Ir ao conteúdo
  • Cadastre-se
romattozo

Painel de controle da erro "Windows explorer parou de funcionar"

Recommended Posts

Nos ultimos dois dias meu PC está me deixando louco!

Recebi a mensagem que meu firewall estava desativado, se eu queria ativar ele ou deixar o AVG gerenciar. Quando selecionei uma das opções, ele abriu o painel de controle que deu erro "Windows explorer parou de funcionar". Desde então meu AVG não atualiza, o Windows update da erro, Meu Outlook não abre e minha bateria parou de carregar (o pc só funciona na tomada). Outras funções e programas pareçem normais.

Tentei entrar no painel de controle pelo modo de segurança, não funcionou. Passei o AVG e não detectou nenhum virus. Desinstalei o AVG e todos os outros programas que havia instalado recentemente e nada.

Restaurei o sistema pela ultima versão valida, (por sinal a do mesmo dia algumas horas antes do problema), e nada aconteceu.

Não quero formatar a maquina, a não ser em ultimo caso.... Tinha postado essa mensagem em Windows 7, onde conversei com o Henrique-RJ que me aconselhou a postar aqui.

Segue abaixo meu DDS e GMER

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK

Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.15.2

Run by romattozo at 13:52:40 on 2013-06-16

Microsoft Windows 7 Starter 6.1.7601.1.1252.55.1046.18.2037.1356 [GMT -3:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

.

============== Running Processes ================

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\windows\Explorer.EXE

C:\windows\system32\ctfmon.exe

C:\windows\system32\DllHost.exe

C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://brasil-pesquisa.pw/r.asp#

mStart Page = hxxp://brasil-pesquisa.pw/r.asp#

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - c:\program files\bluetooth suite\IEPlugIn.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540003} - c:\program files\gbplugin\gbiehcef.dll

uRun: [ae05a] c:\users\romattozo\appdata\roaming\b81\ae05a.js

mRun: [AtherosBtStack] "c:\program files\bluetooth suite\btvstack.exe"

mRun: [AthBtTray] "c:\program files\bluetooth suite\athbttray.exe"

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [AmIcoSinglun] c:\program files\amicosinglun\AmIcoSinglun.exe

mRun: [ETDCtrl] c:\program files\elantech\ETDCtrl.exe

mRun: [iAStorIcon] c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"

StartupFolder: c:\users\romattozo\appdata\roaming\microsoft\windows\start menu\programs\startup\f847f.js

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

StartupFolder: c:\programdata\microsoft\windows\start menu\programs\startup\f847f.js

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NofolderOptions = 1

uPolicies-Explorer: NoWindowsUpdate = 1

uPolicies-Explorer: NoControlPanel = 1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {E37CB5F0-51F5-4395-A808-5FA49E399003} - hxxps://imagem.caixa.gov.br/cab/GBPCEF.CAB

TCP: NameServer = 192.168.25.1

TCP: Interfaces\{10D43DE2-D54A-4FF4-9EA4-29B6ED73EA26} : DHCPNameServer = 189.4.0.147 189.4.0.142

TCP: Interfaces\{BC2AA1C0-5437-4624-B6CD-62C9DA0C0BB7} : DHCPNameServer = 192.168.25.1

TCP: Interfaces\{BC2AA1C0-5437-4624-B6CD-62C9DA0C0BB7}\16C65637964696F6D61637 : DHCPNameServer = 189.4.0.147 189.4.0.142

TCP: Interfaces\{BC2AA1C0-5437-4624-B6CD-62C9DA0C0BB7}\35075696 : DHCPNameServer = 10.50.0.1

TCP: Interfaces\{BC2AA1C0-5437-4624-B6CD-62C9DA0C0BB7}\746545 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{BC2AA1C0-5437-4624-B6CD-62C9DA0C0BB7}\746545D223130323 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{BC2AA1C0-5437-4624-B6CD-62C9DA0C0BB7}\746545D244235453 : DHCPNameServer = 192.168.25.1

TCP: Interfaces\{BC2AA1C0-5437-4624-B6CD-62C9DA0C0BB7}\D6162746F6C656374756137313 : DHCPNameServer = 189.4.64.83 189.4.64.88

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginCef - c:\program files\gbplugin\gbiehCef.dll

Notify: igfxcui - igfxdev.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - c:\program files\gbplugin\gbiehcef.dll

LSA: Notification Packages = scecli c:\program files\widcomm\bluetooth software\BtwProximityCP.dll

.

