Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
FFM

Rootkit no notebook

Recommended Posts

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7600.16385

Run by fabricio at 23:22:39 on 2013-09-01

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2038.1215 [GMT -4:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\splwow64.exe

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com

uSearch Page = hxxp://www.google.com

uDefault_Page_URL = hxxp://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD1600BEVS-22RST0_WD-WXEZ0612454724547&ts=1375932493

mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

mDefault_Page_URL = hxxp://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD1600BEVS-22RST0_WD-WXEZ0612454724547&ts=1375932493

uSearchAssistant = hxxp://www.google.com

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll

TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{36EACAB9-C41F-48B4-A77A-5604C8702687} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{36EACAB9-C41F-48B4-A77A-5604C8702687}\6416475636F50323 : DHCPNameServer = 192.168.0.4 10.1.2.1

TCP: Interfaces\{36EACAB9-C41F-48B4-A77A-5604C8702687}\6416475636F50333 : DHCPNameServer = 192.168.0.4 10.1.3.1

TCP: Interfaces\{36EACAB9-C41F-48B4-A77A-5604C8702687}\6416475636F50373 : DHCPNameServer = 10.1.9.1

TCP: Interfaces\{DC5DE62B-7261-4597-8409-0CC5FA10E161} : DHCPNameServer = 192.168.42.129

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll

SSODL: WebCheck - <orphaned>

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

x64-mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

x64-mDefault_Page_URL = hxxp://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD1600BEVS-22RST0_WD-WXEZ0612454724547&ts=1375932493

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\fabricio\AppData\Roaming\Mozilla\Firefox\Profiles\qjylmdxy.default\

FF - prefs.js: browser.startup.homepage - about:home

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Users\fabricio\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll

FF - plugin: C:\Users\fabricio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

FF - ExtSQL: 2013-08-07 23:41; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; C:\Users\fabricio\AppData\Roaming\Mozilla\Firefox\Profiles\qjylmdxy.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

FF - ExtSQL: 2013-08-12 00:14; plugin@getwebcake.com; C:\Users\fabricio\AppData\Roaming\Mozilla\Firefox\Profiles\qjylmdxy.default\extensions\plugin@getwebcake.com.xpi

FF - ExtSQL: 2013-08-23 08:01; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF

FF - ExtSQL: 2013-08-31 19:28; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\fabricio\AppData\Roaming\Mozilla\Firefox\Profiles\qjylmdxy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

.

---- FIREFOX POLICIES ----

.

FF - user.js: extentions.webcake.installId - 29b62cef-55eb-4294-a3d2-8714f4e79441

FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-8-23 65336]

R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-8-23 189936]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-8-23 1030952]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-8-23 378944]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-8-23 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-8-23 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-8-23 46808]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-8-1 409640]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-8-21 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-8-21 701512]

R3 bcm44amd64;Driver de XP do Broadcom 440x 10/100 Integrated Controller;C:\Windows\System32\drivers\b44amd64.sys [2009-6-10 87552]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-8-21 25928]

R3 netw5v64;Driver de adaptador Intel® Wireless WiFi Link 5000 Series para Windows Vista 64 Bits;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

R3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\Windows\System32\drivers\lgandnetdiag64.sys [2011-9-6 29184]

S3 ANDNetModem;LGE AndroidNet USB Modem;C:\Windows\System32\drivers\lgandnetmodem64.sys [2011-9-6 35840]

S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;C:\Windows\System32\drivers\lgandnetndis64.sys [2011-9-16 93184]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-8-7 1255736]

.

=============== Created Last 30 ================

.

2013-08-31 21:09:17 -------- d-----w- C:\Program Files\CCleaner

2013-08-27 03:50:24 -------- d-----w- C:\Program Files (x86)\MSECache

2013-08-23 12:04:25 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-08-23 12:04:21 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-08-23 12:04:20 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-08-23 12:04:18 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-08-23 12:04:07 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-08-23 12:00:49 41664 ----a-w- C:\Windows\avastSS.scr

2013-08-23 11:59:44 -------- d-----w- C:\Program Files\AVAST Software

2013-08-23 04:02:32 -------- d-----w- C:\ProgramData\AVAST Software

2013-08-23 03:15:47 -------- d-----w- C:\Users\fabricio\AppData\Local\BeamriseUninstall

