Author Topic: Unknown MBR Code - funny behaviour at times (Read 15036 times)

REDACTED · « **on:** August 24, 2014, 06:57:32 PM »

Hello Forum,

I have been scared that I have a hidden rootkit or some sort of nasty malware on my Lenovo G500s, and this has been driving me nuts. I came across multiple threads here where users such as EssexBoy addressed concerns about unknown MBR. So I thought I'll post a query.

My internet was really slow and when I tried shutting the browser from Task Manager, I got the message "Access Denied". This occurred with Firefox, Chrome and IE. I thereafter did a System Restore and the problem seemed to have stopped. Got a similar message yesterday when I tried ending a PrevX 3.0 process (I usually use Sophos, but installed PrevX to check). Worrying that I might have a rootkit, I ran GMER and aswMBR. They both detected an unknown MBR code, but nothing else. TDSS Killer also did not detect anything. I'd really appreciate it if somebody would have a look at my log files and tell me if there is indeed cause to worry. P.S.: I have Windows 8.1 and I suspect there is a recovery partition cause I didn't get any OS CD with my Lenovo.

EDIT: Shit sorry I didn't read before posting the llogs. I'll attach them in a reply. Thanks.

Eddy · « **Reply #1 on:** August 24, 2014, 07:06:25 PM »

Do NOT copy/paste logs but ATTACH them:
https://forum.avast.com/index.php?topic=53253.0

REDACTED · « **Reply #2 on:** August 24, 2014, 07:22:57 PM »

Ok, I have attached the logs for the following:

aswMBR and GMER
MalwareBytes MBAM and Anti-Rootkit
FRST and Additional

REDACTED · « **Reply #3 on:** August 24, 2014, 07:24:29 PM »

And here the FRST and Addition logs

REDACTED · « **Reply #4 on:** August 24, 2014, 07:59:09 PM »

Hi

aswMBR should have produced a file called mbr.dat on your desktop. Is it there?

You may also do this scan:

Scan with MBRScan

Please download MbrScan by Eric_71 and save it to your desktop.

Right-click on icon and select Run as Administrator to start the tool.
First click Scan at the upper bar.
When the table will get filled with data, click Report.
A log (MbrScan.txt) will open in notepad.

Please include the contents of that file in your reply. Due to special formatting, post it directly and not attach!
There will be also a file named Dump_Hdd*_DR*.mbr on your desktop. Do not click on it or delete it!

REDACTED · « **Reply #5 on:** August 25, 2014, 02:24:24 PM »

Hey here is the MBRScan log. I have split it into two.

Code: [Select]

MBRScan v1.1.1

OS             : Windows 8  (64 bit)
PROCESSOR      : Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
BOOT           : Normal Boot
DATE           : 2014/08/25 (ISO 8601) at 14:14:18
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST1000LM014-SSHD-8GB (LVD3)
BUS_TYPE       : (0x0B)  S-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk1\DR3 __Intenso Micro Line (1.00)
BUS_TYPE       : (0x07)  USB
USE_PIO        : NO
MAX_TRANSFER   : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0	931.5 Go  [Fixed] ==> Unknown MBR Code...

MBR_MD5   : AD6DA9C1A0B34D34A087C421489D6DA9
MBR_SHA1  : A151E89C89438D069AA8DE8C4DF0EF384B3E43C9

Device\Harddisk0\Partition1	2.00 To  	0xEE EFI GPT[1] 
________________________________________________________________________________

Device\Harddisk1\DR3	29.82 Go  [Removable] ==> 7 MBR Code

MBR_MD5   : E23337AE26A708EC60AA854E1AC25442
MBR_SHA1  : DB83298D379747D7D24BDBDB2945942D381D8892

Device\Harddisk1\Partition1	29.82 Go  	0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\WINDOWS\system32\ntoskrnl.exe => Invisible on the disk
ADDRESS : 0xDEE0C000
SIZE    : 7.54 Mo

DRIVER  : C:\WINDOWS\system32\hal.dll => Invisible on the disk
ADDRESS : 0xDF595000
SIZE    : 448.0 Ko

DRIVER  : C:\WINDOWS\system32\kd.dll => Invisible on the disk
ADDRESS : 0xDE12E000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0xC56D1000
SIZE    : 408.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\werkernel.sys => Invisible on the disk
ADDRESS : 0xC5737000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CLFS.SYS => Invisible on the disk
ADDRESS : 0xC5745000
SIZE    : 388.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\tm.sys => Invisible on the disk
ADDRESS : 0xC57A6000
SIZE    : 136.0 Ko

