GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2011-08-07 06:20:43 Windows 5.1.2600 Dodatek Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD2500KS-00MJB0 rev.02.01C03 Running: ke50x6yv.exe; Driver: C:\DOCUME~1\Zachary\USTAWI~1\Temp\pgtdapog.sys ---- System - GMER 1.0.15 ---- SSDT 890BF109 ZwCreateThread ---- Kernel code sections - GMER 1.0.15 ---- ? C:\WINDOWS\system32\drivers\sptd.sys Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB67C73A0, 0x88C445, 0xE8000020] .text USBPORT.SYS!DllUnload B67A862C 5 Bytes JMP 89C401C8 init C:\WINDOWS\system32\drivers\Senfilt.sys entry point in "init" section [0xB1317A00] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] kernel32.dll!ReadFile 7C80180E 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] kernel32.dll!WriteFile 7C810D87 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] kernel32.dll!PeekNamedPipe 7C85F90F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] kernel32.dll!WinExec 7C86136D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] ADVAPI32.dll!RegOpenKeyA 77DEC41B 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] msvcrt.dll!system 77C193C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] msvcrt.dll!_creat 77C1D40F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] msvcrt.dll!_read 77C1FAA3 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] msvcrt.dll!_write 77C20303 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] WS2_32.dll!select 71A52DC0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] WS2_32.dll!socket 71A53B91 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] WS2_32.dll!bind 71A53E00 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] WS2_32.dll!send 71A5428A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] WS2_32.dll!recv 71A5615A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] WININET.dll!InternetOpenA 771B58BA 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] WININET.dll!InternetOpenUrlA 771B5B6D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[408] WININET.dll!InternetReadFile 771B80F4 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] kernel32.dll!ReadFile 7C80180E 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] kernel32.dll!WriteFile 7C810D87 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] kernel32.dll!PeekNamedPipe 7C85F90F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] kernel32.dll!WinExec 7C86136D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] ADVAPI32.dll!RegOpenKeyA 77DEC41B 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] msvcrt.dll!system 77C193C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] msvcrt.dll!_creat 77C1D40F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] msvcrt.dll!_read 77C1FAA3 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] msvcrt.dll!_write 77C20303 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] WS2_32.dll!select 71A52DC0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] WS2_32.dll!socket 71A53B91 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] WS2_32.dll!bind 71A53E00 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] WS2_32.dll!send 71A5428A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] WS2_32.dll!recv 71A5615A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] WININET.dll!InternetOpenA 771B58BA 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] WININET.dll!InternetOpenUrlA 771B5B6D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe[584] WININET.dll!InternetReadFile 771B80F4 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] kernel32.dll!ReadFile 7C80180E 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] kernel32.dll!WriteFile 7C810D87 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] kernel32.dll!PeekNamedPipe 7C85F90F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] kernel32.dll!WinExec 7C86136D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] msvcrt.dll!system 77C193C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] msvcrt.dll!_creat 77C1D40F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] msvcrt.dll!_read 77C1FAA3 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] msvcrt.dll!_write 77C20303 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] ADVAPI32.dll!RegOpenKeyA 77DEC41B 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] WS2_32.dll!select 71A52DC0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] WS2_32.dll!socket 71A53B91 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] WS2_32.dll!bind 71A53E00 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] WS2_32.dll!send 71A5428A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] WS2_32.dll!recv 71A5615A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] WININET.dll!InternetOpenA 771B58BA 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] WININET.dll!InternetOpenUrlA 771B5B6D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\services.exe[864] WININET.dll!InternetReadFile 771B80F4 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] kernel32.dll!ReadFile 7C80180E 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] kernel32.dll!WriteFile 7C810D87 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] kernel32.dll!PeekNamedPipe 7C85F90F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] kernel32.dll!WinExec 7C86136D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] ADVAPI32.dll!RegOpenKeyA 77DEC41B 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] msvcrt.dll!system 77C193C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] msvcrt.dll!_creat 77C1D40F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] msvcrt.dll!_read 77C1FAA3 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] msvcrt.dll!