2013-08-22 02:47:15 -------- d-----w- C:\Users\fabricio\AppData\Roaming\Malwarebytes

2013-08-22 02:47:06 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2013-08-22 02:47:05 -------- d-----w- C:\ProgramData\Malwarebytes

2013-08-22 02:47:02 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-08-22 02:47:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-08-21 03:08:29 -------- d-----w- C:\Users\fabricio\AppData\Roaming\Unity

2013-08-21 02:58:32 -------- d-----w- C:\Users\fabricio\AppData\Local\Unity

2013-08-14 01:59:22 -------- d-----w- C:\ProgramData\boost_interprocess

2013-08-11 19:00:52 -------- d-----w- C:\Users\fabricio\AppData\Roaming\Movdap

2013-08-11 19:00:52 -------- d-----w- C:\Program Files (x86)\Movdap

2013-08-08 03:44:19 -------- d-----w- C:\Users\fabricio\AppData\Local\Macromedia

2013-08-08 03:40:39 -------- d-----w- C:\Users\fabricio\AppData\Local\Mozilla

2013-08-08 03:40:27 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2013-08-08 03:38:34 -------- d-----w- C:\Users\fabricio\AppData\Roaming\TuneUp Software

2013-08-08 03:38:08 -------- d-----w- C:\ProgramData\TuneUp Software

2013-08-08 03:37:54 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2013-08-08 03:37:54 -------- d--h--w- C:\ProgramData\Common Files

2013-08-08 03:34:33 -------- d-----w- C:\ProgramData\Baidu Security

2013-08-08 03:34:10 -------- d-----w- C:\Users\fabricio\AppData\Roaming\Baidu

2013-08-08 03:34:10 -------- d-----w- C:\ProgramData\Baidu

2013-08-08 03:28:27 -------- d-----w- C:\Users\fabricio\AppData\Roaming\Web Cake

2013-08-08 03:28:18 -------- d-----w- C:\ProgramData\eSafe

2013-08-08 03:28:16 -------- d-----w- C:\Users\fabricio\AppData\Roaming\Baidu Security

2013-08-08 03:28:06 -------- d-----w- C:\Users\fabricio\AppData\Roaming\eIntaller

2013-08-08 03:27:38 -------- d-----w- C:\Program Files (x86)\Optimizer Pro

2013-08-08 03:10:05 -------- d-----w- C:\Users\fabricio\AppData\Local\Google

2013-08-08 03:09:51 -------- d-----w- C:\Users\fabricio\AppData\Local\Apps

2013-08-08 03:09:50 -------- d-----w- C:\Users\fabricio\AppData\Local\Deployment

2013-08-08 02:33:53 -------- d-----w- C:\Windows\SysWow64\Wat

2013-08-08 02:33:52 -------- d-----w- C:\Windows\System32\Wat

2013-08-08 00:17:03 -------- d-----w- C:\Users\fabricio\AppData\Local\Diagnostics

2013-08-07 02:26:42 -------- d-----w- C:\Users\fabricio\AppData\Local\ElevatedDiagnostics

2013-08-06 22:35:13 -------- d-----w- C:\Windows\PCHEALTH

2013-08-06 22:30:57 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8

2013-08-06 22:29:10 -------- d-----w- C:\Users\fabricio\AppData\Local\Microsoft Help

2013-08-06 00:32:10 -------- d-----w- C:\Program Files (x86)\LG Electronics

.

==================== Find3M ====================

.

2013-09-01 15:19:12 31088 ----a-w- C:\Windows\SysWow64\drivers\gbpndisrd.sys

2013-08-08 03:43:38 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-08-08 03:43:38 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-08-08 02:34:21 419840 ----a-w- C:\Windows\System32\systemcpl.dll

2013-08-08 02:34:21 14848 ----a-w- C:\Windows\System32\slwga.dll

2013-08-08 02:34:21 13824 ----a-w- C:\Windows\SysWow64\slwga.dll

2013-08-08 02:34:19 833024 ----a-w- C:\Windows\SysWow64\user32.dll

2013-08-08 02:34:19 1008640 ----a-w- C:\Windows\System32\user32.dll

2013-08-01 23:59:13 720082 ----a-w- C:\Users\fabricio\AppData\Roaming\unins000.exe

.

============= FINISH: 23:23:23,61 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 24/05/2013 16:47:47

System Uptime: 01/09/2013 18:27:18 (5 hours ago)

.