============= SERVICES / DRIVERS ===============

.

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2013-3-15 47192]

R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2012-5-30 25728]

R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2011-7-26 116008]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2010-2-15 322336]

S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2011-7-26 10752]

S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2013/04/08 00:28:24];c:\program files\cyberlink\powerdvd11\common\navfilter\000.fcl [2011-9-2 77296]

S2 AtherosSvc;AtherosSvc;c:\program files\bluetooth suite\AdminService.exe [2012-5-30 97920]

S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files\cyberlink\powerdvd11\kernel\dmp\CLHNServiceForPowerDVD.exe [2013-4-8 83240]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2012-7-8 104912]

S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files\cyberlink\powerdvd11\common\mediaserver\CLMSMonitorService.exe [2013-4-8 75048]

S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files\cyberlink\powerdvd11\common\mediaserver\CLMSServerForPDVD11.exe [2013-4-8 292136]

S2 eBeam Device Service;eBeam Device Service;c:\program files\luidia\ebeam device service\eBeamDeviceServiceMain.exe [2012-2-2 180224]

S2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-25 189736]

S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011-12-28 238952]

S2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2013-3-15 527720]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2012-7-22 13592]

S2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\nitro\pro 8\NitroPDFDriverService8.exe [2013-3-25 196616]

S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files\cyberlink\powerdvd11\kernel\dmp\ntk_PowerDVD.sys [2013-4-8 71664]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-3-1 161384]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2013\TuneUpUtilitiesService32.exe [2012-10-10 1699168]

S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-7-13 21096]

S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-7-13 25448]

S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files\bluetooth suite\Ath_CoexAgent.exe [2012-5-30 327296]

S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.sys [2009-10-23 28672]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\drivers\btath_flt.sys [2012-5-30 35968]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-5-30 299648]

S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-5-30 98432]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2012-5-30 148096]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\drivers\btath_lwflt.sys [2012-5-30 60544]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2012-5-30 264448]

S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2011-12-8 525352]

S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\drivers\btwdpan.sys [2012-7-20 76328]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2011-12-8 33832]

S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]

S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-2-4 18136]

S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-3-31 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-12-28 36640]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2013-2-8 12400]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 100328]

S3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-16 14848]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]

S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2013-2-8 155320]

S3 tapklink;Klink Virtual Network Adapter;c:\windows\system32\drivers\tapklink.sys [2011-10-23 26624]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-16 49664]

S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-16 27136]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2013\TuneUpUtilitiesDriver32.sys [2012-9-19 10088]

S3 VMC33F;Vimicro Camera Service VMC33F;c:\windows\system32\drivers\VMC33F.sys [2012-7-22 237952]

S3 vtcdrv;VTC Driver v5.00;c:\windows\system32\drivers\vtcdrv.sys [2009-10-15 18688]

S4 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-12-6 214896]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

.

=============== Created Last 30 ================

.

2013-06-16 13:39:30 -------- dc----w- c:\programdata\Seagate

2013-06-16 13:39:29 -------- dc----w- c:\program files\Seagate

2013-06-16 13:36:06 -------- d-----w- c:\users\romattozo\appdata\local\Downloaded Installations

2013-06-15 23:01:33 -------- dc----w- c:\programdata\Kaspersky Lab

2013-06-15 16:37:51 -------- d-----w- c:\users\romattozo\Doctor Web

2013-06-14 12:18:14 7016152 -c--a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{dc0a976a-53ab-428d-8619-7c2e53082ef5}\mpengine.dll

2013-06-14 12:06:14 724464 -c--a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\nisbackup\gapaengine.dll

2013-06-14 12:06:13 724464 -c--a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1a3b5f02-8795-494b-b168-5e977c5e81e5}\gapaengine.dll

2013-06-13 12:15:30 1505280 ----a-w- c:\windows\system32\d3d11.dll

2013-06-13 01:58:10 2706432 ----a-w- c:\windows\system32\mshtml.tlb

2013-06-13 01:58:09 218112 ----a-w- c:\program files\internet explorer\sqmapi.dll

