GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-07-05 22:37:22 Windows 5.1.2600 Dodatek Service Pack 2 Running: vef79mnr.exe; Driver: C:\DOCUME~1\JA\USTAWI~1\Temp\fgtdrpoc.sys ---- System - GMER 1.0.15 ---- SSDT spkb.sys ZwCreateKey [0xF76880E0] SSDT spkb.sys ZwEnumerateKey [0xF76A0DA4] SSDT spkb.sys ZwEnumerateValueKey [0xF76A1132] SSDT spkb.sys ZwOpenKey [0xF76880C0] SSDT spkb.sys ZwQueryKey [0xF76A120A] SSDT spkb.sys ZwQueryValueKey [0xF76A108A] SSDT spkb.sys ZwSetValueKey [0xF76A129C] INT 0x62 ? 82FDDBF8 INT 0x82 ? 82FDDBF8 INT 0xB1 ? 82F72BF8 INT 0xB1 ? 82F72BF8 INT 0xB4 ? 82DB9BF8 INT 0xB4 ? 82DB9BF8 INT 0xB4 ? 82DB9BF8 INT 0xB4 ? 82DB9BF8 INT 0xB4 ? 82DB9BF8 ---- Kernel code sections - GMER 1.0.15 ---- .text ntoskrnl.exe!_abnormal_termination + 168 804E27D4 1 Byte [A4] ? spkb.sys Nie można odnaleźć określonego pliku. ! .text USBPORT.SYS!DllUnload F71E362C 5 Bytes JMP 82DB91D8 .text a1k29ohl.SYS F713D386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...] .text a1k29ohl.SYS F713D3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...] .text a1k29ohl.SYS F713D3C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH} .text a1k29ohl.SYS F713D3C9 1 Byte [2E] .text a1k29ohl.SYS F713D3C9 11 Bytes [2E, 00, 00, 00, 5A, 02, 00, ...] .text ... .text aawgp87x.SYS F6D9F386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...] .text aawgp87x.SYS F6D9F3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...] .text aawgp87x.SYS F6D9F3C4 3 Bytes [00, 80, 02] .text aawgp87x.SYS F6D9F3C9 1 Byte [30] .text aawgp87x.SYS F6D9F3C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL} .text ... ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\Explorer.EXE[1260] SHELL32.dll!SHFileOperationW 7CA6FDEE 5 Bytes JMP 02571102 C:\Program Files\Unlocker\UnlockerHook.dll ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 82F722D8 IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F76B3DDC] spkb.sys IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F76B3E30] spkb.sys IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7689042] spkb.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F768913E] spkb.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F76890C0] spkb.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F7689800] spkb.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F76896D6] spkb.sys IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 82DB92D8 IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7698B90] spkb.sys IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!RtlInitUnicodeString] 001CBB86 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!swprintf] 4F8B0200 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeSetEvent] 968D5140 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 00001C90 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 2296E852 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] 478B0000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmFreeMappingAddress] 50016A40 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 1CAC8E8D IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoDisconnectInterrupt] E8510000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmUnmapIoSpace] 00002284 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 6A18538B IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IofCompleteRequest] 868D5200 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!RtlCompareUnicodeString] 00001C98 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IofCallDriver] 2272E850 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmAllocateMappingAddress] 4B8B0000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] 51016A18 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoConnectInterrupt] 1CB4968D IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoDetachDevice] E8520000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeWaitForSingleObject] 00002260 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeInitializeEvent] 8A05478A IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] 001CBB8E IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!RtlInitAnsiString] 30C48300 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] 1CBD8688 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoQueueWorkItem] 80E90000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmMapIoSpace] C6000000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 001CBB86 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoReportDetectedDevice] 438B0100 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoReportResourceForDetection] 8E8D5018 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 00001C90 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!NlsMbCodePageTag] 2232E851 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!PoRequestPowerIrp] 538B0000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 52016A18 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] 1CAC868D IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!sprintf] E8500000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] 00002220 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!ObfDereferenceObject] 8A05478A IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 001CBB8E IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 18C48300 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!ZwClose] 1CBD8688 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] 43EB0000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] 320C538A IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] 88F93BC0 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!PoStartNextPowerIrp] 001CBB96 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!PoCallDriver] F6317300 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoCreateDevice] 74070647 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 75C0841A IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 05578A0B IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!ZwOpenKey] 968801B0 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!RtlFreeUnicodeString] 00001CBD IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoStartTimer] 57B60F66 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeInitializeTimer] 533B6604 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoInitializeTimer] 03087408 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeInitializeDpc] 72F93B3F IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeInitializeSpinLock] 8A09EBDA IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoInitializeIrp] 86880547 