Motherboard: Acer | | Grapevine

Processor: Intel® Core2 CPU T5500 @ 1.66GHz | U1 | 983/166mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 149 GiB total, 122,036 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: Camera

Device ID: USB\VID_046D&PID_0896\5&17BF0195&0&4

Manufacturer:

Name: Camera

PNP Device ID: USB\VID_046D&PID_0896\5&17BF0195&0&4

Service:

.

Class GUID:

Description: Memória PCI FLASH

Device ID: PCI\VEN_1524&DEV_0520&SUBSYS_00901025&REV_01\4&10D9C0DD&0&23F0

Manufacturer:

Name: Memória PCI FLASH

PNP Device ID: PCI\VEN_1524&DEV_0520&SUBSYS_00901025&REV_01\4&10D9C0DD&0&23F0

Service:

.

Class GUID:

Description: Memória PCI FLASH

Device ID: PCI\VEN_1524&DEV_0530&SUBSYS_00901025&REV_01\4&10D9C0DD&0&21F0

Manufacturer:

Name: Memória PCI FLASH

PNP Device ID: PCI\VEN_1524&DEV_0530&SUBSYS_00901025&REV_01\4&10D9C0DD&0&21F0

Service:

.

Class GUID:

Description: Memória PCI FLASH

Device ID: PCI\VEN_1524&DEV_0551&SUBSYS_00901025&REV_01\4&10D9C0DD&0&24F0

Manufacturer:

Name: Memória PCI FLASH

PNP Device ID: PCI\VEN_1524&DEV_0551&SUBSYS_00901025&REV_01\4&10D9C0DD&0&24F0

Service:

.

==== System Restore Points ===================

.

RP1: 24/05/2013 17:12:38 - Windows Update

RP2: 24/05/2013 17:21:46 - Installed Project64 1.6

RP3: 24/05/2013 17:45:39 - DirectX instalado

RP4: 22/06/2013 13:43:51 - Ponto de Verificação Agendado

RP5: 12/07/2013 22:24:45 - Ponto de Verificação Agendado

RP6: 31/07/2013 16:20:49 - Ponto de Verificação Agendado

RP7: 05/08/2013 20:31:31 - Installed LG United Mobile Drivers.

RP8: 06/08/2013 18:28:12 - Installed Microsoft Office Enterprise 2007

RP9: 07/08/2013 22:32:54 - Windows Update

RP10: 11/08/2013 15:02:34 - Removido TuneUp Utilities 2013

RP11: 11/08/2013 15:03:13 - Removido TuneUp Utilities Language Pack (pt-BR)

RP12: 20/08/2013 12:02:32 - Ponto de Verificação Agendado

RP13: 23/08/2013 07:59:12 - Configuração do(a) avast! Free Antivirus

RP14: 26/08/2013 23:50:40 - Instalado Suplemento Microsoft Salvar como PDF ou XPS para programas do Microsoft Office 2007

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI - Português

avast! Free Antivirus

CCleaner

LG United Mobile Drivers

Módulo de Segurança - Banco do Brasil

Malwarebytes Anti-Malware versão 1.75.0.1300

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Mozilla Firefox 23.0.1 (x86 pt-BR)

Mozilla Maintenance Service

PCSX2 - Playstation 2 Emulator

Portaldosties

Project64 1.6

Suplemento Microsoft Salvar como PDF ou XPS para programas do Microsoft Office 2007

Unity Web Player

Web Cake 3.00

WinRAR 4.20 (32-bit)

.

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá

Desculpe a demora :)

Se ainda precisa de ajuda refaça os logs, pois preciso dos mesmos com datas atualizadas: Leia Antes de Postar - Criando um novo Tópico

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

ATENÇÃO 4: Não anexe os logs, obrigado!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7600.16385

Run by fabricio at 19:24:51 on 2013-09-08

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2038.928 [GMT -4:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uSearch Bar = hxxp://www.google.com

uSearch Page = hxxp://www.google.com

uDefault_Page_URL = hxxp://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD1600BEVS-22RST0_WD-WXEZ0612454724547&ts=1375932493

mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

mDefault_Page_URL = hxxp://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD1600BEVS-22RST0_WD-WXEZ0612454724547&ts=1375932493

uSearchAssistant = hxxp://www.google.com

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll

TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xportar para o Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{36EACAB9-C41F-48B4-A77A-5604C8702687} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{36EACAB9-C41F-48B4-A77A-5604C8702687}\6416475636F50373 : DHCPNameServer = 10.1.9.1