2013-06-13 00:43:01 24576 ----a-w- c:\windows\system32\cryptdlg.dll

2013-06-13 00:41:36 903168 ----a-w- c:\windows\system32\certutil.exe

2013-06-13 00:41:34 140288 ----a-w- c:\windows\system32\cryptsvc.dll

2013-06-13 00:41:34 1160192 ----a-w- c:\windows\system32\crypt32.dll

2013-06-13 00:41:34 103936 ----a-w- c:\windows\system32\cryptnet.dll

2013-06-13 00:41:33 43008 ----a-w- c:\windows\system32\certenc.dll

2013-06-13 00:40:46 492544 ----a-w- c:\windows\system32\win32spl.dll

2013-06-13 00:35:33 7016152 -c--a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-06-12 23:11:18 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll

2013-06-12 23:11:15 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-06-12 23:11:14 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-06-12 23:10:59 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-06-12 00:37:54 -------- dc----w- c:\program files\Microsoft Security Client

2013-06-12 00:28:23 -------- d-----w- c:\users\romattozo\appdata\local\Avg2013

2013-06-02 22:42:55 -------- dcsh--w- c:\program files\a71b

2013-06-02 22:42:55 -------- d-sh--w- c:\users\romattozo\appdata\roaming\b81

2013-06-02 22:42:54 -------- dcsh--w- C:\b916

2013-06-01 02:27:57 -------- dc----w- c:\program files\Yontoo

2013-05-28 16:12:35 -------- d-----w- c:\users\romattozo\appdata\roaming\Acapela Group

2013-05-26 00:10:50 159744 -c--a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll

2013-05-26 00:10:50 159744 -c--a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll

2013-05-26 00:10:50 159744 -c--a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll

2013-05-26 00:10:50 159744 -c--a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll

2013-05-26 00:10:50 159744 -c--a-w- c:\program files\internet explorer\plugins\npqtplugin.dll

2013-05-26 00:06:11 -------- dc----w- c:\program files\iPod

2013-05-26 00:06:09 -------- dc----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-05-26 00:06:09 -------- dc----w- c:\program files\iTunes

2013-05-24 12:02:53 -------- d-----w- c:\users\romattozo\appdata\local\Mozilla

.

==================== Find3M ====================

.

2013-06-13 01:24:14 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-06-13 01:24:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-17 01:25:57 1767936 ----a-w- c:\windows\system32\wininet.dll

2013-05-17 01:25:27 2877440 ----a-w- c:\windows\system32\jscript9.dll

2013-05-17 01:25:26 61440 ----a-w- c:\windows\system32\iesetup.dll

2013-05-17 01:25:26 109056 ----a-w- c:\windows\system32\iesysprep.dll

2013-05-14 08:40:13 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2013-05-02 05:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-05-01 06:59:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2013-05-01 06:59:12 69632 ----a-w- c:\windows\system32\QuickTime.qts

2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

2013-04-12 13:45:29 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-10 05:18:40 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-04-10 05:18:40 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2013-04-10 03:14:06 2347520 ----a-w- c:\windows\system32\win32k.sys

2013-04-08 02:20:10 29480 ----a-w- c:\windows\system32\msxml3a.dll

2013-04-08 02:20:08 505128 ----a-w- c:\windows\system32\msvcp71.dll

2013-04-08 02:20:08 353576 ----a-w- c:\windows\system32\msvcr71.dll

2013-04-08 02:01:35 16384 ----a-w- c:\windows\system32\lgfwunis.exe

2013-04-04 18:00:00 112640 ----a-w- c:\windows\system32\ff_vfw.dll

2013-04-02 14:09:52 4550656 ----a-w- c:\windows\system32\GPhotos.scr

2013-03-25 22:07:48 27144 ----a-w- c:\windows\system32\nitrolocalmon2.dll

2013-03-25 22:07:48 18440 ----a-w- c:\windows\system32\nitrolocalui2.dll

2013-03-19 04:53:27 186368 ----a-w- c:\windows\system32\wwansvc.dll

2013-03-19 04:48:45 38912 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-19 03:33:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll

2013-03-19 02:49:16 69632 ----a-w- c:\windows\system32\smss.exe

2010-07-08 13:37:14 101544 -c--a-w- c:\program files\common files\LinkInstaller.exe

2009-12-06 09:18:14 26624 --sh--w- c:\windows\bfcs2.dll

.