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!ZwCreateKey] 00001CBD IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 88084B8A IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 001CBE8E IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!ZwSetValueKey] 40578B00 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeInsertQueueDpc] 8D52006A IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 001CC086 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoStartPacket] B1E85000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 8B000021 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 001CB88E IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoFreeMdl] BC968B00 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmUnlockPages] 8900001C IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 001CC48E IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] C8968900 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 8B00001C IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 016A4047 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeSynchronizeExecution] CCC68150 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoStartNextPacket] 5600001C IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeBugCheckEx] 002187E8 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 18C48300 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeSetTimer] 5D5B5E5F IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeCancelTimer] CCCCCCC3 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!_allmul] CCCCCCCC IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmProbeAndLockPages] CCCCCCCC IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!_except_handler3] CCCCCCCC IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!PoSetPowerState] 8BEC8B55 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] 00C73445 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!RtlWriteRegistryValue] 00000000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!_aulldiv] 830C458B IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!strstr] C0840CEC IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!_strupr] 053C0D74 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeQuerySystemTime] 57B80974 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 8B000000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!KeTickCount] 56C35DE5 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 8D08758B IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoDeleteDevice] 8D51FC4D IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 8D52FD55 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoAllocateWorkItem] 8D51FE4D IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoAllocateIrp] 8D52FF55 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoAllocateMdl] 8D51F84D IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 5052F455 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmLockPagableDataSection] EABAE856 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] C483FFFF IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 0FC08520 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!ExFreePoolWithTag] 0001B185 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoFreeIrp] 46B70F00 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!IoFreeWorkItem] F44D8B48 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!InitSafeBootMode] C1815753 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!RtlCompareMemory] 00002590 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!RtlCopyUnicodeString] 467C8D51 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!memmove] 76F0E84A IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[ntoskrnl.exe!MmHighestUserAddress] D88BFFFF IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!KfAcquireSpinLock] BA86880C IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!READ_PORT_UCHAR] 8B00001C IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!KeGetCurrentIrql] 24A48DFA IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!KfRaiseIrql] 00000000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!KfLowerIrql] 4B8BDF8B IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!HalGetInterruptVector] 8D3F0304 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!HalTranslateBusAddress] CB033043 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!KeStallExecutionProcessor] 0673C13B IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!KfReleaseSpinLock] C13B0003 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 8366FA72 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!READ_PORT_USHORT] 75000E7B IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 0B7D80E3 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[HAL.dll!WRITE_PORT_UCHAR] 307B8D00 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[WMILIB.SYS!WmiSystemControl] 83660000 IAT \SystemRoot\System32\Drivers\a1k29ohl.SYS[WMILIB.SYS!WmiCompleteRequest] 6A000E7A IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!RtlInitUnicodeString] 00021483 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!swprintf] 01B05E00 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeSetEvent] 5DE58B5B IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 7E8366C3 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 0F740028 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] 89320C8D IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmFreeMappingAddress] 00022C8B IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 46B70F00 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 66D00328 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmUnmapIoSpace] 002A7E83 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 0C8D1574 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IofCompleteRequest] 288B8932 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!RtlCompareUnicodeString] 0F000002 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IofCallDriver] 832A46B7 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmAllocateMappingAddress] E08303C0 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] 66D003FC IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoConnectInterrupt] 002C7E83 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoDetachDevice] 0C8D1E74 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeWaitForSingleObject] 248B8932 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeInitializeEvent] 8A000002 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] 83880846 