DRIVER  : C:\WINDOWS\system32\CI.dll => Invisible on the disk
ADDRESS : 0xC5600000
SIZE    : 544.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0xC589C000
SIZE    : 372.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0xC58F9000
SIZE    : 828.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0xC59C8000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\acpiex.sys => Invisible on the disk
ADDRESS : 0xC59D9000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\WppRecorder.sys => Invisible on the disk
ADDRESS : 0xC59F1000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0xC5800000
SIZE    : 552.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0xC588A000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0xC5A3F000
SIZE    : 560.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0xC5ACB000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0xC5AD5000
SIZE    : 288.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0xC5B1D000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\pdc.sys => Invisible on the disk
ADDRESS : 0xC5B2A000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0xC5B46000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\spaceport.sys => Invisible on the disk
ADDRESS : 0xC5B5E000
SIZE    : 388.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0xC5BBF000
SIZE    : 84.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0xC5CDE000
SIZE    : 380.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0xC5D3D000
SIZE    : 108.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\iaStorA.sys => Invisible on the disk
ADDRESS : 0xC5EAB000
SIZE    : 2.80 Mo

DRIVER  : C:\WINDOWS\System32\drivers\storport.sys => Invisible on the disk
ADDRESS : 0xC6178000
SIZE    : 380.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0xC5E00000
SIZE    : 368.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0xC5E5C000
SIZE    : 88.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Wof.sys => Invisible on the disk
ADDRESS : 0xC5E72000
SIZE    : 172.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0xC6215000
SIZE    : 1.96 Mo

DRIVER  : C:\WINDOWS\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0xC640B000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0xC6427000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0xC6437000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0xC6442000
SIZE    : 1.09 Mo

DRIVER  : C:\WINDOWS\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0xC655A000
SIZE    : 484.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0xC5D58000
SIZE    : 196.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0xC66C9000
SIZE    : 2.45 Mo

DRIVER  : C:\WINDOWS\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0xC693D000
SIZE    : 432.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\wfplwfs.sys => Invisible on the disk
ADDRESS : 0xC69A9000
SIZE    : 148.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0xC6600000
SIZE    : 596.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0xC5D89000
SIZE    : 320.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0xC5C00000
SIZE    : 280.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\nvpciflt.sys => Invisible on the disk
ADDRESS : 0xC6695000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0xC66A0000
SIZE    : 92.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\LhdX64.sys => Invisible on the disk
ADDRESS : 0xC66B7000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\intelpep.sys => Invisible on the disk
ADDRESS : 0xC69CE000
SIZE    : 60.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0xC65D3000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0xC5C46000
SIZE    : 340.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0xC69E9000
SIZE    : 84.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\dtsoftbus01.sys => Invisible on the disk
ADDRESS : 0xC6F18000
SIZE    : 288.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\cdrom.sys => Invisible on the disk
ADDRESS : 0xC6F60000
SIZE    : 184.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\savonaccess.sys => Invisible on the disk
ADDRESS : 0xC6F8E000
SIZE    : 208.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0xC6FC2000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0xC6FCB000
SIZE    : 32.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BasicRender.sys => Invisible on the disk
ADDRESS : 0xC6FD3000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0xC701B000
SIZE    : 1.50 Mo

DRIVER  : C:\WINDOWS\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0xC719C000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0xC720F000
SIZE    : 388.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BasicDisplay.sys => Invisible on the disk
ADDRESS : 0xC7270000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0xC7282000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0xC7296000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0xC72A2000
SIZE    : 128.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0xC72C2000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0xC72D0000
SIZE    : 304.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0xC731C000
SIZE    : 584.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0xC73AE000
SIZE    : 168.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0xC73D8000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0xC71AE000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0xC74C0000
SIZE    : 448.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\swi_callout.sys => Invisible on the disk
ADDRESS : 0xC7696000
SIZE    : 2.57 Mo

DRIVER  : C:\WINDOWS\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0xC793D000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\npsvctrig.sys => Invisible on the disk
ADDRESS : 0xC794B000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0xC7957000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0xC7963000
SIZE    : 152.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\ahcache.sys => Invisible on the disk
ADDRESS : 0xC7999000
SIZE    : 92.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0xC79B0000
SIZE    : 60.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\kdnic.sys => Invisible on the disk
ADDRESS : 0xC79BF000
SIZE    : 44.0 Ko

REDACTED · « **Reply #6 on:** August 25, 2014, 02:25:23 PM »

Code: [Select]

Here's the second part.

