|  |    Inet-Explorer startet selbstständig 
  Und hier GMER   Zitat:   | GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover Rootkit scan 2010-03-23 14:01:22
 Windows 5.1.2600 Service Pack 3
 Running: 2gywsg31.exe; Driver: C:\DOKUME~1\Computer\LOKALE~1\Temp\pxtdqpow.sys
 
 
 ---- System - GMER 1.0.15 ----
 
 SSDT            88B18A50                                                                                                            ZwAlertResumeThread
 SSDT            88B21C68                                                                                                            ZwAlertThread
 SSDT            89B09370                                                                                                            ZwAllocateVirtualMemory
 SSDT            88905CA8                                                                                                            ZwAssignProcessToJobObject
 SSDT            88C71520                                                                                                            ZwConnectPort
 SSDT            \??\C:\WINXP\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)                            ZwCreateKey [0xAB5F4210]
 SSDT            88925308                                                                                                            ZwCreateMutant
 SSDT            88C14C28                                                                                                            ZwCreateSymbolicLinkObject
 SSDT            88B7E180                                                                                                            ZwCreateThread
 SSDT            88AEEDD0                                                                                                            ZwDebugActiveProcess
 SSDT            \??\C:\WINXP\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)                            ZwDeleteKey [0xAB5F4490]
 SSDT            \??\C:\WINXP\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)                            ZwDeleteValueKey [0xAB5F49F0]
 SSDT            8897DB88                                                                                                            ZwDuplicateObject
 SSDT            spuy.sys                                                                                                            ZwEnumerateKey [0xB9ECDDA4]
 SSDT            spuy.sys                                                                                                            ZwEnumerateValueKey [0xB9ECE132]
 SSDT            88ACA8F8                                                                                                            ZwFreeVirtualMemory
 SSDT            88944300                                                                                                            ZwImpersonateAnonymousToken
 SSDT            88908450                                                                                                            ZwImpersonateThread
 SSDT            88BCA120                                                                                                            ZwLoadDriver
 SSDT            88C389D8                                                                                                            ZwMapViewOfSection
 SSDT            88AD60A8                                                                                                            ZwOpenEvent
 SSDT            \??\C:\WINXP\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)                            ZwOpenKey [0xAB5F47A0]
 SSDT            88941EC8                                                                                                            ZwOpenProcess
 SSDT            88B15A28                                                                                                            ZwOpenProcessToken
 SSDT            88A9DC60                                                                                                            ZwOpenSection
 SSDT            88B23DC8                                                                                                            ZwOpenThread
 SSDT            8884F008                                                                                                            ZwProtectVirtualMemory
 SSDT            spuy.sys                                                                                                            ZwQueryKey [0xB9ECE20A]
 SSDT            spuy.sys                                                                                                            ZwQueryValueKey [0xB9ECE08A]
 SSDT            888D6528                                                                                                            ZwResumeThread
 SSDT            888A44D0                                                                                                            ZwSetContextThread
 SSDT            88ACB968                                                                                                            ZwSetInformationProcess
 SSDT            888A7F90                                                                                                            ZwSetSystemInformation
 SSDT            \??\C:\WINXP\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)                            ZwSetValueKey [0xAB5F4C40]
 SSDT            88940068                                                                                                            ZwSuspendProcess
 SSDT            89C5C960                                                                                                            ZwSuspendThread
 SSDT            888C6090                                                                                                            ZwTerminateProcess
 SSDT            88AED0D8                                                                                                            ZwTerminateThread
 SSDT            888BEB78                                                                                                            ZwUnmapViewOfSection
 SSDT            88D98F38                                                                                                            ZwWriteVirtualMemory
 
 INT 0x63        ?                                                                                                                   88C61BF8
 INT 0x63        ?                                                                                                                   88C61BF8
 INT 0x63        ?                                                                                                                   88C61BF8
 INT 0x63        ?                                                                                                                   88C61BF8
 INT 0x83        ?                                                                                                                   89BE5BF8
 INT 0x83        ?                                                                                                                   88C61BF8
 INT 0x83        ?                                                                                                                   89BE5BF8
 INT 0x94        ?                                                                                                                   88C61BF8
 INT 0xA4        ?                                                                                                                   88C61BF8
 INT 0xB4        ?                                                                                                                   89BE2BF8
 INT 0xB4        ?                                                                                                                   89BE2BF8
 INT 0xB4        ?                                                                                                                   89BE2BF8
 INT 0xB4        ?                                                                                                                   89BE2BF8
 INT 0xB4        ?                                                                                                                   88C61BF8
 