============= FINISH: 13:54:46,62 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Starter

Boot Device: \Device\HarddiskVolume2

Install Date: 08/12/2011 13:53:12

System Uptime: 16/06/2013 13:43:52 (0 hours ago)

.

Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | N150P

Processor: Intel® Atom CPU N455 @ 1.66GHz | CPU 1 | 1662/mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 112 GiB total, 41,157 GiB free.

D: is FIXED (NTFS) - 166 GiB total, 122,805 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

==== System Restore Points ===================

.

RP399: 12/06/2013 13:13:19 - Windows Update

RP400: 12/06/2013 13:30:25 - Windows Update

RP401: 12/06/2013 22:55:10 - Windows Update

RP402: 13/06/2013 13:22:05 - Windows Update

RP403: 14/06/2013 15:37:21 - Installed Microsoft Fix it 50511

RP404: 16/06/2013 10:37:02 - Instalado Seagate Manager Installer

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

?? ??? ?? Windows Live Mesh ActiveX ???

??? ActiveX ?? Windows Live Mesh ???? ??????? ???????

???? ??? Windows Live

???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????

???? Windows Live

????? Messenger

????? Windows Live

?????? ??????? ?? Windows Live

??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????

??????? Windows Live Mesh ActiveX ??(????)

??????? Windows Live Mesh ActiveX ???

???????? ?? Messenger

???????? ?????????? Windows Live

????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???)

????????? Messenger

?????????? Windows Live

??????????? ?? Windows Live

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh

ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ??????

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.03)

Adobe Shockwave Player 12.0

Alcor Micro USB Card Reader

„Messenger“ pagalbine priemone

Apple Mobile Device Support

Apple Software Update

Atheros Bluetooth Suite

Atheros Client Installation Program

µTorrent

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

„Windows Live Essentials“

„Windows Live Mail“

„Windows Live Mesh ActiveX“ nuotoliniu ryšiu valdiklis

„Windows Live Messenger“

„Windows Live“ fotogalerija

BatteryLifeExtender

Bonjour

Card Reader Patch 1.0 for Windows 7

CCleaner

ChargeableUSB

CircleSurround II Plugin for Windows Media Player

Complemento Messenger

Complément Messenger

Contrôle ActiveX Windows Live Mesh pour connexions à distance

Control ActiveX de Windows Live Mesh para conexiones remotas

Control ActiveX Windows Live Mesh pentru conexiuni la distan?a

Controle ActiveX do Windows Live Mesh para Conexões Remotas

Controlo ActiveX do Windows Live Mesh para Ligações Remotas

Cut The Rope version 1.0

CyberLink PowerDVD 11

CyberLink YouCam

D3DX10

Doplnok programu Messenger

Easy Content Share

Easy Display Manager

Easy Network Manager

Easy Resolution Manager

Easy SpeedUp Manager

EasyBatteryManager

EasyFileShare

eBeam Device Service 2.4.4.39

eBeam Education Suite 2.4.4.39

ETDWare PS/2-X86 8.0.7.2_WHQL

Fast Booting SW

Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych

Fotogalerija Windows Live

Galeria de Fotografias do Windows Live

Galeria fotografii uslugi Windows Live

Galerie de photos Windows Live

Galerie foto Windows Live

Galería fotográfica de Windows Live

Google Chrome

Google Drive

Google Earth Plug-in

Google Talk Plugin

Google Update Helper

Intel® Graphics Media Accelerator Driver

Intel® Rapid Storage Technology

iTunes

Java 7 Update 15

Java Auto Updater

Java 6 Update 31

JavaFX 2.1.1

Junk Mail filter update

K-Lite Mega Codec Pack 9.8.7

Kontrola Windows Live Mesh ActiveX za daljinske veze

Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave

LG ODD Auto Firmware Update

LG Power Tools

Marvell Miniport Driver

Mesh Runtime

Messenger-kumppani

Messenger ??? ??

Messenger ????

Messenger ?????

