nustria / 8 lat, 4 miesiące temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-07-28 15:48:19
Windows 5.1.2600 Dodatek Service Pack 2


---- System - GMER 1.0.15 ----

SSDT            Vax347b.sys (Plug and Play BIOS Extension/ )                                                                         ZwClose [0xF83FBC58]
SSDT            Vax347b.sys (Plug and Play BIOS Extension/ )                                                                         ZwCreateKey [0xF83FBC10]
SSDT            Vax347b.sys (Plug and Play BIOS Extension/ )                                                                         ZwCreatePagingFile [0xF83EFC70]
SSDT            Vax347b.sys (Plug and Play BIOS Extension/ )                                                                         ZwEnumerateKey [0xF83F04FE]
SSDT            Vax347b.sys (Plug and Play BIOS Extension/ )                                                                         ZwEnumerateValueKey [0xF83FBD50]
SSDT            Vax347b.sys (Plug and Play BIOS Extension/ )                                                                         ZwOpenKey [0xF83FBBD4]
SSDT            Vax347b.sys (Plug and Play BIOS Extension/ )                                                                         ZwQueryKey [0xF83F051E]
SSDT            Vax347b.sys (Plug and Play BIOS Extension/ )                                                                         ZwQueryValueKey [0xF83FBCA6]
SSDT            Vax347b.sys (Plug and Play BIOS Extension/ )                                                                         ZwSetSystemPowerState [0xF83FB4F0]
SSDT            sptd.sys                                                                                                             ZwSetValueKey [0xF8434324]
SSDT            \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com)        ZwTerminateProcess [0xEFAB7DF0]