_write 77C20303 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] WS2_32.dll!select 71A52DC0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] WS2_32.dll!socket 71A53B91 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] WS2_32.dll!bind 71A53E00 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] WS2_32.dll!send 71A5428A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] WS2_32.dll!recv 71A5615A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] WININET.dll!InternetOpenA 771B58BA 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] WININET.dll!InternetOpenUrlA 771B5B6D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\lsass.exe[876] WININET.dll!InternetReadFile 771B80F4 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!ReadFile 7C80180E 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!WriteFile 7C810D87 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!PeekNamedPipe 7C85F90F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!WinExec 7C86136D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] ADVAPI32.dll!RegOpenKeyA 77DEC41B 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] msvcrt.dll!system 77C193C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] msvcrt.dll!_creat 77C1D40F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] msvcrt.dll!_read 77C1FAA3 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] msvcrt.dll!_write 77C20303 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] WS2_32.dll!select 71A52DC0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] WS2_32.dll!socket 71A53B91 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] WS2_32.dll!bind 71A53E00 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] WS2_32.dll!send 71A5428A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] WS2_32.dll!recv 71A5615A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] WININET.dll!InternetOpenA 771B58BA 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] WININET.dll!InternetOpenUrlA 771B5B6D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1052] WININET.dll!InternetReadFile 771B80F4 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] kernel32.dll!ReadFile 7C80180E 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] kernel32.dll!WriteFile 7C810D87 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] kernel32.dll!PeekNamedPipe 7C85F90F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] kernel32.dll!WinExec 7C86136D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] ADVAPI32.dll!RegOpenKeyA 77DEC41B 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] msvcrt.dll!system 77C193C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] msvcrt.dll!_creat 77C1D40F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] msvcrt.dll!_read 77C1FAA3 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] msvcrt.dll!_write 77C20303 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] WS2_32.dll!select 71A52DC0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] WS2_32.dll!socket 71A53B91 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] WS2_32.dll!bind 71A53E00 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] WS2_32.dll!send 71A5428A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] WS2_32.dll!recv 71A5615A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] WININET.dll!InternetOpenA 771B58BA 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] WININET.dll!InternetOpenUrlA 771B5B6D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1132] WININET.dll!InternetReadFile 771B80F4 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] kernel32.dll!ReadFile 7C80180E 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] kernel32.dll!WriteFile 7C810D87 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] kernel32.dll!PeekNamedPipe 7C85F90F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] kernel32.dll!WinExec 7C86136D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] msvcrt.dll!system 77C193C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] msvcrt.dll!_creat 77C1D40F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] msvcrt.dll!_read 77C1FAA3 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] msvcrt.dll!_write 77C20303 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] ADVAPI32.dll!RegOpenKeyA 77DEC41B 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] WININET.dll!InternetOpenA 771B58BA 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] WININET.dll!InternetOpenUrlA 771B5B6D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] WININET.dll!InternetReadFile 771B80F4 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] WS2_32.dll!select 71A52DC0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] WS2_32.dll!socket 71A53B91 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] WS2_32.dll!bind 71A53E00 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] WS2_32.dll!send 71A5428A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\Explorer.EXE[1184] WS2_32.dll!recv 71A5615A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] kernel32.dll!ReadFile 7C80180E 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] kernel32.dll!WriteFile 7C810D87 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] kernel32.dll!PeekNamedPipe 7C85F90F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] kernel32.dll!WinExec 7C86136D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] ADVAPI32.dll!RegOpenKeyA 77DEC41B 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] msvcrt.dll!system 77C193C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] msvcrt.dll!_creat 77C1D40F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] msvcrt.dll!