DRIVER  : C:\WINDOWS\System32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0xC79CA000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys => Invisible on the disk
ADDRESS : 0xC7A31000
SIZE    : 12.39 Mo

DRIVER  : C:\WINDOWS\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
ADDRESS : 0xC88EC000
SIZE    : 5.11 Mo

DRIVER  : C:\WINDOWS\System32\drivers\USBXHCI.SYS => Invisible on the disk
ADDRESS : 0xC8E09000
SIZE    : 340.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\ucx01000.sys => Invisible on the disk
ADDRESS : 0xC8E5E000
SIZE    : 200.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\HECIx64.sys => Invisible on the disk
ADDRESS : 0xC8E90000
SIZE    : 76.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0xC8EA3000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0xC8EBB000
SIZE    : 444.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0xC8F2A000
SIZE    : 100.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\L1C63x64.sys => Invisible on the disk
ADDRESS : 0xC8F43000
SIZE    : 136.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\athw8x.sys => Invisible on the disk
ADDRESS : 0xC9086000
SIZE    : 3.54 Mo

DRIVER  : C:\WINDOWS\System32\drivers\vwifibus.sys => Invisible on the disk
ADDRESS : 0xC940F000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\i8042prt.sys => Invisible on the disk
ADDRESS : 0xC941C000
SIZE    : 124.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0xC943B000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\ETD.sys => Invisible on the disk
ADDRESS : 0xC944B000
SIZE    : 356.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mouclass.sys => Invisible on the disk
ADDRESS : 0xC94A4000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\AcpiVpc.sys => Invisible on the disk
ADDRESS : 0xC94B4000
SIZE    : 88.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CmBatt.sys => Invisible on the disk
ADDRESS : 0xC94CA000
SIZE    : 28.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0xC94D1000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\intelppm.sys => Invisible on the disk
ADDRESS : 0xC94DD000
SIZE    : 120.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\nvvad64v.sys => Invisible on the disk
ADDRESS : 0xC94FB000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0xC9508000
SIZE    : 284.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0xC954F000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0xC956B000
SIZE    : 316.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0xC95BA000
SIZE    : 24.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\NdisVirtualBus.sys => Invisible on the disk
ADDRESS : 0xC95C0000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0xC903D000
SIZE    : 8.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\iwdbus.sys => Invisible on the disk
ADDRESS : 0xC903F000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\rdpbus.sys => Invisible on the disk
ADDRESS : 0xC904B000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\usbhub.sys => Invisible on the disk
ADDRESS : 0xC8F65000
SIZE    : 424.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBD.SYS => Invisible on the disk
ADDRESS : 0xC9056000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\UsbHub3.sys => Invisible on the disk
ADDRESS : 0xC8800000
SIZE    : 480.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\CHDRT64.sys => Invisible on the disk
ADDRESS : 0xC966C000
SIZE    : 1.66 Mo

DRIVER  : C:\WINDOWS\system32\DRIVERS\IntcDAud.sys => Invisible on the disk
ADDRESS : 0xC9815000
SIZE    : 352.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\btfilter.sys => Invisible on the disk
ADDRESS : 0xC986D000
SIZE    : 668.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\BTHUSB.sys => Invisible on the disk
ADDRESS : 0xC9914000
SIZE    : 100.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\bthport.sys => Invisible on the disk
ADDRESS : 0xC8695000
SIZE    : 1.17 Mo

DRIVER  : C:\WINDOWS\System32\drivers\usbccgp.sys => Invisible on the disk
ADDRESS : 0xC992D000
SIZE    : 168.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\rtsuvc.sys => Invisible on the disk
ADDRESS : 0xC9ACF000
SIZE    : 7.86 Mo