Messenger Assistent

Messenger Companion

Messenger kíséro

Messenger Pratilac

Messenger Suradnik

Microsoft .NET Framework 4.5

Microsoft .NET Framework 4.5 PTB Language Pack

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (English) 2007

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office Language Pack 2007 - Portuguese/Português (Brasil)

Microsoft Office O MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

Microsoft Office SharePoint Designer MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Office X MUI (Portuguese (Brazil)) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SOAP Toolkit 3.0

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MotoHelper 2.1.32 Driver 5.4.0

MotoHelper MergeModules

Motorola Mobile Drivers Installation 5.4.0

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nitro Pro 8

Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení

Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia

Pacote de Driver do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

PC Connectivity Solution

Picasa 3

Poczta uslugi Windows Live

Podstawowe programy Windows Live

Pomocnik Messenger

Pošta Windows Live

QuickTime

Raccolta foto di Windows Live

RealNetworks - Microsoft Visual C++ 2008 Runtime

Realtek High Definition Audio Driver

REALTEK PCIE Wireless LAN Software

S?????? f?t???af??? t?? Windows Live

Samsung Recovery Solution 4

Samsung Support Center

Samsung Update Plus

Seagate Manager Installer

Security Update for CAPICOM (KB931906)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Skype™ 6.3

Sony Ericsson Update Engine

Sony PC Companion 2.10.136

Spremljevalec Messenger

St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??

StarterBackgroundChanger

Suplemento Microsoft Salvar como PDF ou XPS para programas do Microsoft Office 2007

Suporte para Aplicativos Apple

swMSM

System Requirements Lab for Intel

TuneUp Utilities 2013

TuneUp Utilities Language Pack (pt-BR)

Unified Remote

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

User Guide

UxStyle Core Beta

Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi

Video to Video

VOICEbook Player Lite version

VSLogonScreenCustomizer version 1.0.1

WebCam SCB-0340N

WIDCOMM Bluetooth Software

Windows Driver Package - Telechips Inc (vtcdrv) USB (05/07/2010 5.0.0.1)

Windows Live

Windows Live ??

Windows Live ?? ???

Windows Live ???

Windows Live ????

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Fotótár

Windows Live Foto-galerija

Windows Live fotoattelu galerija

Windows Live Fotogalerie

Windows Live Fotogalleri

Windows Live Fotogaléria

Windows Live Fotograf Galerisi

Windows Live Galeria de Fotos

Windows Live Galerija fotografija

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger

Windows Live Mesh ActiveX-objekt til fjernforbindelser

Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Mesh ActiveX kontrola za daljinske veze

Windows Live Mesh ActiveX vadikla attalajiem savienojumiem

Windows Live Meshin etäyhteyksien ActiveX-komponentti

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Pošta

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Temel Parçalar

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Liven asennustyökalu

Windows Liven sähköposti

Windows Liven valokuvavalikoima

WinRAR archiver

.

==== End Of File ===========================

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-06-16 16:48:56

Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 SAMSUNG_ rev.2AJ1 298,09GB

Running: gmer.exe; Driver: C:\Users\ROMATT~1\AppData\Local\Temp\pxldrpow.sys

---- Kernel code sections - GMER 2.1 ----

.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 8344E9F5 1 Byte [06]

.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 834881F2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

? C:\Users\ROMATT~1\AppData\Local\Temp\mbr.sys O sistema não pode encontrar o caminho especificado. !

---- User code sections - GMER 2.1 ----

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtCreateFile + 6 779355CE 4 Bytes [28, 84, FC, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtCreateFile + B 779355D3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtMapViewOfSection + 6 77935C2E 4 Bytes [28, 87, FC, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtMapViewOfSection + B 77935C33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenFile + 6 77935CDE 4 Bytes [68, 84, FC, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenFile + B 77935CE3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenProcess + 6 77935D8E 4 Bytes [A8, 85, FC, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenProcess + B 77935D93 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenProcessToken + B 77935DA3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenProcessTokenEx + 6 77935DAE 4 Bytes [A8, 86, FC, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenProcessTokenEx + B 77935DB3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenThread + 6 77935E0E 4 Bytes [68, 85, FC, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenThread + B 77935E13 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenThreadToken + 6 77935E1E 4 Bytes [68, 86, FC, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenThreadToken + B 77935E23 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenThreadTokenEx + B 77935E33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtQueryAttributesFile + 6 77935F3E 4 Bytes [A8, 84, FC, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtQueryAttributesFile + B 77935F43 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtQueryFullAttributesFile + B 77935FF3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtSetInformationFile + 6 7793663E 4 Bytes [28, 85, FC, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtSetInformationFile + B 77936643 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtSetInformationThread + 6 7793669E 4 Bytes [28, 86, FC, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtSetInformationThread + B 779366A3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtUnmapViewOfSection + 6 779369BE 4 Bytes [68, 87, FC, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtUnmapViewOfSection + B 779369C3 1 Byte [E2]