TCP: Interfaces\{DC5DE62B-7261-4597-8409-0CC5FA10E161} : DHCPNameServer = 192.168.42.129

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll

Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll

SSODL: WebCheck - <orphaned>

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

x64-mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

x64-mDefault_Page_URL = hxxp://www.portaldosites.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD1600BEVS-22RST0_WD-WXEZ0612454724547&ts=1375932493

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\fabricio\AppData\Roaming\Mozilla\Firefox\Profiles\qjylmdxy.default\

FF - prefs.js: browser.startup.homepage - about:home

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Users\fabricio\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll

FF - plugin: C:\Users\fabricio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

FF - ExtSQL: 2013-08-07 23:41; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; C:\Users\fabricio\AppData\Roaming\Mozilla\Firefox\Profiles\qjylmdxy.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

FF - ExtSQL: 2013-08-12 00:14; plugin@getwebcake.com; C:\Users\fabricio\AppData\Roaming\Mozilla\Firefox\Profiles\qjylmdxy.default\extensions\plugin@getwebcake.com.xpi

FF - ExtSQL: 2013-08-23 08:01; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF

FF - ExtSQL: 2013-08-31 19:28; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\fabricio\AppData\Roaming\Mozilla\Firefox\Profiles\qjylmdxy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

.

---- FIREFOX POLICIES ----

.

FF - user.js: extentions.webcake.installId - 29b62cef-55eb-4294-a3d2-8714f4e79441

FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-8-23 65336]

R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-8-23 189936]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-8-23 1030952]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-8-23 378944]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-8-23 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-8-23 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-8-23 46808]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-8-1 409640]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-8-21 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-8-21 701512]

R3 bcm44amd64;Driver de XP do Broadcom 440x 10/100 Integrated Controller;C:\Windows\System32\drivers\b44amd64.sys [2009-6-10 87552]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-8-21 25928]

R3 netw5v64;Driver de adaptador Intel® Wireless WiFi Link 5000 Series para Windows Vista 64 Bits;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

R3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\Windows\System32\drivers\lgandnetdiag64.sys [2011-9-6 29184]

S3 ANDNetModem;LGE AndroidNet USB Modem;C:\Windows\System32\drivers\lgandnetmodem64.sys [2011-9-6 35840]

S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;C:\Windows\System32\drivers\lgandnetndis64.sys [2011-9-16 93184]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-8-7 1255736]

.

=============== Created Last 30 ================

.

2013-08-31 21:09:17 -------- d-----w- C:\Program Files\CCleaner

2013-08-27 03:50:24 -------- d-----w- C:\Program Files (x86)\MSECache

2013-08-23 12:04:25 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-08-23 12:04:21 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-08-23 12:04:20 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-08-23 12:04:18 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-08-23 12:04:07 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-08-23 12:00:49 41664 ----a-w- C:\Windows\avastSS.scr

2013-08-23 11:59:44 -------- d-----w- C:\Program Files\AVAST Software

2013-08-23 04:02:32 -------- d-----w- C:\ProgramData\AVAST Software

2013-08-23 03:15:47 -------- d-----w- C:\Users\fabricio\AppData\Local\BeamriseUninstall

2013-08-22 02:47:15 -------- d-----w- C:\Users\fabricio\AppData\Roaming\Malwarebytes

2013-08-22 02:47:06 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2013-08-22 02:47:05 -------- d-----w- C:\ProgramData\Malwarebytes

2013-08-22 02:47:02 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-08-22 02:47:02 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-08-21 03:08:29 -------- d-----w- C:\Users\fabricio\AppData\Roaming\Unity

2013-08-21 02:58:32 -------- d-----w- C:\Users\fabricio\AppData\Local\Unity

2013-08-14 01:59:22 -------- d-----w- C:\ProgramData\boost_interprocess

2013-08-11 19:00:52 -------- d-----w- C:\Users\fabricio\AppData\Roaming\Movdap

2013-08-11 19:00:52 -------- d-----w- C:\Program Files (x86)\Movdap

.

==================== Find3M ====================

.

