GMER 1.0.15.15627 - http://www.gmer.net Rootkit scan 2011-05-09 18:45:47 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\iaStor0 FUJITSU_ rev.0040 Running: 8b9kgwm6.exe; Driver: C:\Users\MICHA~1\AppData\Local\Temp\kgliypow.sys ---- System - GMER 1.0.15 ---- INT 0x62 ? 8795CBF8 INT 0x82 ? 8795CBF8 INT 0x82 ? 8795CBF8 INT 0x82 ? 8795CBF8 INT 0x92 ? 8795CBF8 INT 0xA2 ? 8795CBF8 INT 0xB2 ? 86241BF8 INT 0xB2 ? 8795CBF8 INT 0xB2 ? 8795CBF8 INT 0xB2 ? 86241BF8 ---- Kernel code sections - GMER 1.0.15 ---- ? System32\Drivers\spjr.sys System nie może odnaleźć określonej ścieżki. ! .text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x8B14E480, 0x3C939, 0xE8000020] .dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x8B18F900, 0x3CA, 0x48000040] .text USBPORT.SYS!DllUnload 8EDD141B 5 Bytes JMP 8795C1D8 .text aif2q8fb.SYS 8F335000 22 Bytes [82, 53, FD, 82, 6C, 52, FD, ...] .text aif2q8fb.SYS 8F335017 181 Bytes [00, 32, B7, 78, 80, 3D, B5, ...] .text aif2q8fb.SYS 8F3350CE 73 Bytes [00, 00, 00, 00, 01, C2, 03, ...] .text aif2q8fb.SYS 8F335118 185 Bytes [3F, 48, 3E, 8A, 3C, CC, 3D, ...] .text aif2q8fb.SYS 8F3351D2 22 Bytes [E0, C2, E2, 84, E3, 46, E6, ...] .text ... ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[984] kernel32.dll!SetUnhandledExceptionFilter 768EA84F 4 Bytes [C2, 04, 00, 00] ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8068F6D6] \SystemRoot\System32\Drivers\spjr.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8068F042] \SystemRoot\System32\Drivers\spjr.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8068F800] \SystemRoot\System32\Drivers\spjr.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [8068F0C0] \SystemRoot\System32\Drivers\spjr.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8068F13E] \SystemRoot\System32\Drivers\spjr.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [8069EB90] \SystemRoot\System32\Drivers\spjr.sys IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortNotification] 000000DC IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortWritePortUchar] 000000A2 IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortWritePortUlong] 00000333 IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 000003D8 IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 0000024D IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortGetScatterGatherList] 00000201 IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortReadPortUchar] 000001EF IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortStallExecution] 0000031F IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortGetParentBusType] 000000A1 IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortRequestCallback] 0000025C IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 000003BE IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortGetUnCachedExtension] 00000215 IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortCompleteRequest] 000000DD IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortMoveMemory] 00000190 IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 00000182 IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 00000363 IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 00000258 IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortReadPortUshort] 0000030E IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 0000017E IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortInitialize] 00000254 IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortGetDeviceBase] 0000019E IAT \SystemRoot\System32\Drivers\aif2q8fb.SYS[ataport.SYS!AtaPortDeviceStateChange] 000000AB ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73847817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7389A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7384BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7383F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [738475E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7383E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73878395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7384DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7383FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7383FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [738371CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [738CCAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7386C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7383D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73836853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7383687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3236] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73842AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 862441F8 AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Aparat wykonawczy struktury sterowników trybu jądra/Microsoft Corporation) Device \Driver\volmgr \Device\VolMgrControl 8623F1F8 Device \Driver\usbuhci \Device\USBPDO-0 879BA500 Device \Driver\netbt \Device\NetBT_Tcpip_{A37745CF-B4D5-45C7-B057-C9A1252F8467} 88444500 Device \Driver\netbt \Device\NetBT_Tcpip_{00A2EBB4-C6B8-42D4-9D13-9B52E57DE446} 88444500 Device \Driver\usbuhci \Device\USBPDO-1 879BA500 Device \Driver\usbehci \Device\USBPDO-2 879C31F8 Device \Driver\usbuhci \Device\USBPDO-3 879BA500 Device \Driver\usbuhci \Device\USBPDO-4 879BA500 Device \Driver\usbuhci \Device\USBPDO-5 879BA500 Device \Driver\usbuhci \Device\USBPDO-6 879BA500 Device \Driver\volmgr \Device\HarddiskVolume1 8623F1F8 Device \Driver\usbehci \Device\USBPDO-7 879C31F8 Device \Driver\volmgr \Device\HarddiskVolume2 8623F1F8 Device \Driver\cdrom \Device\CdRom0 87A191F8 Device \Driver\PCI_PNP7731 \Device\00000065 spjr.sys Device \Driver\volmgr \Device\HarddiskVolume3 8623F1F8 Device \Driver\netbt \Device\NetBt_Wins_Export 88444500 Device \Driver\Smb \Device\NetbiosSmb 882E31F8 Device \Driver\iScsiPrt \Device\RaidPort0 87A331F8 Device \Driver\usbuhci \Device\USBFDO-0 879BA500 Device \Driver\usbuhci \Device\USBFDO-1 879BA500 Device \Driver\sptd \Device\2968335744 spjr.sys Device \Driver\usbehci \Device\USBFDO-2 879C31F8 Device \Driver\usbuhci \Device\USBFDO-3 879BA500 Device \Driver\usbuhci \Device\USBFDO-4 879BA500 Device \Driver\usbuhci \Device\USBFDO-5 879BA500 Device \Driver\usbuhci \Device\USBFDO-6 879BA500 Device \Driver\usbehci \Device\USBFDO-7 879C31F8 Device \Driver\aif2q8fb \Device\Scsi\aif2q8fb1 87A181F8 Device \FileSystem\cdfs \Cdfs 85C921F8 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Users\micha?\Alcohol 120\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x9C 0xF0 0x0C 0x98 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x40 0x07 0x8B 0xAD ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xA6 0x3E 0xCE 0x23 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41@ujdew 0xB7 0x03 0xF5 0x47 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg42 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg42@ujdew 0x2D 0x5F 0x57 0xA8 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg43 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg43@ujdew 0xCC 0xAD 0x7A 0x2B ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 E:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x9A 0x6C 0x02 0x74 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x8C 0xC6 0xB9 0x0F ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xE0 0xDF 0x3F 0x70 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Users\micha?\Alcohol 120\ Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0 Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x9C 0xF0 0x0C 0x98 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x40 0x07 0x8B 0xAD ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xA6 0x3E 0xCE 0x23 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41@ujdew 0xB7 0x03 0xF5 0x47 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg42 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg42@ujdew 0x2D 0x5F 0x57 0xA8 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg43 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg43@ujdew 0xCC 0xAD 0x7A 0x2B ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 E:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x9A 0x6C 0x02 0x74 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x8C 0xC6 0xB9 0x0F ... Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xE0 0xDF 0x3F 0x70 ... ---- Disk sectors - GMER 1.0.15 ---- Disk \Device\Harddisk0\DR0 MBR read error Disk \Device\Harddisk0\DR0 MBR BIOS signature not found 0 ---- EOF - GMER 1.0.15 ----