.text C:\windows\system32\winlogon.exe[524] kernel32.dll!FreeLibraryAndExitThread 772A03B0 5 Bytes JMP 3B6A7099 C:\Program Files\GbPlugin\gbiehCef.dll

.text C:\windows\system32\winlogon.exe[524] kernel32.dll!FreeLibrary 772AEF67 5 Bytes JMP 3B6A7121 C:\Program Files\GbPlugin\gbiehCef.dll

.text C:\windows\system32\winlogon.exe[524] ole32.dll!CoUnmarshalInterface 76E2F150 6 Bytes JMP 71AB000A

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtCreateFile + 6 779355CE 4 Bytes [28, C4, 98, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtCreateFile + B 779355D3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtMapViewOfSection + 6 77935C2E 4 Bytes [28, C7, 98, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtMapViewOfSection + B 77935C33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtOpenFile + 6 77935CDE 4 Bytes [68, C4, 98, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtOpenFile + B 77935CE3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtOpenProcess + 6 77935D8E 4 Bytes [A8, C5, 98, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtOpenProcess + B 77935D93 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtOpenProcessToken + B 77935DA3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtOpenProcessTokenEx + 6 77935DAE 4 Bytes [A8, C6, 98, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtOpenProcessTokenEx + B 77935DB3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtOpenThread + 6 77935E0E 4 Bytes [68, C5, 98, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtOpenThread + B 77935E13 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtOpenThreadToken + 6 77935E1E 4 Bytes [68, C6, 98, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtOpenThreadToken + B 77935E23 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtOpenThreadTokenEx + B 77935E33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtQueryAttributesFile + 6 77935F3E 4 Bytes [A8, C4, 98, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtQueryAttributesFile + B 77935F43 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtQueryFullAttributesFile + B 77935FF3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtSetInformationFile + 6 7793663E 4 Bytes [28, C5, 98, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtSetInformationFile + B 77936643 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtSetInformationThread + 6 7793669E 4 Bytes [28, C6, 98, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtSetInformationThread + B 779366A3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtUnmapViewOfSection + 6 779369BE 4 Bytes [68, C7, 98, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[824] ntdll.dll!NtUnmapViewOfSection + B 779369C3 1 Byte [E2]

.text C:\windows\Explorer.EXE[1520] ole32.dll!CoUnmarshalInterface 76E2F150 6 Bytes JMP 7199000A