_read 77C1FAA3 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] msvcrt.dll!_write 77C20303 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] WS2_32.dll!select 71A52DC0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] WS2_32.dll!socket 71A53B91 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] WS2_32.dll!bind 71A53E00 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] WS2_32.dll!send 71A5428A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] WS2_32.dll!recv 71A5615A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] WININET.dll!InternetOpenA 771B58BA 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] WININET.dll!InternetOpenUrlA 771B5B6D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1420] WININET.dll!InternetReadFile 771B80F4 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] kernel32.dll!ReadFile 7C80180E 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] kernel32.dll!WriteFile 7C810D87 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] kernel32.dll!PeekNamedPipe 7C85F90F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] kernel32.dll!WinExec 7C86136D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] ADVAPI32.dll!RegOpenKeyA 77DEC41B 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] msvcrt.dll!system 77C193C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] msvcrt.dll!_creat 77C1D40F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] msvcrt.dll!_read 77C1FAA3 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] msvcrt.dll!_write 77C20303 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] WS2_32.dll!select 71A52DC0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] WS2_32.dll!socket 71A53B91 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] WS2_32.dll!bind 71A53E00 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] WS2_32.dll!send 71A5428A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] WS2_32.dll!recv 71A5615A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] WININET.dll!InternetOpenA 771B58BA 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] WININET.dll!InternetOpenUrlA 771B5B6D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[1484] WININET.dll!InternetReadFile 771B80F4 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] kernel32.dll!ReadFile 7C80180E 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] kernel32.dll!WriteFile 7C810D87 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] kernel32.dll!PeekNamedPipe 7C85F90F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] kernel32.dll!WinExec 7C86136D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] ADVAPI32.dll!RegOpenKeyA 77DEC41B 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] msvcrt.dll!system 77C193C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] msvcrt.dll!_creat 77C1D40F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] msvcrt.dll!_read 77C1FAA3 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] msvcrt.dll!_write 77C20303 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] WS2_32.dll!select 71A52DC0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] WS2_32.dll!socket 71A53B91 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] WS2_32.dll!bind 71A53E00 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] WS2_32.dll!send 71A5428A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] WS2_32.dll!recv 71A5615A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] WININET.dll!InternetOpenA 771B58BA 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] WININET.dll!InternetOpenUrlA 771B5B6D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1652] WININET.dll!InternetReadFile 771B80F4 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] kernel32.dll!ReadFile 7C80180E 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] kernel32.dll!WriteFile 7C810D87 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] kernel32.dll!PeekNamedPipe 7C85F90F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] kernel32.dll!WinExec 7C86136D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] ADVAPI32.dll!RegOpenKeyA 77DEC41B 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] msvcrt.dll!system 77C193C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] msvcrt.dll!_creat 77C1D40F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] msvcrt.dll!_read 77C1FAA3 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] msvcrt.dll!_write 77C20303 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] WS2_32.dll!select 71A52DC0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] WS2_32.dll!socket 71A53B91 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] WS2_32.dll!bind 71A53E00 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] WS2_32.dll!send 71A5428A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] WS2_32.dll!recv 71A5615A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] WININET.dll!InternetOpenA 771B58BA 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] WININET.dll!InternetOpenUrlA 771B5B6D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\system32\svchost.exe[1744] WININET.dll!InternetReadFile 771B80F4 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2308] USER32.dll!SetWindowLongA 7E36D60D 5 Bytes JMP 1068F0D7 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2308] USER32.dll!SetWindowLongW 7E36D62B 5 Bytes JMP 1068F069 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2308] USER32.dll!GetWindowInfo 7E36E77C 5 Bytes JMP 104A56CB C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2308] USER32.dll!TrackPopupMenu 7E3B50EE 5 Bytes JMP 104A5CE7 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[3356] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 