DRIVER  : C:\WINDOWS\System32\drivers\BthLEEnum.sys => Invisible on the disk
ADDRESS : 0xCA2AA000
SIZE    : 244.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\rfcomm.sys => Invisible on the disk
ADDRESS : 0xCA2E7000
SIZE    : 184.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BthEnum.sys => Invisible on the disk
ADDRESS : 0xCA315000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\bthpan.sys => Invisible on the disk
ADDRESS : 0xCA327000
SIZE    : 132.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0xCA348000
SIZE    : 228.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dump_diskdump.sys => Invisible on the disk
ADDRESS : 0xCA381000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dump_iaStorA.sys => Invisible on the disk
ADDRESS : 0xC6C00000
SIZE    : 2.80 Mo

DRIVER  : C:\WINDOWS\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0xCA38D000
SIZE    : 88.0 Ko

DRIVER  : C:\WINDOWS\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x0000F000
SIZE    : 4.06 Mo

DRIVER  : C:\WINDOWS\System32\drivers\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0xCA3A3000
SIZE    : 32.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\monitor.sys => Invisible on the disk
ADDRESS : 0xCA3AB000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00607000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x008D4000
SIZE    : 236.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0xCA3B9000
SIZE    : 144.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0xCA3E7000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0xC9A00000
SIZE    : 460.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0xC9A73000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0xC9A87000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0xCA49A000
SIZE    : 1000.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0xCA594000
SIZE    : 128.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0xCA5B4000
SIZE    : 92.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0xCA400000
SIZE    : 432.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0xC9957000
SIZE    : 228.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\vwifimp.sys => Invisible on the disk
ADDRESS : 0xCA46C000
SIZE    : 60.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0xC9990000
SIZE    : 300.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\Ndu.sys => Invisible on the disk
ADDRESS : 0xCA47B000
SIZE    : 116.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0xC7530000
SIZE    : 676.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0xCA5CB000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0xC9600000
SIZE    : 268.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0xCA5D6000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0xC7400000
SIZE    : 692.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0xCB297000
SIZE    : 608.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\condrv.sys => Invisible on the disk
ADDRESS : 0xCB339000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0xCB349000
SIZE    : 128.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\WUDFRd.sys => Invisible on the disk
ADDRESS : 0xCB369000
SIZE    : 244.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mshidumdf.sys => Invisible on the disk
ADDRESS : 0xCB3A6000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0xCB3AF000
SIZE    : 124.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys => Invisible on the disk
ADDRESS : 0xCB263000
SIZE    : 132.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBSTOR.SYS => Invisible on the disk
ADDRESS : 0xCB225000
SIZE    : 152.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\WpdUpFltr.sys => Invisible on the disk
ADDRESS : 0xCB3E8000
SIZE    : 44.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN  NOVGA

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 D3 26 EB A7 00 00 00 00   ........Ó&ë§....
0x000001C0   02 00 EE FF FF FF 01 00 00 00 FF FF FF FF 00 00   ..î.............
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk1\DR3  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A 00 00 00 00 00 00 80 00   em...c{.........
0x000001C0   21 00 07 FE FF FF 20 00 00 00 E0 37 BA 03 00 00   !..þ.. ...à7º...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

REDACTED · « **Reply #7 on:** August 25, 2014, 03:14:25 PM »

And this is mine, from my 8.1 x64 machine

Code: [Select]

MBRScan v1.1.1

OS             : Windows 8  (64 bit)
PROCESSOR      : Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
BOOT           : Normal Boot
DATE           : 2014/08/25 (ISO 8601) at 15:13:10
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __WDC WD10JPCX-24UE4T0 (01.01A01)
BUS_TYPE       : (0x0B)  S-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	931.5 Go  [Fixed] ==> Unknown MBR Code...

MBR_MD5   : F1FCCBC439A28CE32812D3B753B96A55
MBR_SHA1  : 665EA56960493EE3613D2F7F6CA411E30FDB1DCA

Device\Harddisk0\Partition1	2.00 To  	0xEE EFI GPT[1] 
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\WINDOWS\system32\ntoskrnl.exe => Invisible on the disk
ADDRESS : 0x2F475000
SIZE    : 7.54 Mo

DRIVER  : C:\WINDOWS\system32\hal.dll => Invisible on the disk
ADDRESS : 0x2F405000
SIZE    : 448.0 Ko