 ---- Kernel code sections - GMER 1.0.15 ----
 
 ?               spuy.sys                                                                                                            Das System kann die angegebene Datei nicht finden. !
 ?               SYMDS.SYS                                                                                                           Das System kann die angegebene Datei nicht finden. !
 ?               SYMEFA.SYS                                                                                                          Das System kann die angegebene Datei nicht finden. !
 .text           C:\WINXP\system32\DRIVERS\nv4_mini.sys                                                                              section is writeable [0xB8D65360, 0x35483F, 0xE8000020]
 .text           USBPORT.SYS!DllUnload                                                                                               B8D458AC 5 Bytes  JMP 88C611D8
 .text           avs36a2n.SYS                                                                                                        B8C68386 35 Bytes  [00, 00, 00, 00, 00, 00, 20, ...]
 .text           avs36a2n.SYS                                                                                                        B8C683AA 24 Bytes  [00, 00, 00, 00, 00, 00, 00, ...]
 .text           avs36a2n.SYS                                                                                                        B8C683C4 3 Bytes  [00, 80, 02]
 .text           avs36a2n.SYS                                                                                                        B8C683C9 1 Byte  [30]
 .text           avs36a2n.SYS                                                                                                        B8C683C9 11 Bytes  [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
 .text           ...
 init            C:\WINXP\system32\drivers\Ambfilt.sys                                                                               entry point in "init" section [0xAF584830]
 .text           C:\WINXP\system32\DRIVERS\atksgt.sys                                                                                section is writeable [0xA9944300, 0x3B6D8, 0xE8000020]
 .text           C:\WINXP\system32\DRIVERS\lirsgt.sys                                                                                section is writeable [0xAEE61300, 0x1BEE, 0xE8000020]
 
 ---- Kernel IAT/EAT - GMER 1.0.15 ----
 
 IAT             atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                                  [B9EB6042] spuy.sys
 IAT             atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                                          [B9EB613E] spuy.sys
 IAT             atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                                 [B9EB60C0] spuy.sys
 IAT             atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                                         [B9EB6800] spuy.sys
 IAT             atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                                 [B9EB66D6] spuy.sys
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!KfAcquireSpinLock]                                                18C4830E
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!READ_PORT_UCHAR]                                                  1C959E88
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!KeGetCurrentIrql]                                                 9E880000
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!KfRaiseIrql]                                                      00001CB1
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!KfLowerIrql]                                                      0E798366
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!HalGetInterruptVector]                                            74AAB000
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!HalTranslateBusAddress]                                           8986C636
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!KeStallExecutionProcessor]                                        1A00001C
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!KfReleaseSpinLock]                                                1C8B86C6
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!READ_PORT_BUFFER_USHORT]                                          C6020000
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!READ_PORT_USHORT]                                                 001C9686
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                         86C60200
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[HAL.dll!WRITE_PORT_UCHAR]                                                 00001CB2
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[WMILIB.SYS!WmiSystemControl]                                              8800001C
 IAT             \SystemRoot\System32\Drivers\avs36a2n.SYS[WMILIB.SYS!WmiCompleteRequest]                                            001CB99E
 
 ---- User IAT/EAT - GMER 1.0.15 ----
 
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\Explorer.EXE [KERNEL32.dll!GetProcAddress]                                   [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                          [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]                            [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\Secur32.dll [KERNEL32.dll!GetProcAddress]                           [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                             [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                            [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]                            [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\ole32.dll [KERNEL32.dll!GetProcAddress]                             [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                           [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]                           [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress]                          [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\WININET.dll [KERNEL32.dll!GetProcAddress]                           [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                           [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\USERENV.dll [KERNEL32.dll!GetProcAddress]                           [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress]                             [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress]                          [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress]                            [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 IAT             C:\WINXP\Explorer.EXE[1968] @ C:\WINXP\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress]                           [5CF07774] C:\WINXP\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
 
 ---- Devices - GMER 1.0.15 ----
 
 Device          \FileSystem\Ntfs \Ntfs                                                                                              89C521F8
 
 AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                            SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
 
 Device          \Driver\sptd \Device\1559449404                                                                                     spuy.sys
 Device          \Driver\usbuhci \Device\USBPDO-0                                                                                    88BA21F8
 Device          \Driver\dmio \Device\DmControl\DmIoDaemon                                                                           89C541F8
 Device          \Driver\dmio \Device\DmControl\DmConfig                                                                             89C541F8
 Device          \Driver\dmio \Device\DmControl\DmPnP                                                                                89C541F8
 Device          \Driver\dmio \Device\DmControl\DmInfo                                                                               89C541F8
 Device          \Driver\usbehci \Device\USBPDO-1                                                                                    88B8D1F8
 Device          \Driver\usbuhci \Device\USBPDO-2                                                                                    88BA21F8
 Device          \Driver\usbuhci \Device\USBPDO-3                                                                                    88BA21F8
 Device          \Driver\usbuhci \Device\USBPDO-4                                                                                    88BA21F8
 
 AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                           SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
 
 Device          \Driver\usbuhci \Device\USBPDO-5                                                                                    88BA21F8
 Device          \Driver\usbehci \Device\USBPDO-6                                                                                    88B8D1F8
 Device          \Driver\Ftdisk \Device\HarddiskVolume1                                                                              89BE31F8
 Device          \Driver\usbuhci \Device\USBPDO-7                                                                                    88BA21F8
 Device          \Driver\Ftdisk \Device\HarddiskVolume2                                                                              89BE31F8
 Device          \Driver\Cdrom \Device\CdRom0                                                                                        88C331F8
 Device          \Driver\Ftdisk \Device\HarddiskVolume3                                                                              89BE31F8
 Device          \Driver\Cdrom \Device\CdRom1                                                                                        88C331F8
 Device          \Driver\atapi \Device\Ide\IdePort0                                                                                  [B9E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
 Device          \Driver\atapi \Device\Ide\IdePort1                                                                                  [B9E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
 Device          \Driver\atapi \Device\Ide\IdePort2                                                                                  [B9E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
 Device          \Driver\atapi \Device\Ide\IdePort3                                                                                  [B9E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
 Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                             8881B500
 Device          \Driver\NetBT \Device\NetbiosSmb                                                                                    8881B500
 Device          \Driver\PCI_PNP9404 \Device\0000004f                                                                                spuy.sys
 
 AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                           SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
 AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                         SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
 
 Device          \Driver\usbuhci \Device\USBFDO-0                                                                                    88BA21F8
 Device          \Driver\usbuhci \Device\USBFDO-1                                                                                    88BA21F8
 Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                                   8886C500
 Device          \Driver\usbuhci \Device\USBFDO-2                                                                                    88BA21F8
 Device          \FileSystem\MRxSmb \Device\LanmanRedirector                                                                         8886C500
 Device          \Driver\usbehci \Device\USBFDO-3                                                                                    88B8D1F8
 Device          \Driver\usbuhci \Device\USBFDO-4                                                                                    88BA21F8
 Device          \Driver\Ftdisk \Device\FtControl                                                                                    89BE31F8
 Device          \Driver\usbuhci \Device\USBFDO-5                                                                                    88BA21F8
 Device          \Driver\usbuhci \Device\USBFDO-6                                                                                    88BA21F8
 Device          \Driver\usbehci \Device\USBFDO-7                                                                                    88B8D1F8
 Device          \Driver\avs36a2n \Device\Scsi\avs36a2n1Port5Path0Target0Lun0                                                        88AEC1F8
 Device          \Driver\avs36a2n \Device\Scsi\avs36a2n1                                                                             88AEC1F8
 Device          \Driver\mv61xx \Device\Scsi\mv61xx1Port4Path0Target14Lun0                                                           89C531F8
 Device          \Driver\mv61xx \Device\Scsi\mv61xx1Port4Path0Target1Lun0                                                            89C531F8
 Device          \Driver\mv61xx \Device\Scsi\mv61xx1                                                                                 89C531F8
 Device          \Driver\mv61xx \Device\Scsi\mv61xx1Port4Path0Target0Lun0                                                            89C531F8
 Device          \FileSystem\Cdfs \Cdfs                                                                                              88D16500
 
 ---- Registry - GMER 1.0.15 ----
 
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                                  771343423
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                                  285507792
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                                  2
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                 1
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                              0x84 0x67 0xF0 0x7C ...
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 C:\Programme\DAEMON Tools Lite\
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                 0xD4 0xC3 0x97 0x02 ...
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x08 0x2D 0x95 0x50 ...
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0x4D 0x87 0x67 0x4C ...
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
 Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x93 0x17 0x9E 0x7B ...
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                     1
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                  0x84 0x67 0xF0 0x7C ...
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Programme\DAEMON Tools Lite\
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0xD4 0xC3 0x97 0x02 ...
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x08 0x2D 0x95 0x50 ...
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0x4D 0x87 0x67 0x4C ...
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
 Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x93 0x17 0x9E 0x7B ...
 
 ---- EOF - GMER 1.0.15 ----
 | 
 |