00401410 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) .text C:\WINDOWS\System32\svchost.exe[3828] kernel32.dll!ReadFile 7C80180E 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] kernel32.dll!VirtualProtectEx 7C801A5D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] kernel32.dll!VirtualProtect 7C801AD0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] kernel32.dll!GetStartupInfoA 7C801EEE 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] kernel32.dll!GetProcAddress 7C80ADA0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] kernel32.dll!WriteFile 7C810D87 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] kernel32.dll!CreatePipe 7C81E0C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] kernel32.dll!PeekNamedPipe 7C85F90F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] kernel32.dll!WinExec 7C86136D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] ADVAPI32.dll!RegOpenKeyA 77DEC41B 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] msvcrt.dll!system 77C193C7 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] msvcrt.dll!_creat 77C1D40F 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] msvcrt.dll!_read 77C1FAA3 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] msvcrt.dll!_write 77C20303 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] WS2_32.dll!select 71A52DC0 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] WS2_32.dll!socket 71A53B91 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] WS2_32.dll!bind 71A53E00 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] WS2_32.dll!send 71A5428A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] WS2_32.dll!recv 71A5615A 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] WININET.dll!InternetOpenA 771B58BA 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] WININET.dll!InternetOpenUrlA 771B5B6D 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) .text C:\WINDOWS\System32\svchost.exe[3828] WININET.dll!InternetReadFile 771B80F4 5 Bytes CALL 37001160 C:\WINDOWS\system32\EntApi.dll (EntAPI/Network Associates, Inc) ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B7EC0AD4] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B7EC0C1A] sptd.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B7EC0B9C] sptd.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B7EC1748] sptd.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B7EC161E] sptd.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B7ED5ACA] sptd.sys ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 89FC81E8 AttachedDevice \FileSystem\Ntfs \Ntfs naiavf5x.sys (Anti-Virus File System Filter Driver/Network Associates, Inc.) AttachedDevice \Driver\Tcpip \Device\Ip mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.) Device \Driver\usbuhci \Device\USBPDO-0 89C361E8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 89FCA1E8 Device \Driver\dmio \Device\DmControl\DmConfig 89FCA1E8 Device \Driver\dmio \Device\DmControl\DmPnP 89FCA1E8 Device \Driver\dmio \Device\DmControl\DmInfo 89FCA1E8 Device \Driver\usbuhci \Device\USBPDO-1 89C361E8 Device \Driver\usbehci \Device\USBPDO-2 89BEC1E8 Device \Driver\usbuhci \Device\USBPDO-3 89C361E8 Device \Driver\usbuhci \Device\USBPDO-4 89C361E8 AttachedDevice \Driver\Tcpip \Device\Tcp mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.) Device \Driver\usbuhci \Device\USBPDO-5 89C361E8 Device \Driver\usbehci \Device\USBPDO-6 89BEC1E8 Device \Driver\Ftdisk \Device\HarddiskVolume1 89F581E8 Device \Driver\Ftdisk \Device\HarddiskVolume2 89F581E8 Device \Driver\Cdrom \Device\CdRom0 89B911E8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 89F571E8 Device \Driver\atapi \Device\Ide\IdePort0 89F571E8 Device \Driver\atapi \Device\Ide\IdePort1 89F571E8 Device \Driver\atapi \Device\Ide\IdePort2 89F571E8 Device \Driver\atapi \Device\Ide\IdePort3 89F571E8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e 89F571E8 Device \Driver\Ftdisk \Device\HarddiskVolume3 89F581E8 Device \Driver\NetBT \Device\NetBt_Wins_Export 895DC1E8 Device \Driver\NetBT \Device\NetbiosSmb 895DC1E8 AttachedDevice \Driver\Tcpip \Device\Udp mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.) AttachedDevice \Driver\Tcpip \Device\RawIp mvstdi5x.sys (Anti-Virus Mini-Firewall Driver/Network Associates, Inc.) Device \Driver\usbuhci \Device\USBFDO-0 89C361E8 Device \Driver\usbuhci \Device\USBFDO-1 89C361E8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 895811E8 Device \Driver\usbehci \Device\USBFDO-2 89BEC1E8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 895811E8 Device \Driver\usbuhci \Device\USBFDO-3 89C361E8 Device \Driver\NetBT \Device\NetBT_Tcpip_{88116103-6FC2-4AE1-83F7-C5A1E2007FE3} 895DC1E8 Device \Driver\usbuhci \Device\USBFDO-4 89C361E8 Device \Driver\Ftdisk \Device\FtControl 89F581E8 Device \Driver\NetBT \Device\NetBT_Tcpip_{17D25E99-EC56-4C39-9802-AC996E7B63E2} 895DC1E8 Device \Driver\usbuhci \Device\USBFDO-5 89C361E8 Device \Driver\usbehci \Device\USBFDO-6 89BEC1E8 Device \Driver\JRAID \Device\Scsi\JRAID1 89FC91E8 Device \FileSystem\Cdfs \Cdfs 89B75608 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x71 0xA8 0x67 0xE4 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x07 0xEB 0xB1 0x4B ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@d0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xC9 0x68 0x41 0xC2 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x71 0xA8 0x67 0xE4 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x07 0xEB 0xB1 0x4B ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@d0 1 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xC9 0x68 0x41 0xC2 ... ---- EOF - GMER 1.0.15 ----