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!RtlInitAnsiString] 000001C4 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] 2C4EB70F IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoQueueWorkItem] 8303C183 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmMapIoSpace] D103FCE1 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 2E7E8366 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoReportDetectedDevice] 8D1C7400 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoReportResourceForDetection] 83893204 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 0000021C IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!NlsMbCodePageTag] 2E4EB70F IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!PoRequestPowerIrp] 02208B89 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] [B70F0000] \SystemRoot\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] E0C12E46 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!sprintf] 03D00304 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] 10B389F2 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!ObfDereferenceObject] 80000002 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 0975013E IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 1BD2E853 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!ZwClose] C4830000 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] B05E5F04 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] E58B5B01 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] CCCCC35D IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!PoStartNextPowerIrp] CCCCCCCC IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!PoCallDriver] 53EC8B55 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoCreateDevice] 08758B56 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 0218BE83 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 57000000 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!ZwOpenKey] 45C60674 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!RtlFreeUnicodeString] 1EEB010B IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoStartTimer] 0210868B IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeInitializeTimer] C0850000 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoInitializeTimer] 808A1074 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeInitializeDpc] 00000804 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeInitializeSpinLock] A03CF024 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoInitializeIrp] 0B45950F IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!ZwCreateKey] 45C604EB IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 458A000B IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 88C0840B IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!ZwSetValueKey] 840F0946 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeInsertQueueDpc] 000000C1 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 14B30E8B IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoStartPacket] 1C8A86C6 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 88010000 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 001C8D9E IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoFreeMdl] A99E8800 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmUnlockPages] C600001C IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 001C8E86 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 86C60100 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 00001CAA IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 70518B01 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeSynchronizeExecution] 8D52006A IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoStartNextPacket] 001C9086 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeBugCheckEx] E5E85000 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 8B000023 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeSetTimer] 70518B0E IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeCancelTimer] 8D52016A IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!_allmul] 001CAC86 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmProbeAndLockPages] D1E85000 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!_except_handler3] 8B000023 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!PoSetPowerState] 18C4830E IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] 1C959E88 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!RtlWriteRegistryValue] 9E880000 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!_aulldiv] 00001CB1 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!strstr] 0E798366 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!_strupr] 74AAB000 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeQuerySystemTime] 8986C636 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 1A00001C IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!KeTickCount] 1C8B86C6 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] C6020000 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoDeleteDevice] 001C9686 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 86C60200 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoAllocateWorkItem] 00001CB2 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoAllocateIrp] 9D9E8802 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoAllocateMdl] 8800001C IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 001CB99E IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmLockPagableDataSection] 9E868800 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 8800001C IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 001CBA86 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!ExFreePoolWithTag] C61AEB00 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoFreeIrp] 001C8986 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!IoFreeWorkItem] 86C61200 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!InitSafeBootMode] 00001C8B IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!RtlCompareMemory] 96868801 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!RtlCopyUnicodeString] 8800001C IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!memmove] 001CB286 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[ntoskrnl.exe!MmHighestUserAddress] 88968B00 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!KfAcquireSpinLock] 0C8D1C46 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!READ_PORT_UCHAR] B48B8932 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!KeGetCurrentIrql] 89000001 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!KfRaiseIrql] 0001C083 