2013-09-08 23:08:27 31088 ----a-w- C:\Windows\SysWow64\drivers\gbpndisrd.sys

2013-08-08 03:43:38 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-08-08 03:43:38 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-08-08 02:34:21 419840 ----a-w- C:\Windows\System32\systemcpl.dll

2013-08-08 02:34:21 14848 ----a-w- C:\Windows\System32\slwga.dll

2013-08-08 02:34:21 13824 ----a-w- C:\Windows\SysWow64\slwga.dll

2013-08-08 02:34:19 833024 ----a-w- C:\Windows\SysWow64\user32.dll

2013-08-08 02:34:19 1008640 ----a-w- C:\Windows\System32\user32.dll

2013-08-01 23:59:13 720082 ----a-w- C:\Users\fabricio\AppData\Roaming\unins000.exe

.

============= FINISH: 19:25:43,03 ===============

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro FFM

Faça o download do MBRscan e salve em seu Desktop

  • Clique duas vezes no MbrScan.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Na janela que abrir clique no botão Scan e aguarde
  • Quando o scan finalizar clique no botão Report... será aberto um relatório
  • Copie todo o conteúdo e cole em sua próxima resposta

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
MBRScan v1.1.1

OS : Windows 7 (64 bit)
PROCESSOR : Intel64 Family 6 Model 15 Stepping 6, GenuineIntel
BOOT : Normal Boot
DATE : 2013/09/09 (ISO 8601) at 16:05:37
________________________________________________________________________________

DISK : Device\Harddisk0\DR0 __WDC WD1600BEVS-22RST0 (04.01G04)
BUS_TYPE : (0x03) P-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0 149.1 Go [Fixed] ==> 7 MBR Code

MBR_MD5 : CC578CED971B45A6F409EC320CBEDCCA
MBR_SHA1 : 88E2ED22E5C683EC9C797A7251C4C92503A8F474

Device\Harddisk0\Partition1 100.0 Mo 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2 149.0 Go 0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x02FEE000
SIZE : 292.0 Ko

DRIVER : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00B9D000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00C80000
SIZE : 272.0 Ko

DRIVER : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00CD8000
SIZE : 376.0 Ko

DRIVER : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00D36000
SIZE : 768.0 Ko

DRIVER : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00E70000
SIZE : 656.0 Ko

DRIVER : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00F14000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ACPI.sys => Invisible on the disk
ADDRESS : 0x00F23000
SIZE : 348.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00F7A000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00F83000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\pci.sys => Invisible on the disk
ADDRESS : 0x00F8D000
SIZE : 204.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00FC0000
SIZE : 52.0 Ko

DRIVER : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00FCD000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\compbatt.sys => Invisible on the disk
ADDRESS : 0x00FE2000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\BATTC.SYS => Invisible on the disk
ADDRESS : 0x00FEB000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\volmgr.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE : 84.0 Ko

DRIVER : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x00C00000
SIZE : 368.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\intelide.sys => Invisible on the disk
ADDRESS : 0x00E15000
SIZE : 32.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\PCIIDEX.SYS => Invisible on the disk
ADDRESS : 0x00E1D000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\pcmcia.sys => Invisible on the disk
ADDRESS : 0x00E2D000
SIZE : 228.0 Ko

DRIVER : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x00C5C000
SIZE : 104.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\atapi.sys => Invisible on the disk
ADDRESS : 0x00E66000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ataport.SYS => Invisible on the disk
ADDRESS : 0x0101A000
SIZE : 168.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\amdxata.sys => Invisible on the disk
ADDRESS : 0x01044000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x0104F000
SIZE : 304.0 Ko

DRIVER : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x0109B000
SIZE : 80.0 Ko

DRIVER : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x0125D000
SIZE : 1.64 Mo

DRIVER : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x010AF000
SIZE : 376.0 Ko

DRIVER : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x01200000
SIZE : 104.0 Ko

DRIVER : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x0110D000
SIZE : 460.0 Ko

DRIVER : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x0121A000
SIZE : 68.0 Ko

DRIVER : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x0122B000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x014AD000
SIZE : 968.0 Ko

DRIVER : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x0159F000
SIZE : 384.0 Ko

DRIVER : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01400000
SIZE : 172.0 Ko

DRIVER : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01601000
SIZE : 1.99 Mo