---- Kernel code sections - GMER 1.0.15 ----

?               C:\WINDOWS\system32\drivers\sptd.sys                                                                                 Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.
.text           USBPORT.SYS!DllUnload                                                                                                F7F3862C 5 Bytes  JMP 82105608 
.text           dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7                                                                          F7EB24D0 48 Bytes  [13, 8F, C0, 72, F9, 42, BE, ...]
?               C:\WINDOWS\System32\Drivers\dtscsi.sys                                                                               Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Internet Explorer\iexplore.exe[268] USER32.dll!CallNextHookEx                                       77D3EB03 5 Bytes  JMP 00CCDD81 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[268] USER32.dll!CreateWindowExW                                      77D3FF50 5 Bytes  JMP 00CD4832 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[268] USER32.dll!UnhookWindowsHookEx                                  77D40DF3 5 Bytes  JMP 00C31CA2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[268] USER32.dll!DialogBoxParamW                                      77D4662C 5 Bytes  JMP 00BF9315 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[268] USER32.dll!SetWindowsHookExW                                    77D4E4AF 5 Bytes  JMP 00CCDBCB C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[268] USER32.dll!DialogBoxIndirectParamW                              77D52043 5 Bytes  JMP 00DEE021 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[268] USER32.dll!MessageBoxIndirectA                                  77D5A05A 5 Bytes  JMP 00DEDF51 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[268] USER32.dll!DialogBoxParamA                                      77D5B11C 5 Bytes  JMP 00DEDFBE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[268] USER32.dll!MessageBoxExW                                        77D70538 5 Bytes  JMP 00DEDE22 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[268] USER32.dll!MessageBoxExA                                        77D7055C 5 Bytes  JMP 00DEDE84 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[268] USER32.dll!DialogBoxIndirectParamA                              77D76CAD 5 Bytes  JMP 00DEE084 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[268] USER32.dll!MessageBoxIndirectW                                  77D86093 5 Bytes  JMP 00DEDEE6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[268] ole32.dll!CoCreateInstance                                      774EFAC3 5 Bytes  JMP 00CD488E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\WINDOWS\system32\WgaTray.exe[2124] WININET.dll!InternetErrorDlg                                                   63099B81 5 Bytes  JMP 01012136 C:\WINDOWS\system32\WgaTray.exe (Windows Genuine Advantage Notification/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] USER32.dll!CallNextHookEx                                      77D3EB03 5 Bytes  JMP 00CCDD81 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] USER32.dll!CreateWindowExW                                     77D3FF50 5 Bytes  JMP 00CD4832 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] USER32.dll!UnhookWindowsHookEx                                 77D40DF3 5 Bytes  JMP 00C31CA2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] USER32.dll!DialogBoxParamW                                     77D4662C 5 Bytes  JMP 00BF9315 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] USER32.dll!SetWindowsHookExW                                   77D4E4AF 5 Bytes  JMP 00CCDBCB C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] USER32.dll!DialogBoxIndirectParamW                             77D52043 5 Bytes  JMP 00DEE021 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] USER32.dll!MessageBoxIndirectA                                 77D5A05A 5 Bytes  JMP 00DEDF51 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] USER32.dll!DialogBoxParamA                                     77D5B11C 5 Bytes  JMP 00DEDFBE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] USER32.dll!MessageBoxExW                                       77D70538 5 Bytes  JMP 00DEDE22 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] USER32.dll!MessageBoxExA                                       77D7055C 5 Bytes  JMP 00DEDE84 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] USER32.dll!DialogBoxIndirectParamA                             77D76CAD 5 Bytes  JMP 00DEE084 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] USER32.dll!MessageBoxIndirectW                                 77D86093 5 Bytes  JMP 00DEDEE6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2360] ole32.dll!CoCreateInstance                                     774EFAC3 5 Bytes  JMP 00CD488E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] USER32.dll!CallNextHookEx                                      77D3EB03 5 Bytes  JMP 00CCDD81 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] USER32.dll!CreateWindowExW                                     77D3FF50 5 Bytes  JMP 00CD4832 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] USER32.dll!UnhookWindowsHookEx                                 77D40DF3 5 Bytes  JMP 00C31CA2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] USER32.dll!DialogBoxParamW                                     77D4662C 5 Bytes  JMP 00BF9315 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] USER32.dll!SetWindowsHookExW                                   77D4E4AF 5 Bytes  JMP 00CCDBCB C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] USER32.dll!DialogBoxIndirectParamW                             77D52043 5 Bytes  JMP 00DEE021 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] USER32.dll!MessageBoxIndirectA                                 77D5A05A 5 Bytes  JMP 00DEDF51 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] USER32.dll!DialogBoxParamA                                     77D5B11C 5 Bytes  JMP 00DEDFBE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] USER32.dll!MessageBoxExW                                       77D70538 5 Bytes  JMP 00DEDE22 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] USER32.dll!MessageBoxExA                                       77D7055C 5 Bytes  JMP 00DEDE84 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] USER32.dll!DialogBoxIndirectParamA                             77D76CAD 5 Bytes  JMP 00DEE084 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] USER32.dll!MessageBoxIndirectW                                 77D86093 5 Bytes  JMP 00DEDEE6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2500] ole32.dll!CoCreateInstance                                     774EFAC3 5 Bytes  JMP 00CD488E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3420] USER32.dll!CreateWindowExW                                     77D3FF50 5 Bytes  JMP 00CD4832 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3420] USER32.dll!DialogBoxParamW                                     77D4662C 5 Bytes  JMP 00BF9315 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3420] USER32.dll!DialogBoxIndirectParamW                             77D52043 5 Bytes  JMP 00DEE021 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3420] USER32.dll!MessageBoxIndirectA                                 77D5A05A 5 Bytes  JMP 00DEDF51 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3420] USER32.dll!DialogBoxParamA                                     77D5B11C 5 Bytes  JMP 00DEDFBE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3420] USER32.dll!MessageBoxExW                                       77D70538 5 Bytes  JMP 00DEDE22 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3420] USER32.dll!MessageBoxExA                                       77D7055C 5 Bytes  JMP 00DEDE84 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3420] USER32.dll!DialogBoxIndirectParamA                             77D76CAD 5 Bytes  JMP 00DEE084 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3420] USER32.dll!MessageBoxIndirectW                                 77D86093 5 Bytes  JMP 00DEDEE6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!IoConnectInterrupt]                                              [F8444886] sptd.sys
IAT             pci.sys[ntoskrnl.exe!IoDetachDevice]                                                                                 [F8444832] sptd.sys
IAT             pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack]                                                                    [F8466892] sptd.sys
IAT             \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                                                   [F8443ACA] sptd.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Program Files\Internet Explorer\iexplore.exe[268] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]   [017A18FD] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[2360] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]  [017A18FD] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT             C:\Program Files\Internet Explorer\iexplore.exe[2500] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]  [017A18FD] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                               823D51E8

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                               amon.sys (Amon monitor/Eset )