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtCreateFile + 6 779355CE 4 Bytes [28, 20, AF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtCreateFile + B 779355D3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtMapViewOfSection + 6 77935C2E 4 Bytes [28, 23, AF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtMapViewOfSection + B 77935C33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtOpenFile + 6 77935CDE 4 Bytes [68, 20, AF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtOpenFile + B 77935CE3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtOpenProcess + 6 77935D8E 4 Bytes [A8, 21, AF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtOpenProcess + B 77935D93 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtOpenProcessToken + B 77935DA3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtOpenProcessTokenEx + 6 77935DAE 4 Bytes [A8, 22, AF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtOpenProcessTokenEx + B 77935DB3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtOpenThread + 6 77935E0E 4 Bytes [68, 21, AF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtOpenThread + B 77935E13 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtOpenThreadToken + 6 77935E1E 4 Bytes [68, 22, AF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtOpenThreadToken + B 77935E23 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtOpenThreadTokenEx + B 77935E33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtQueryAttributesFile + 6 77935F3E 4 Bytes [A8, 20, AF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtQueryAttributesFile + B 77935F43 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtQueryFullAttributesFile + B 77935FF3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtSetInformationFile + 6 7793663E 4 Bytes [28, 21, AF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtSetInformationFile + B 77936643 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtSetInformationThread + 6 7793669E 4 Bytes [28, 22, AF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtSetInformationThread + B 779366A3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtUnmapViewOfSection + 6 779369BE 4 Bytes [68, 23, AF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1596] ntdll.dll!NtUnmapViewOfSection + B 779369C3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtCreateFile + 6 779355CE 4 Bytes [28, 8C, EF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtCreateFile + B 779355D3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtMapViewOfSection + 6 77935C2E 4 Bytes [28, 8F, EF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtMapViewOfSection + B 77935C33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtOpenFile + 6 77935CDE 4 Bytes [68, 8C, EF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtOpenFile + B 77935CE3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtOpenProcess + 6 77935D8E 4 Bytes [A8, 8D, EF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtOpenProcess + B 77935D93 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtOpenProcessToken + B 77935DA3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtOpenProcessTokenEx + 6 77935DAE 4 Bytes [A8, 8E, EF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtOpenProcessTokenEx + B 77935DB3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtOpenThread + 6 77935E0E 4 Bytes [68, 8D, EF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtOpenThread + B 77935E13 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtOpenThreadToken + 6 77935E1E 4 Bytes [68, 8E, EF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtOpenThreadToken + B 77935E23 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtOpenThreadTokenEx + B 77935E33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtQueryAttributesFile + 6 77935F3E 4 Bytes [A8, 8C, EF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtQueryAttributesFile + B 77935F43 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtQueryFullAttributesFile + B 77935FF3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtSetInformationFile + 6 7793663E 4 Bytes [28, 8D, EF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtSetInformationFile + B 77936643 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtSetInformationThread + 6 7793669E 4 Bytes [28, 8E, EF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtSetInformationThread + B 779366A3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtUnmapViewOfSection + 6 779369BE 4 Bytes [68, 8F, EF, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1880] ntdll.dll!NtUnmapViewOfSection + B 779369C3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtCreateFile + 6 779355CE 4 Bytes [28, 8C, 5B, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtCreateFile + B 779355D3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtMapViewOfSection + 6 77935C2E 4 Bytes [28, 8F, 5B, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtMapViewOfSection + B 77935C33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtOpenFile + 6 77935CDE 4 Bytes [68, 8C, 5B, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtOpenFile + B 77935CE3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtOpenProcess + 6 77935D8E 4 Bytes [A8, 8D, 5B, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtOpenProcess + B 77935D93 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtOpenProcessToken + B 77935DA3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtOpenProcessTokenEx + 6 77935DAE 4 Bytes [A8, 8E, 5B, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtOpenProcessTokenEx + B 77935DB3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtOpenThread + 6 77935E0E 4 Bytes [68, 8D, 5B, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtOpenThread + B 77935E13 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtOpenThreadToken + 6 77935E1E 4 Bytes [68, 8E, 5B, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtOpenThreadToken + B 77935E23 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtOpenThreadTokenEx + B 77935E33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtQueryAttributesFile + 6 77935F3E 4 Bytes [A8, 8C, 5B, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtQueryAttributesFile + B 77935F43 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtQueryFullAttributesFile + B 77935FF3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtSetInformationFile + 6 7793663E 4 Bytes [28, 8D, 5B, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtSetInformationFile + B 77936643 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtSetInformationThread + 6 7793669E 4 Bytes [28, 8E, 5B, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtSetInformationThread + B 779366A3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtUnmapViewOfSection + 6 779369BE 4 Bytes [68, 8F, 5B, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[1952] ntdll.dll!NtUnmapViewOfSection + B 779369C3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtCreateFile + 6 779355CE 4 Bytes [28, C4, 3F, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtCreateFile + B 779355D3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtMapViewOfSection + 6 77935C2E 4 Bytes [28, C7, 3F, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtMapViewOfSection + B 77935C33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtOpenFile + 6 77935CDE 4 Bytes [68, C4, 3F, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtOpenFile + B 77935CE3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtOpenProcess + 6 77935D8E 4 Bytes [A8, C5, 3F, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtOpenProcess + B 77935D93 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtOpenProcessToken + B 77935DA3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtOpenProcessTokenEx + 6 77935DAE 4 Bytes [A8, C6, 3F, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtOpenProcessTokenEx + B 77935DB3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtOpenThread + 6 77935E0E 4 Bytes [68, C5, 3F, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtOpenThread + B 77935E13 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtOpenThreadToken + 6 77935E1E 4 Bytes [68, C6, 3F, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtOpenThreadToken + B 77935E23 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtOpenThreadTokenEx + B 77935E33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtQueryAttributesFile + 6 77935F3E 4 Bytes [A8, C4, 3F, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtQueryAttributesFile + B 77935F43 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtQueryFullAttributesFile + B 77935FF3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtSetInformationFile + 6 7793663E 4 Bytes [28, C5, 3F, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtSetInformationFile + B 77936643 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtSetInformationThread + 6 7793669E 4 Bytes [28, C6, 3F, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtSetInformationThread + B 779366A3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtUnmapViewOfSection + 6 779369BE 4 Bytes [68, C7, 3F, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3208] ntdll.dll!NtUnmapViewOfSection + B 779369C3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtCreateFile + 6 779355CE 4 Bytes [28, 20, 24, 00] {SUB [EAX], AH; AND AL, 0x0}