DRIVER : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x0142B000
SIZE : 296.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\vmstorfl.sys => Invisible on the disk
ADDRESS : 0x01475000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\volsnap.sys => Invisible on the disk
ADDRESS : 0x01180000
SIZE : 304.0 Ko

DRIVER : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x01485000
SIZE : 32.0 Ko

DRIVER : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x018B3000
SIZE : 232.0 Ko

DRIVER : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x018ED000
SIZE : 72.0 Ko

DRIVER : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x018FF000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x01908000
SIZE : 232.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\disk.sys => Invisible on the disk
ADDRESS : 0x01942000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01958000
SIZE : 192.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswVmm.sys => Invisible on the disk
ADDRESS : 0x01988000
SIZE : 192.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswRvrt.sys => Invisible on the disk
ADDRESS : 0x019B8000
SIZE : 76.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x01813000
SIZE : 168.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswSnx.SYS => Invisible on the disk
ADDRESS : 0x03A80000
SIZE : 1024.0 Ko

DRIVER : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x03B80000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x03B89000
SIZE : 28.0 Ko

DRIVER : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x03B90000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x03B9E000
SIZE : 148.0 Ko

DRIVER : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x03BC3000
SIZE : 64.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x03BD3000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x03BDC000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x03BE5000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x03BEE000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x03A00000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x03A11000
SIZE : 120.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x03A2F000
SIZE : 52.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswTdi.SYS => Invisible on the disk
ADDRESS : 0x03A3C000
SIZE : 72.0 Ko

DRIVER : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x03C9E000
SIZE : 552.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswrdr2.sys => Invisible on the disk
ADDRESS : 0x03D28000
SIZE : 80.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x03D3C000
SIZE : 276.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x03D81000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x03D8A000
SIZE : 152.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x03DB0000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x03DBF000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\termdd.sys => Invisible on the disk
ADDRESS : 0x03DDA000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x03C00000
SIZE : 324.0 Ko

DRIVER : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x03C51000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mssmbios.sys => Invisible on the disk
ADDRESS : 0x03C5D000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x03C68000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\drivers\csc.sys => Invisible on the disk
ADDRESS : 0x02CE8000
SIZE : 524.0 Ko

DRIVER : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x02D6B000
SIZE : 120.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x02D89000
SIZE : 68.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswSP.SYS => Invisible on the disk
ADDRESS : 0x02D9A000
SIZE : 392.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x02C00000
SIZE : 152.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk
ADDRESS : 0x02C26000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x02C3C000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
ADDRESS : 0x03E18000
SIZE : 5.83 Mo

DRIVER : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x04858000
SIZE : 976.0 Ko

DRIVER : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x0494C000
SIZE : 280.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x04992000
SIZE : 144.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\netw5v64.sys => Invisible on the disk
ADDRESS : 0x04A2D000
SIZE : 5.23 Mo

DRIVER : C:\Windows\system32\DRIVERS\usbuhci.sys => Invisible on the disk
ADDRESS : 0x04F68000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x04F75000
SIZE : 344.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the disk
ADDRESS : 0x04FCB000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\b44amd64.sys => Invisible on the disk
ADDRESS : 0x04FDC000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\sdbus.sys => Invisible on the disk
ADDRESS : 0x04A00000
SIZE : 128.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\CmBatt.sys => Invisible on the disk
ADDRESS : 0x04A20000
SIZE : 20.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\i8042prt.sys => Invisible on the disk
ADDRESS : 0x049B6000
SIZE : 120.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
ADDRESS : 0x049D4000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x049E3000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x04800000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x04810000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x04826000
SIZE : 144.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x0484A000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x02C45000
SIZE : 188.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x02C74000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x02C8F000
SIZE : 132.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x02CB0000
SIZE : 104.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rdpbus.sys => Invisible on the disk
ADDRESS : 0x049F2000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\swenum.sys => Invisible on the disk
ADDRESS : 0x04A25000
SIZE : 8.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ks.sys => Invisible on the disk
ADDRESS : 0x0183D000
SIZE : 268.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the disk
ADDRESS : 0x043EC000
SIZE : 72.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x050A1000
SIZE : 360.0 Ko

DRIVER : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x050FB000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\drivers\HdAudio.sys => Invisible on the disk
ADDRESS : 0x05110000
SIZE : 368.0 Ko

DRIVER : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x0516C000
SIZE : 244.0 Ko

