Re: spomaleny pocitac
Napsal: 03 led 2010 19:28
Zdravím
boli sme odcestovaní, tak som nebol na pocitaci dlhsí cas...
tu su tie logy:
prvy log:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-01-03 11:37:59
Windows 5.1.2600 Service Pack 3, v.5857
Running: gmer.exe; Driver: C:\DOCUME~1\Dada\LOCALS~1\Temp\awpcifoc.sys
---- System - GMER 1.0.15 ----
SSDT speg.sys ZwEnumerateKey [0xF82CFDA4]
SSDT speg.sys ZwEnumerateValueKey [0xF82D0132]
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 82B861F8
---- EOF - GMER 1.0.15 ----
a druhy log je:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-03 12:23:28
Windows 5.1.2600 Service Pack 3, v.5857
Running: gmer.exe; Driver: C:\DOCUME~1\Dada\LOCALS~1\Temp\awpcifoc.sys
---- System - GMER 1.0.15 ----
SSDT F8ADDEEE ZwCreateKey
SSDT F8ADDEE4 ZwCreateThread
SSDT F8ADDEF3 ZwDeleteKey
SSDT F8ADDEFD ZwDeleteValueKey
SSDT speg.sys ZwEnumerateKey [0xF82CFDA4]
SSDT speg.sys ZwEnumerateValueKey [0xF82D0132]
SSDT F8ADDF02 ZwLoadKey
SSDT speg.sys ZwOpenKey [0xF82B70C0]
SSDT F8ADDED0 ZwOpenProcess
SSDT F8ADDED5 ZwOpenThread
SSDT speg.sys ZwQueryKey [0xF82D020A]
SSDT speg.sys ZwQueryValueKey [0xF82D008A]
SSDT F8ADDF0C ZwReplaceKey
SSDT F8ADDF07 ZwRestoreKey
SSDT F8ADDEF8 ZwSetValueKey
SSDT F8ADDEDF ZwTerminateProcess
INT 0x62 ? 82B89BF8
INT 0x63 ? 8208EBF8
INT 0x74 ? 8208EBF8
INT 0x84 ? 8208EBF8
INT 0x94 ? 8208EBF8
INT 0xA4 ? 82B88BF8
---- Kernel code sections - GMER 1.0.15 ----
? speg.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload F7D1A8AC 5 Bytes JMP 8208E1D8
.text atps8wsm.SYS F172E386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text atps8wsm.SYS F172E3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text atps8wsm.SYS F172E3C4 3 Bytes [00, 80, 02]
.text atps8wsm.SYS F172E3C9 1 Byte [30]
.text atps8wsm.SYS F172E3C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F82B8042] speg.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F82B813E] speg.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F82B80C0] speg.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F82B8800] speg.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F82B86D6] speg.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F82C7B90] speg.sys
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!KfAcquireSpinLock] 18C4830E
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!READ_PORT_UCHAR] 1C959E88
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!KeGetCurrentIrql] 9E880000
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!KfRaiseIrql] 00001CB1
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!KfLowerIrql] 0E798366
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!HalGetInterruptVector] 74AAB000
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!HalTranslateBusAddress] 8986C636
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!KeStallExecutionProcessor] 1A00001C
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!KfReleaseSpinLock] 1C8B86C6
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] C6020000
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!READ_PORT_USHORT] 001C9686
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 86C60200
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!WRITE_PORT_UCHAR] 00001CB2
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[WMILIB.SYS!WmiSystemControl] 8800001C
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[WMILIB.SYS!WmiCompleteRequest] 001CB99E
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 82B861F8
Device \Driver\usbuhci \Device\USBPDO-0 81FD81F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{20AFCC1D-7CBD-4FA4-A52D-3E79BBEC999D} 81F06368
Device \Driver\dmio \Device\DmControl\DmIoDaemon 82B8A1F8
Device \Driver\dmio \Device\DmControl\DmConfig 82B8A1F8
Device \Driver\dmio \Device\DmControl\DmPnP 82B8A1F8
Device \Driver\dmio \Device\DmControl\DmInfo 82B8A1F8
Device \Driver\usbuhci \Device\USBPDO-1 81FD81F8
Device \Driver\usbehci \Device\USBPDO-2 820821F8
Device \Driver\PCI_PNP6620 \Device\00000046 speg.sys
Device \Driver\usbuhci \Device\USBPDO-3 81FD81F8
Device \Driver\usbehci \Device\USBPDO-4 820821F8