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtCreateFile + B 779355D3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtMapViewOfSection + 6 77935C2E 4 Bytes [28, 23, 24, 00] {SUB [EBX], AH; AND AL, 0x0}

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtMapViewOfSection + B 77935C33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtOpenFile + 6 77935CDE 4 Bytes [68, 20, 24, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtOpenFile + B 77935CE3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtOpenProcess + 6 77935D8E 4 Bytes [A8, 21, 24, 00] {TEST AL, 0x21; AND AL, 0x0}

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtOpenProcess + B 77935D93 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtOpenProcessToken + B 77935DA3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtOpenProcessTokenEx + 6 77935DAE 4 Bytes [A8, 22, 24, 00] {TEST AL, 0x22; AND AL, 0x0}

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtOpenProcessTokenEx + B 77935DB3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtOpenThread + 6 77935E0E 4 Bytes [68, 21, 24, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtOpenThread + B 77935E13 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtOpenThreadToken + 6 77935E1E 4 Bytes [68, 22, 24, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtOpenThreadToken + B 77935E23 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtOpenThreadTokenEx + B 77935E33 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtQueryAttributesFile + 6 77935F3E 4 Bytes [A8, 20, 24, 00] {TEST AL, 0x20; AND AL, 0x0}

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtQueryAttributesFile + B 77935F43 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtQueryFullAttributesFile + B 77935FF3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtSetInformationFile + 6 7793663E 4 Bytes [28, 21, 24, 00] {SUB [ECX], AH; AND AL, 0x0}

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtSetInformationFile + B 77936643 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtSetInformationThread + 6 7793669E 4 Bytes [28, 22, 24, 00] {SUB [EDX], AH; AND AL, 0x0}

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtSetInformationThread + B 779366A3 1 Byte [E2]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtUnmapViewOfSection + 6 779369BE 4 Bytes [68, 23, 24, 00]

.text C:\Users\romattozo\AppData\Local\Google\Chrome\Application\chrome.exe[3268] ntdll.dll!NtUnmapViewOfSection + B 779369C3 1 Byte [E2]

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313ba9225 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\e0ca944587a8 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\e0ca944587a8@01234569cfa5 0xB1 0x37 0xD2 0xD5 ...

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\e0ca944587a8@b8f934f18389 0x09 0xF1 0x1B 0xCF ...

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313ba9225

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\e0ca944587a8

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\e0ca944587a8@01234569cfa5 0xB1 0x37 0xD2 0xD5 ...

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\e0ca944587a8@b8f934f18389 0x09 0xF1 0x1B 0xCF ...

Reg HKLM\SYSTEM\ControlSet004\services\BTHPORT\Parameters\Keys\506313ba9225 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet004\services\BTHPORT\Parameters\Keys\e0ca944587a8 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet004\services\BTHPORT\Parameters\Keys\e0ca944587a8@01234569cfa5 0xB1 0x37 0xD2 0xD5 ...

Reg HKLM\SYSTEM\ControlSet004\services\BTHPORT\Parameters\Keys\e0ca944587a8@b8f934f18389 0x09 0xF1 0x1B 0xCF ...

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----

Espero que tenha postado tudo certo dessa vez, pois fiz algo de errado da ultima e meu post foi excluido.

Obrigado

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá

Desculpe a demora :)

Postes os logs de acordo com Leia Antes de Postar - Criando um novo Tópico

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

ATENÇÃO 4: Não anexe os logs, obrigado!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×