DRIVER : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x051A9000
SIZE : 136.0 Ko

DRIVER : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x051CB000
SIZE : 24.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\VSTAZL6.SYS => Invisible on the disk
ADDRESS : 0x05000000
SIZE : 328.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\VSTDPV6.SYS => Invisible on the disk
ADDRESS : 0x0528A000
SIZE : 1.45 Mo

DRIVER : C:\Windows\system32\DRIVERS\VSTCNXT6.SYS => Invisible on the disk
ADDRESS : 0x05612000
SIZE : 812.0 Ko

DRIVER : C:\Windows\system32\drivers\modem.sys => Invisible on the disk
ADDRESS : 0x056DD000
SIZE : 60.0 Ko

DRIVER : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x000D0000
SIZE : 3.06 Mo

DRIVER : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x056EC000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x056F8000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x05706000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the disk
ADDRESS : 0x05714000
SIZE : 48.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0x05720000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x05729000
SIZE : 76.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk
ADDRESS : 0x0573C000
SIZE : 56.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x0574A000
SIZE : 100.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x05763000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x0576C000
SIZE : 8.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
ADDRESS : 0x0576E000
SIZE : 52.0 Ko

DRIVER : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x004B0000
SIZE : 40.0 Ko

DRIVER : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00630000
SIZE : 156.0 Ko

DRIVER : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x0577B000
SIZE : 140.0 Ko

DRIVER : C:\Windows\system32\drivers\aswMonFlt.sys => Invisible on the disk
ADDRESS : 0x0579E000
SIZE : 160.0 Ko

DRIVER : C:\Windows\system32\drivers\mbam.sys => Invisible on the disk
ADDRESS : 0x057C6000
SIZE : 40.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswFsBlk.SYS => Invisible on the disk
ADDRESS : 0x057D0000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x057DB000
SIZE : 132.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x05200000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x05215000
SIZE : 332.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x05268000
SIZE : 76.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x05052000
SIZE : 96.0 Ko

DRIVER : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x02AC6000
SIZE : 800.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x02B8E000
SIZE : 120.0 Ko

DRIVER : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x02BAC000
SIZE : 96.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x02BC4000
SIZE : 176.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x02A00000
SIZE : 308.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x02A4D000
SIZE : 140.0 Ko

DRIVER : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x046FE000
SIZE : 664.0 Ko

DRIVER : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x047A4000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x047AF000
SIZE : 180.0 Ko

DRIVER : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x047DC000
SIZE : 72.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x04600000
SIZE : 420.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x05ABB000
SIZE : 608.0 Ko

DRIVER : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x48490000
SIZE : 128.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions : NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR \Device\Harddisk0\DR0

0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿.
0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹..
0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10 ½¾..~..|......Å.
0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF..
0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu.
0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t
0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h.
0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ.
0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..ë.¸..».|.V.
0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE .v..N..n.Í.faz.þ
0x000000A0 4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84 N.u..~......².ë.
0x000000B0 55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55 U2ä.V.Í.]ë..>þ}U
0x000000C0 AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64 ªun.v.è..u.ú°Ñæd
0x000000D0 E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75 è..°ßæ`è|.°.ædèu
0x000000E0 00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54 .û¸.»Í.f#Àu;f.ûT
0x000000F0 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00 CPAu2.ù..r,fh.».
0x00000100 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66 .fh....fh....fSf
0x00000110 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66 SfUfh....fh.|..f
0x00000120 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD ah...Í.Z2öê.|..Í
0x00000130 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4 ..·.ë..¶.ë..µ.2ä
0x00000140 05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD ....ð¬<.t.»..´.Í
0x00000150 10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8 .ëòôëý+Éädë.$.àø
0x00000160 24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 $.ÃInvalid parti
0x00000170 74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 tion table.Error
0x00000180 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 loading operati
0x00000190 6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E ng system.Missin
0x000001A0 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x000001B0 65 6D 00 00 00 63 7B 9A 66 2A 66 2A 00 00 80 20 em...c{.f*f*...
0x000001C0 21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF !..ß....... ...ß
0x000001D0 14 0C 07 FE FF FF 00 28 03 00 00 68 9E 12 00 00 ...þ...(...h....
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª

Compartilhar este post


Link para o post
Compartilhar em outros sites

Abrem abas inconvenientes no Firefox.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×