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!KfLowerIrql] 24468B00 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!HalGetInterruptVector] 89820C8D IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!HalTranslateBusAddress] D18BF84D IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!KeStallExecutionProcessor] 860F1639 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!KfReleaseSpinLock] 000000BD IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 020CB389 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!READ_PORT_USHORT] 83660000 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 7400067E IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[HAL.dll!WRITE_PORT_UCHAR] 89D60320 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[WMILIB.SYS!WmiSystemControl] 8D168B00 IAT \SystemRoot\System32\Drivers\aawgp87x.SYS[WMILIB.SYS!WmiCompleteRequest] F0003284 ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 82FDC1F8 Device \FileSystem\Fastfat \FatCdrom 82BC4500 Device \FileSystem\Udfs \UdfsCdRom 82B54500 Device \FileSystem\Udfs \UdfsDisk 82B54500 Device \Driver\sptd \Device\1978417214 spkb.sys Device \Driver\PCI_PNP5964 \Device\00000040 spkb.sys Device \Driver\PCI_PNP5964 \Device\00000041 spkb.sys Device \Driver\usbuhci \Device\USBPDO-0 82DB51F8 Device \Driver\usbuhci \Device\USBPDO-1 82DB51F8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 82F701F8 Device \Driver\dmio \Device\DmControl\DmConfig 82F701F8 Device \Driver\dmio \Device\DmControl\DmPnP 82F701F8 Device \Driver\dmio \Device\DmControl\DmInfo 82F701F8 Device \Driver\usbuhci \Device\USBPDO-2 82DB51F8 Device \Driver\usbehci \Device\USBPDO-3 82DB41F8 Device \Driver\Ftdisk \Device\HarddiskVolume1 82FDE1F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{2EA3996C-7700-4D52-BE55-2C5D231FB316} 82DFA500 Device \Driver\Ftdisk \Device\HarddiskVolume2 82FDE1F8 Device \Driver\Cdrom \Device\CdRom0 82D801F8 Device \Driver\Cdrom \Device\CdRom0 826132E0 Device \Driver\Cdrom \Device\CdRom0 82865010 Device \Driver\Ftdisk \Device\HarddiskVolume3 82FDE1F8 Device \Driver\Cdrom \Device\CdRom1 82D801F8 Device \Driver\Cdrom \Device\CdRom1 826132E0 Device \Driver\Cdrom \Device\CdRom1 82865010 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 82FDD1F8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 82556D10 Device \Driver\atapi \Device\Ide\IdePort0 82FDD1F8 Device \Driver\atapi \Device\Ide\IdePort0 82556D10 Device \Driver\atapi \Device\Ide\IdePort1 82FDD1F8 Device \Driver\atapi \Device\Ide\IdePort1 82556D10 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e 82FDD1F8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e 82556D10 Device \Driver\Cdrom \Device\CdRom2 82D801F8 Device \Driver\Cdrom \Device\CdRom2 826132E0 Device \Driver\Cdrom \Device\CdRom2 82865010 Device \Driver\Cdrom \Device\CdRom3 82D801F8 Device \Driver\Cdrom \Device\CdRom3 826132E0 Device \Driver\Cdrom \Device\CdRom3 82865010 Device \Driver\Cdrom \Device\CdRom4 82D801F8 Device \Driver\Cdrom \Device\CdRom4 826132E0 Device \Driver\Cdrom \Device\CdRom4 82865010 Device \Driver\NetBT \Device\NetBt_Wins_Export 82DFA500 Device \Driver\NetBT \Device\NetBT_Tcpip_{7CB18020-C433-42F7-857F-5B5E1EB58134} 82DFA500 Device \Driver\usbuhci \Device\USBFDO-0 82DB51F8 Device \Driver\usbuhci \Device\USBFDO-1 82DB51F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 819C11F8 Device \Driver\usbuhci \Device\USBFDO-2 82DB51F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 819C11F8 Device \Driver\usbehci \Device\USBFDO-3 82DB41F8 Device \Driver\Ftdisk \Device\FtControl 82FDE1F8 Device \Driver\sptd \Device\1978573464 spkb.sys Device \Driver\aawgp87x \Device\Scsi\aawgp87x1Port2Path0Target0Lun0 82C941F8 Device \Driver\aawgp87x \Device\Scsi\aawgp87x1Port2Path0Target0Lun0 8260F168 Device \Driver\aawgp87x \Device\Scsi\aawgp87x1 82C941F8 Device \Driver\aawgp87x \Device\Scsi\aawgp87x1 8260F168 Device \Driver\a1k29ohl \Device\Scsi\a1k29ohl1Port4Path0Target0Lun0 82D5C490 Device \Driver\a1k29ohl \Device\Scsi\a1k29ohl1Port4Path0Target0Lun0 826B9818 Device \Driver\st3mp28 \Device\Scsi\st3mp281Port3Path0Target0Lun0 82B95500 Device \Driver\st3mp28 \Device\Scsi\st3mp281Port3Path0Target0Lun0 82571080 Device \Driver\a1k29ohl \Device\Scsi\a1k29ohl1 82D5C490 Device \Driver\a1k29ohl \Device\Scsi\a1k29ohl1 826B9818 Device \Driver\st3mp28 \Device\Scsi\st3mp281Port3Path0Target1Lun0 82B95500 Device \Driver\st3mp28 \Device\Scsi\st3mp281Port3Path0Target1Lun0 82571080 Device \Driver\st3mp28 \Device\Scsi\st3mp281 82B95500 Device \Driver\st3mp28 \Device\Scsi\st3mp281 82571080 Device \FileSystem\Fastfat \Fat 82BC4500 Device \FileSystem\Cdfs \Cdfs 82B55500 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x73 0x24 0xB3 0xB5 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0xDD 0x5C 0xD3 0x95 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xB2 0x74 0x02 0xA4 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x00 0x82 0x1E 0xFA ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xE9 0x0B 0x2D 0x62 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xB9 0xDB 0xA6 0x76 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x73 0x24 0xB3 0xB5 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0xDD 0x5C 0xD3 0x95 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xB2 0x74 0x02 0xA4 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFE 0xF2 0x0C 0xCA ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xE9 0x0B 0x2D 0x62 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xB9 0xDB 0xA6 0x76 ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG10.00.00.01WORKSTATION ED6EA44C56407BFD44FCA4A61FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E6679DB7CE019D40AA5C9DB7CE019D40AA5CFAD4316BD85A53A2BA75BD3577B3CCC828DCA7AB57B87D6D3E24E48C4DC7B93E6AAAF88AA17190CE368211E149D5B4598ABAB8C429CE734E75719D14EB7145B6933A606470D264E2F6CF755A352DF6ECA71C9C506845CB06B308DFD1F5ABA49ACBA4245E36C60EC1719D520A9E304D7A38FB82DE0A605742913FC21A8F2BE06E2B3EE831690F70E2E05A732DE94D128FB6097E5184598AC26A24C515E09526C58F8F3369035C1251C2AD08D50462454CE1A50BDF545C7D5EDD7449BD1682C8CC9A546E6781D69E2CD97024EB5A440CE43C688114790C6E7E51A41265E103BDC0B0FE69E16598E3A7ABB0BD25DF3AADA18F9AA3CCF67CBD9F6CDC4BAD76179EF3F9B254DEB5B1D58A032EB0928A0295DE643D16BD54B7F0521BF681108EB6A94E6547C7BC7B250C30ED603D94D5CA548B8A80E1EC1DB82FBD8E83A5D7E5C8C048244ABD2C44E93F073EF08662C0B81DAD164C7136E173C69939458DA33CAF6970A9FC9431A069CE14893B13834D6348DC5CBA97C635C929B3D43572E9D7394EE9B0520E262805BFEC2BD2505702D6D2C57A9986A12F1769EDDBFDF1EF012EBD6A35745 ---- EOF - GMER 1.0.15 ----