Device \Driver\usbuhci \Device\USBPDO-5 81FD81F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{69FFD2DA-2E82-4FD6-86FD-47026F51BF2B} 81F06368
Device \Driver\usbuhci \Device\USBPDO-6 81FD81F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 82B8B1F8
Device \Driver\Cdrom \Device\CdRom0 81CFF1F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 82B8B1F8
Device \Driver\Cdrom \Device\CdRom1 81CFF1F8
Device \Driver\iaStor \Device\Ide\iaStor0 [F81618E0] iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F81EDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F81EDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F81EDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [F81618E0] iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\sptd \Device\2242867870 speg.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export 81F06368
Device \Driver\NetBT \Device\NetbiosSmb 81F06368
Device \Driver\usbuhci \Device\USBFDO-0 81FD81F8
Device \Driver\usbuhci \Device\USBFDO-1 81FD81F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 81F33500
Device \Driver\usbehci \Device\USBFDO-2 820821F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 81F33500
Device \Driver\usbuhci \Device\USBFDO-3 81FD81F8
Device \Driver\usbuhci \Device\USBFDO-4 81FD81F8
Device \Driver\Ftdisk \Device\FtControl 82B8B1F8
Device \Driver\usbuhci \Device\USBFDO-5 81FD81F8
Device \Driver\usbehci \Device\USBFDO-6 820821F8
Device \Driver\atps8wsm \Device\Scsi\atps8wsm1Port3Path0Target0Lun0 81E47368
Device \Driver\atps8wsm \Device\Scsi\atps8wsm1 81E47368
Device \FileSystem\Cdfs \Cdfs 81E50500
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x4A 0x11 0xBC 0x9F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x27 0xC8 0x22 0xA5 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8A 0x22 0x50 0x7B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xC0 0xF1 0x3F 0x30 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x27 0xC8 0x22 0xA5 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8A 0x22 0x50 0x7B ...
---- EOF - GMER 1.0.15 ----
boli sme odcestovaní, tak som nebol na pocitaci dlhsí cas...
tu su tie logy:
prvy log:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-01-03 11:37:59
Windows 5.1.2600 Service Pack 3, v.5857
Running: gmer.exe; Driver: C:\DOCUME~1\Dada\LOCALS~1\Temp\awpcifoc.sys
---- System - GMER 1.0.15 ----
SSDT speg.sys ZwEnumerateKey [0xF82CFDA4]
SSDT speg.sys ZwEnumerateValueKey [0xF82D0132]
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 82B861F8
---- EOF - GMER 1.0.15 ----
a druhy log je:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-03 12:23:28
Windows 5.1.2600 Service Pack 3, v.5857
Running: gmer.exe; Driver: C:\DOCUME~1\Dada\LOCALS~1\Temp\awpcifoc.sys
---- System - GMER 1.0.15 ----
SSDT F8ADDEEE ZwCreateKey
SSDT F8ADDEE4 ZwCreateThread
SSDT F8ADDEF3 ZwDeleteKey
SSDT F8ADDEFD ZwDeleteValueKey
SSDT speg.sys ZwEnumerateKey [0xF82CFDA4]
SSDT speg.sys ZwEnumerateValueKey [0xF82D0132]
SSDT F8ADDF02 ZwLoadKey
SSDT speg.sys ZwOpenKey [0xF82B70C0]
SSDT F8ADDED0 ZwOpenProcess
SSDT F8ADDED5 ZwOpenThread
SSDT speg.sys ZwQueryKey [0xF82D020A]
SSDT speg.sys ZwQueryValueKey [0xF82D008A]
SSDT F8ADDF0C ZwReplaceKey
SSDT F8ADDF07 ZwRestoreKey
SSDT F8ADDEF8 ZwSetValueKey
SSDT F8ADDEDF ZwTerminateProcess
INT 0x62 ? 82B89BF8
INT 0x63 ? 8208EBF8
INT 0x74 ? 8208EBF8
INT 0x84 ? 8208EBF8
INT 0x94 ? 8208EBF8
INT 0xA4 ? 82B88BF8
---- Kernel code sections - GMER 1.0.15 ----
? speg.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload F7D1A8AC 5 Bytes JMP 8208E1D8
.text atps8wsm.SYS F172E386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text atps8wsm.SYS F172E3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text atps8wsm.SYS F172E3C4 3 Bytes [00, 80, 02]
.text atps8wsm.SYS F172E3C9 1 Byte [30]
.text atps8wsm.SYS F172E3C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F82B8042] speg.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F82B813E] speg.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F82B80C0] speg.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F82B8800] speg.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F82B86D6] speg.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F82C7B90] speg.sys