DRIVER  : C:\WINDOWS\system32\kd.dll => Invisible on the disk
ADDRESS : 0x2E549000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0xB0C86000
SIZE    : 408.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\werkernel.sys => Invisible on the disk
ADDRESS : 0xB0CEC000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CLFS.SYS => Invisible on the disk
ADDRESS : 0xB0CFA000
SIZE    : 388.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\tm.sys => Invisible on the disk
ADDRESS : 0xB0D5B000
SIZE    : 136.0 Ko

DRIVER  : C:\WINDOWS\system32\CI.dll => Invisible on the disk
ADDRESS : 0xB0E1C000
SIZE    : 544.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0xB0EA4000
SIZE    : 372.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0xB0F01000
SIZE    : 828.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0xB0FD0000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\acpiex.sys => Invisible on the disk
ADDRESS : 0xB0FE1000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\WppRecorder.sys => Invisible on the disk
ADDRESS : 0xB0E00000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0xB10CB000
SIZE    : 552.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0xB1155000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0xB115F000
SIZE    : 560.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0xB11F6000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0xB1000000
SIZE    : 288.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0xB1048000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\pdc.sys => Invisible on the disk
ADDRESS : 0xB1055000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0xB1071000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\spaceport.sys => Invisible on the disk
ADDRESS : 0xB0D9C000
SIZE    : 388.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0xB1089000
SIZE    : 84.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0xB0C00000
SIZE    : 380.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0xB109E000
SIZE    : 108.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\iaStorA.sys => Invisible on the disk
ADDRESS : 0xB1287000
SIZE    : 2.73 Mo

DRIVER  : C:\WINDOWS\System32\drivers\storport.sys => Invisible on the disk
ADDRESS : 0xB1541000
SIZE    : 380.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0xB1200000
SIZE    : 368.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0xB125C000
SIZE    : 88.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Wof.sys => Invisible on the disk
ADDRESS : 0xB15BA000
SIZE    : 172.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\WdFilter.sys => Invisible on the disk
ADDRESS : 0xB160C000
SIZE    : 268.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0xB18BB000
SIZE    : 1.96 Mo

DRIVER  : C:\WINDOWS\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0xB1AB1000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0xB1ACD000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0xB1ADD000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0xB1AE8000
SIZE    : 1.09 Mo

DRIVER  : C:\WINDOWS\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0xB1800000
SIZE    : 484.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0xB1879000
SIZE    : 196.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0xB1CF5000
SIZE    : 2.46 Mo

DRIVER  : C:\WINDOWS\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0xB1F6A000
SIZE    : 432.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\wfplwfs.sys => Invisible on the disk
ADDRESS : 0xB1FD6000
SIZE    : 148.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0xB1C00000
SIZE    : 596.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\amdkmpfd.sys => Invisible on the disk
ADDRESS : 0xB1C95000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0xB1CA2000
SIZE    : 320.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0xB164F000
SIZE    : 280.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0xB1695000
SIZE    : 92.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\intelpep.sys => Invisible on the disk
ADDRESS : 0xB18AA000
SIZE    : 60.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0xB16B8000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0xB16D4000
SIZE    : 340.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0xB1729000
SIZE    : 84.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\cdrom.sys => Invisible on the disk
ADDRESS : 0xB2536000
SIZE    : 184.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0xB2564000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0xB256D000
SIZE    : 32.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BasicRender.sys => Invisible on the disk
ADDRESS : 0xB2575000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0xB26BC000
SIZE    : 1.50 Mo

DRIVER  : C:\WINDOWS\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0xB283D000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0xB284F000
SIZE    : 388.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BasicDisplay.sys => Invisible on the disk
ADDRESS : 0xB28B0000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0xB28C2000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0xB28D6000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0xB28E2000
SIZE    : 128.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0xB2902000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0xB2910000
SIZE    : 304.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0xB295C000
SIZE    : 584.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0xB2600000
SIZE    : 168.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0xB262A000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0xB2642000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0xB2583000
SIZE    : 448.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0xB2653000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\npsvctrig.sys => Invisible on the disk
ADDRESS : 0xB2661000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0xB266D000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0xB2687000
SIZE    : 152.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\ahcache.sys => Invisible on the disk
ADDRESS : 0xB2200000
SIZE    : 92.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0xB26AD000
SIZE    : 60.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\kdnic.sys => Invisible on the disk
ADDRESS : 0xB29EE000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0xB2217000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\atikmpag.sys => Invisible on the disk
ADDRESS : 0xB174A000
SIZE    : 632.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\atikmdag.sys => Invisible on the disk
ADDRESS : 0xB2A7C000
SIZE    : 12.50 Mo

