \SystemRoot\System32\Drivers\altz7o33.SYS[WMILIB.SYS!WmiCompleteRequest] C63094A5 ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 863D91F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{E73EFE9C-2356-444B-B749-CDB4B0C25A2E} 85BBE1F8 Device \Driver\sptd \Device\605699026 spbm.sys Device \Driver\PCI_PNP7776 \Device\00000043 spbm.sys Device \Driver\usbuhci \Device\USBPDO-0 862E2500 Device \Driver\usbuhci \Device\USBPDO-1 862E2500 Device \Driver\usbuhci \Device\USBPDO-2 862E2500 Device \Driver\usbuhci \Device\USBPDO-3 862E2500 Device \Driver\usbehci \Device\USBPDO-4 8626F1F8 Device \Driver\Ftdisk \Device\HarddiskVolume1 8636F1F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 8636F1F8 Device \Driver\Cdrom \Device\CdRom0 85C50500 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 863DA1F8 Device \Driver\atapi \Device\Ide\IdePort0 863DA1F8 Device \Driver\atapi \Device\Ide\IdePort1 863DA1F8 Device \Driver\NetBT \Device\NetBt_Wins_Export 85BBE1F8 Device \Driver\NetBT \Device\NetbiosSmb 85BBE1F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{3C25370C-9602-41D1-BC5C-8C89E3C9D0A7} 85BBE1F8 Device \Driver\usbuhci \Device\USBFDO-0 862E2500 Device \Driver\usbuhci \Device\USBFDO-1 862E2500 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 85BB51F8 Device \Driver\usbuhci \Device\USBFDO-2 862E2500 Device \FileSystem\MRxSmb \Device\LanmanRedirector 85BB51F8 Device \Driver\usbuhci \Device\USBFDO-3 862E2500 Device \Driver\usbehci \Device\USBFDO-4 8626F1F8 Device \Driver\Ftdisk \Device\FtControl 8636F1F8 Device \Driver\altz7o33 \Device\Scsi\altz7o331 8626B1F8 Device \Driver\altz7o33 \Device\Scsi\altz7o331Port2Path0Target0Lun0 8626B1F8 Device \FileSystem\Cdfs \Cdfs 85B931F8 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA5 0x12 0x6D 0x64 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x93 0xBC 0x17 0xD3 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xB1 0x95 0x20 0xAE ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA5 0x12 0x6D 0x64 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x93 0xBC 0x17 0xD3 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xB1 0x95 0x20 0xAE ... ---- EOF - GMER 1.0.15 ----