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!KfAcquireSpinLock] 18C4830E
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!READ_PORT_UCHAR] 1C959E88
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!KeGetCurrentIrql] 9E880000
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!KfRaiseIrql] 00001CB1
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!KfLowerIrql] 0E798366
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!HalGetInterruptVector] 74AAB000
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!HalTranslateBusAddress] 8986C636
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!KeStallExecutionProcessor] 1A00001C
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!KfReleaseSpinLock] 1C8B86C6
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] C6020000
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!READ_PORT_USHORT] 001C9686
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 86C60200
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[HAL.dll!WRITE_PORT_UCHAR] 00001CB2
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[WMILIB.SYS!WmiSystemControl] 8800001C
IAT \SystemRoot\System32\Drivers\atps8wsm.SYS[WMILIB.SYS!WmiCompleteRequest] 001CB99E
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 82B861F8
Device \Driver\usbuhci \Device\USBPDO-0 81FD81F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{20AFCC1D-7CBD-4FA4-A52D-3E79BBEC999D} 81F06368
Device \Driver\dmio \Device\DmControl\DmIoDaemon 82B8A1F8
Device \Driver\dmio \Device\DmControl\DmConfig 82B8A1F8
Device \Driver\dmio \Device\DmControl\DmPnP 82B8A1F8
Device \Driver\dmio \Device\DmControl\DmInfo 82B8A1F8
Device \Driver\usbuhci \Device\USBPDO-1 81FD81F8
Device \Driver\usbehci \Device\USBPDO-2 820821F8
Device \Driver\PCI_PNP6620 \Device\00000046 speg.sys
Device \Driver\usbuhci \Device\USBPDO-3 81FD81F8
Device \Driver\usbehci \Device\USBPDO-4 820821F8
Device \Driver\usbuhci \Device\USBPDO-5 81FD81F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{69FFD2DA-2E82-4FD6-86FD-47026F51BF2B} 81F06368
Device \Driver\usbuhci \Device\USBPDO-6 81FD81F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 82B8B1F8
Device \Driver\Cdrom \Device\CdRom0 81CFF1F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 82B8B1F8
Device \Driver\Cdrom \Device\CdRom1 81CFF1F8
Device \Driver\iaStor \Device\Ide\iaStor0 [F81618E0] iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F81EDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F81EDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F81EDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [F81618E0] iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\sptd \Device\2242867870 speg.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export 81F06368
Device \Driver\NetBT \Device\NetbiosSmb 81F06368
Device \Driver\usbuhci \Device\USBFDO-0 81FD81F8
Device \Driver\usbuhci \Device\USBFDO-1 81FD81F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 81F33500
Device \Driver\usbehci \Device\USBFDO-2 820821F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 81F33500
Device \Driver\usbuhci \Device\USBFDO-3 81FD81F8
Device \Driver\usbuhci \Device\USBFDO-4 81FD81F8
Device \Driver\Ftdisk \Device\FtControl 82B8B1F8
Device \Driver\usbuhci \Device\USBFDO-5 81FD81F8
Device \Driver\usbehci \Device\USBFDO-6 820821F8
Device \Driver\atps8wsm \Device\Scsi\atps8wsm1Port3Path0Target0Lun0 81E47368
Device \Driver\atps8wsm \Device\Scsi\atps8wsm1 81E47368
Device \FileSystem\Cdfs \Cdfs 81E50500
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x4A 0x11 0xBC 0x9F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x27 0xC8 0x22 0xA5 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8A 0x22 0x50 0x7B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xC0 0xF1 0x3F 0x30 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x27 0xC8 0x22 0xA5 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8A 0x22 0x50 0x7B ...
---- EOF - GMER 1.0.15 ----
Stahněte MBAM 
MBAM má občas falešné detekce