DRIVER  : C:\WINDOWS\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
ADDRESS : 0xB388A000
SIZE    : 4.09 Mo

DRIVER  : C:\WINDOWS\System32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0xB3CA0000
SIZE    : 100.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0xB3CB9000
SIZE    : 228.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBXHCI.SYS => Invisible on the disk
ADDRESS : 0xB3CF2000
SIZE    : 340.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\ucx01000.sys => Invisible on the disk
ADDRESS : 0xB3D47000
SIZE    : 200.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys => Invisible on the disk
ADDRESS : 0xB3D79000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0xB3D95000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0xB3800000
SIZE    : 444.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\L1C63x64.sys => Invisible on the disk
ADDRESS : 0xB4540000
SIZE    : 140.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\i8042prt.sys => Invisible on the disk
ADDRESS : 0xB4563000
SIZE    : 124.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\SynTP.sys => Invisible on the disk
ADDRESS : 0xB36FC000
SIZE    : 544.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0xB4582000
SIZE    : 48.0 Ko

REDACTED · « **Reply #8 on:** August 25, 2014, 03:14:40 PM »

Code: [Select]

DRIVER  : C:\WINDOWS\System32\drivers\mouclass.sys => Invisible on the disk
ADDRESS : 0xB458E000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0xB459E000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\AcpiVpc.sys => Invisible on the disk
ADDRESS : 0xB45AE000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CmBatt.sys => Invisible on the disk
ADDRESS : 0xB45C6000
SIZE    : 28.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0xB45CD000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys => Invisible on the disk
ADDRESS : 0xB45D9000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\intelppm.sys => Invisible on the disk
ADDRESS : 0xB3DAD000
SIZE    : 120.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\NdisVirtualBus.sys => Invisible on the disk
ADDRESS : 0xB45E6000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0xB45F1000
SIZE    : 8.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0xB2A00000
SIZE    : 312.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\iwdbus.sys => Invisible on the disk
ADDRESS : 0xB45F3000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\rdpbus.sys => Invisible on the disk
ADDRESS : 0xB3E00000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\usbhub.sys => Invisible on the disk
ADDRESS : 0xB3784000
SIZE    : 428.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\portcls.sys => Invisible on the disk
ADDRESS : 0xB46BE000
SIZE    : 284.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\drmk.sys => Invisible on the disk
ADDRESS : 0xB4705000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0xB4721000
SIZE    : 24.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\UsbHub3.sys => Invisible on the disk
ADDRESS : 0xB4727000
SIZE    : 480.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\CHDRT64.sys => Invisible on the disk
ADDRESS : 0xB485C000
SIZE    : 1.38 Mo

DRIVER  : C:\WINDOWS\System32\drivers\usbccgp.sys => Invisible on the disk
ADDRESS : 0xB49BC000
SIZE    : 168.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0xB4800000
SIZE    : 124.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0xB481F000
SIZE    : 32.0 Ko

DRIVER  : C:\WINDOWS\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x0006D000
SIZE    : 4.10 Mo

DRIVER  : C:\WINDOWS\system32\drivers\bcbtums.sys => Invisible on the disk
ADDRESS : 0xB479F000
SIZE    : 208.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\btwampfl.sys => Invisible on the disk
ADDRESS : 0xB4600000
SIZE    : 192.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\BTHUSB.sys => Invisible on the disk
ADDRESS : 0xB4842000
SIZE    : 100.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\bthport.sys => Invisible on the disk
ADDRESS : 0xB2228000
SIZE    : 1.17 Mo

DRIVER  : C:\WINDOWS\System32\Drivers\dump_diskdump.sys => Invisible on the disk
ADDRESS : 0xB49F4000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dump_iaStorA.sys => Invisible on the disk
ADDRESS : 0xB4A0F000
SIZE    : 2.73 Mo

DRIVER  : C:\WINDOWS\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0xB4CC9000
SIZE    : 88.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BthLEEnum.sys => Invisible on the disk
ADDRESS : 0xB4CDF000
SIZE    : 244.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\rfcomm.sys => Invisible on the disk
ADDRESS : 0xB4D1C000
SIZE    : 184.0 Ko