Device          \FileSystem\Fastfat \FatCdrom                                                                                        821D0480
Device          \FileSystem\Fastfat \FatCdrom                                                                                        FC6BED28
Device          \Driver\usbuhci \Device\USBPDO-0                                                                                     821041E8
Device          \Driver\PCI_NTPNP8524 \Device\00000051                                                                               sptd.sys
Device          \Driver\dmio \Device\DmControl\DmIoDaemon                                                                            823D71E8
Device          \Driver\dmio \Device\DmControl\DmConfig                                                                              823D71E8
Device          \Driver\dmio \Device\DmControl\DmPnP                                                                                 823D71E8
Device          \Driver\dmio \Device\DmControl\DmInfo                                                                                823D71E8
Device          \Driver\usbuhci \Device\USBPDO-1                                                                                     821041E8
Device          \Driver\usbuhci \Device\USBPDO-2                                                                                     821041E8
Device          \Driver\usbuhci \Device\USBPDO-3                                                                                     821041E8
Device          \Driver\usbehci \Device\USBPDO-4                                                                                     820D6738
Device          \Driver\Ftdisk \Device\HarddiskVolume1                                                                               823541E8
Device          \Driver\NetBT \Device\NetBT_Tcpip_{2573C301-B06A-49F0-B660-6812AC132364}                                             FF78C1E8
Device          \Driver\Ftdisk \Device\HarddiskVolume2                                                                               823541E8
Device          \Driver\Cdrom \Device\CdRom0                                                                                         81EBC008
Device          \FileSystem\Rdbss \Device\FsWrap                                                                                     8184E468
Device          \Driver\Cdrom \Device\CdRom1                                                                                         81EBC008
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3                                                                          81F69008
Device          \Driver\atapi \Device\Ide\IdePort0                                                                                   81F69008
Device          \Driver\atapi \Device\Ide\IdePort1                                                                                   81F69008
Device          \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e                                                                          81F69008
Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                              FF78C1E8
Device          \Driver\NetBT \Device\NetbiosSmb                                                                                     FF78C1E8
Device          \Driver\NetBT \Device\NetBT_Tcpip_{73C4EB5D-16DC-4348-AEEC-9A85E093ADAD}                                             FF78C1E8
Device          \FileSystem\Srv \Device\LanmanServer                                                                                 822EDD50
Device          \Driver\usbuhci \Device\USBFDO-0                                                                                     821041E8
Device          \Driver\usbuhci \Device\USBFDO-1                                                                                     821041E8
Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                                    FF7921E8
Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                                    81E83870
Device          \Driver\usbuhci \Device\USBFDO-2                                                                                     821041E8
Device          \FileSystem\MRxSmb \Device\LanmanRedirector                                                                          FF7921E8
Device          \FileSystem\MRxSmb \Device\LanmanRedirector                                                                          81E83870
Device          \Driver\usbuhci \Device\USBFDO-3                                                                                     821041E8
Device          \FileSystem\Npfs \Device\NamedPipe                                                                                   81FB1940
Device          \Driver\usbehci \Device\USBFDO-4                                                                                     820D6738
Device          \Driver\Ftdisk \Device\FtControl                                                                                     823541E8
Device          \FileSystem\Msfs \Device\Mailslot                                                                                    8231AD50
Device          \Driver\Vax347s \Device\Scsi\Vax347s1                                                                                823D61E8
Device          \Driver\dtscsi \Device\Scsi\dtscsi1                                                                                  81F42008
Device          \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0                                                             81F42008
Device          \FileSystem\Fastfat \Fat                                                                                             821D0480
Device          \FileSystem\Fastfat \Fat                                                                                             FC6BED28

AttachedDevice  \FileSystem\Fastfat \Fat                                                                                             amon.sys (Amon monitor/Eset )

Device          \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer                                                                   820CA0D8
Device          \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer                                                                    820CA0D8
Device          \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer                                                                        820CA0D8
Device          \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer                                                                     820CA0D8
Device          \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer                                                                    820CA0D8
Device          \FileSystem\Cdfs \Cdfs                                                                                               81F9B618
Device          \FileSystem\Cdfs \Cdfs                                                                                               8201B680

---- Modules - GMER 1.0.15 ----

Module          _________                                                                                                            F8351000-F8369000 (98304 bytes)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                                   -173007704
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                                   611383211
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                                   1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                                     
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                  C:\Program Files\DAEMON Tools\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                  0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                               0x5C 0x1A 0x02 0x43 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001                            
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                         0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                      0x89 0x22 0x5C 0xBD ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                0xBD 0x1E 0x5D 0x8F ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\Vax347s\Config\jdgg40                                                         
Reg             HKLM\SYSTEM\CurrentControlSet\Services\Vax347s\Config\jdgg40@ujdew                                                   0x20 0x02 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\Vax347s\Config\jdgg40@ljej40                                                  0x2E 0x91 0x00 0x5D ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                                         
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                      C:\Program Files\DAEMON Tools\
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                      0
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                   0x5C 0x1A 0x02 0x43 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001                                
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                          0x89 0x22 0x5C 0xBD ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40                          
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                    0xBD 0x1E 0x5D 0x8F ...
Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL@Installed                                1
Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL@                                         
Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI@Installed                                 1
Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI@NoChange                                  1
Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI@                                          
Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS@Installed                                 1
Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS@                                          
Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}@DisplayName          Alcohol 120%
Reg             HKLM\SOFTWARE\Classes\Installer\Products\32418F9EE1126B64A90E8365B85CFCF6@ProductName                                Alcohol 120%

---- EOF - GMER 1.0.15 ----