DRIVER  : C:\WINDOWS\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x006EB000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BthEnum.sys => Invisible on the disk
ADDRESS : 0xB4D4A000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\bthpan.sys => Invisible on the disk
ADDRESS : 0xB4D5C000
SIZE    : 132.0 Ko

DRIVER  : C:\WINDOWS\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00977000
SIZE    : 236.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\btwavdt.sys => Invisible on the disk
ADDRESS : 0xB4D7D000
SIZE    : 432.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\btwaudio.sys => Invisible on the disk
ADDRESS : 0xB2354000
SIZE    : 372.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\btwl2cap.sys => Invisible on the disk
ADDRESS : 0xB4DE9000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\btwrchid.sys => Invisible on the disk
ADDRESS : 0xB4A00000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\monitor.sys => Invisible on the disk
ADDRESS : 0xB4630000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\vm331avs.sys => Invisible on the disk
ADDRESS : 0xB23B1000
SIZE    : 1.02 Mo

DRIVER  : C:\WINDOWS\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0xB463E000
SIZE    : 144.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\mbam.sys => Invisible on the disk
ADDRESS : 0xB4662000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0xB466C000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0xB24B6000
SIZE    : 460.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0xB4680000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0xB4694000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\condrv.sys => Invisible on the disk
ADDRESS : 0xB46AC000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0xB506E000
SIZE    : 1000.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0xB5168000
SIZE    : 128.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0xB5188000
SIZE    : 92.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0xB5000000
SIZE    : 432.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0xB519F000
SIZE    : 228.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0xB526C000
SIZE    : 300.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\Ndu.sys => Invisible on the disk
ADDRESS : 0xB52B7000
SIZE    : 116.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0xB52D4000
SIZE    : 676.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0xB537D000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0xB5388000
SIZE    : 268.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0xB53CB000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0xB565E000
SIZE    : 692.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0xB570B000
SIZE    : 608.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0xB57A3000
SIZE    : 180.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0xB57D0000
SIZE    : 132.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\WUDFRd.sys => Invisible on the disk
ADDRESS : 0xB5600000
SIZE    : 248.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mshidumdf.sys => Invisible on the disk
ADDRESS : 0xB563E000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\system32\Drivers\WdNisDrv.sys => Invisible on the disk
ADDRESS : 0xB53DD000
SIZE    : 132.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys => Invisible on the disk
ADDRESS : 0xB3E0B000
SIZE    : 7.16 Mo

DRIVER  : C:\WINDOWS\System32\drivers\vwifibus.sys => Invisible on the disk
ADDRESS : 0xB522E000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\vwifimp.sys => Invisible on the disk
ADDRESS : 0xB523B000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\hidusb.sys => Invisible on the disk
ADDRESS : 0xB57F1000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mouhid.sys => Invisible on the disk
ADDRESS : 0xB5200000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\WSDPrint.sys => Invisible on the disk
ADDRESS : 0xB520D000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys => Invisible on the disk
ADDRESS : 0xB5249000
SIZE    : 132.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\mwac.sys => Invisible on the disk
ADDRESS : 0xB5647000
SIZE    : 76.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\usbprint.sys => Invisible on the disk
ADDRESS : 0xB5218000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBSTOR.SYS => Invisible on the disk
ADDRESS : 0xB51D8000
SIZE    : 152.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\usbscan.sys => Invisible on the disk
ADDRESS : 0xB4827000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\WpdUpFltr.sys => Invisible on the disk
ADDRESS : 0xB49E6000
SIZE    : 44.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN  NOVGA

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 82 F1 4C 74 00 00 00 00   .........ñLt....
0x000001C0   02 00 EE FF FF FF 01 00 00 00 FF FF FF FF 00 00   ..î.............
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

REDACTED · « **Reply #9 on:** August 25, 2014, 03:20:31 PM »

It is perfectly normal. I suppose that it depends on either BIOS/UEFI that is used in Lenovo, cause mine is G510

Nothing to be concerned about the MBR. However, I'd recommend to get rid of Spybot - this program won't protect you anymore. I'd also advise to clean temp files and scan for vulnerabilities. Go on, I want you to go from here as secured as possible

SpyBot S&D Warning

MVPS.org is no longer recommending SpyBot S&D due to very poor testing results (scroll down and read under Freeware Antispyware Products).
My advice is to get rid of this program. To do so:

Press the + R on your keyboard at the same time. Type appwiz.cpl and click OK.
Search for SpyBot, right-click the entry and click Uninstall.

This is optional, but please consider it.

Clean Temporary Files with TFC

Please download TFC by OldTimer and save it to your desktop.

Right-click on icon and select Run as Administrator to start the tool.
Close any open programs and save your current work.
Click the Start button to begin. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a couple of minutes.
Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

This tool doesn't generate any report. Instead I recommend to keep it for good maintenance of your machine.

Scan with Security Check

Please download Security Check by Screen317 and save it to your desktop.

Right-click on icon and select Run as Administrator to start the tool.
Follow onscreen instructions inside the black box. This scan won't take long.
Soon a notepad document called checkup.txt will open automaticaly.

Please include the content of that document.

REDACTED · « **Reply #10 on:** August 25, 2014, 09:39:06 PM »

Hey Naathim,

I guess I know you from another forum.

Thanks a lot for the help, I feel a lot more relaxed now.
Cheers mate!

EDIT: Yeah I already removed SpyBot.

REDACTED · « **Reply #11 on:** August 25, 2014, 09:59:45 PM »

Hi

What about the SecurityCheck report? I'd like to equip you with most updates and limit the vulnerabilities

REDACTED · « **Reply #12 on:** August 26, 2014, 02:25:12 PM »

Hey,
SecurityCheck says that it doesn't support the OS (Win 8.1).

EDIT: I also wanted to ask if I should remove SuperAntiSpyware. I only installed it last week to scan my system after this issue came up. I have a licensed AV and malware scanner otherwise.

REDACTED · « **Reply #13 on:** August 26, 2014, 02:46:22 PM »

Personally I doubt about SAS and wouldn't recommend it.
But it is up to you, I use a different program and I am happy with it

Last scan before I will let you go, I suppose

Scan with Panda Cloud Cleaner

This type of scan often produces false positives. In any case do not remove on your own any of its findings! Removal will be made after the careful analysis of the scan results.

Please download Panda Cloud Cleaner and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

Install the scanner by right-click on icon and select Run as Administrator.
It should start itself automaticaly after the installation.
In the main console click Accept and Scan.
This scan won't take long, about several minutes (depending on your system specs). Let it run uninterrupted.
At the last stage you will see a couple of messages about veryfying & analyzing results. Wait patiently.
Upon completion you will see detections window. Enter one of them and click there View Report at the bottom right side.
A notepad window named PCloudCleaner.log will open. Save it to your desktop.

Please include the contents of that file in your next reply.
Don't forget to re-enable your switched-off protection software!
After that you may uninstall Panda Cloud Cleaner from your machine, if you wish to.

REDACTED · « **Reply #14 on:** August 26, 2014, 03:44:01 PM »

Hey Naathim,

here are the Panda results. I'd like your advice regarding the last four (suspicious policy, MALWARE.Regkey). The others are very likely FPs cause I have licensed versions of the corresponding softwares.

Broken Link. FILE: File not found:C:\WINDOWS\SYSTEM32\NVINITX.DLL,C:\PROGRA~2\SOPHOS\SOPHOS~1\SOPHOS~2.DLL to be deleted.

Broken Link. REGKEY: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows[AppInit_DLLs]. Value: AppInit_DLLs To be changed to: .

Unknown. FILE: C:\PROGRAM FILES (X86)\MATLAB\R2014A\BIN\WIN32\MATLABSTARTUPACCELERATOR.EXE to be deleted.

Unknown. TASK: Task\[MATLAB R2014a Startup Accelerator]. Task to be deleted.

Broken Link. FILE: File not found:C:\WINDOWS\SYSWOW64\NVINIT.DLL,C:\PROGRA~2\SOPHOS\SOPHOS~1\SOPHOS~1.DLL to be deleted.

Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0

Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0

Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLEREGISTRYTOOLS]. Value: DISABLEREGISTRYTOOLS To be deleted. (Panda says System Hijack)

Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLETASKMGR]. Value: DISABLETASKMGR To be deleted. (Panda says System Hijack)

EDIT: The two REGKEY values are disabled, forgot to add that. Is it safe to rremove them?

Author Topic: Unknown MBR Code - funny behaviour at times (Read 15036 times)

REDACTED

Unknown MBR Code - funny behaviour at times

Eddy

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times

REDACTED

Re: Unknown MBR Code - funny behaviour at times