Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Slow PC, programs not responding every few clicks
Message
<blockquote data-quote="Axel" data-source="post: 316951" data-attributes="member: 31464"><p>Here you go</p><p></p><p>Malwarebytes Anti-Rootkit BETA 1.08.2.1001</p><p><a href="http://www.malwarebytes.org" target="_blank">www.malwarebytes.org</a></p><p></p><p>Database version: v2014.12.18.02</p><p></p><p>Windows 8 x64 NTFS</p><p>Internet Explorer 10.0.9200.17183</p><p>User :: IDEA-PC [administrator]</p><p></p><p>18/12/2014 6:23:47 PM</p><p>mbar-log-2014-12-18 (18-23-47).txt</p><p></p><p>Scan type: Quick scan</p><p>Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken</p><p>Scan options disabled:</p><p>Objects scanned: 351416</p><p>Time elapsed: 23 minute(s), 30 second(s)</p><p></p><p>Memory Processes Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Memory Modules Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Keys Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Values Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Data Items Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Folders Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Files Detected: 0</p><p>(No malicious items detected)</p><p></p><p>Physical Sectors Detected: 0</p><p>(No malicious items detected)</p><p></p><p>(end)</p><p></p><p></p><p>---------------------------------------</p><p>Malwarebytes Anti-Rootkit BETA 1.08.2.1001</p><p></p><p>(c) Malwarebytes Corporation 2011-2012</p><p></p><p>OS version: 6.2.9200 Windows 8 x64</p><p></p><p>Account is Administrative</p><p></p><p>Internet Explorer version: 10.0.9200.17183</p><p></p><p>File system is: NTFS</p><p>Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED</p><p>CPU speed: 3.293000 GHz</p><p>Memory total: 4179349504, free: 3086864384</p><p></p><p>Downloaded database version: v2014.12.18.02</p><p>Downloaded database version: v2014.12.14.01</p><p>Downloaded database version: v2014.12.06.01</p><p>Initializing...</p><p>======================</p><p>------------ Kernel report ------------</p><p> 12/18/2014 18:05:01</p><p>------------ Loaded modules -----------</p><p>\SystemRoot\system32\ntoskrnl.exe</p><p>\SystemRoot\system32\hal.dll</p><p>\SystemRoot\system32\kd.dll</p><p>\SystemRoot\system32\mcupdate_GenuineIntel.dll</p><p>\SystemRoot\System32\drivers\CLFS.SYS</p><p>\SystemRoot\System32\drivers\tm.sys</p><p>\SystemRoot\system32\PSHED.dll</p><p>\SystemRoot\system32\BOOTVID.dll</p><p>\SystemRoot\system32\CI.dll</p><p>\SystemRoot\System32\drivers\msrpc.sys</p><p>\SystemRoot\system32\drivers\Wdf01000.sys</p><p>\SystemRoot\system32\drivers\WDFLDR.SYS</p><p>\SystemRoot\System32\Drivers\acpiex.sys</p><p>\SystemRoot\System32\Drivers\WppRecorder.sys</p><p>\SystemRoot\System32\drivers\ACPI.sys</p><p>\SystemRoot\System32\drivers\WMILIB.SYS</p><p>\SystemRoot\System32\drivers\msisadrv.sys</p><p>\SystemRoot\System32\drivers\pci.sys</p><p>\SystemRoot\System32\Drivers\cng.sys</p><p>\SystemRoot\system32\drivers\tpm.sys</p><p>\SystemRoot\System32\drivers\vdrvroot.sys</p><p>\SystemRoot\system32\drivers\pdc.sys</p><p>\SystemRoot\System32\drivers\partmgr.sys</p><p>\SystemRoot\System32\drivers\spaceport.sys</p><p>\SystemRoot\System32\drivers\volmgr.sys</p><p>\SystemRoot\System32\drivers\volmgrx.sys</p><p>\SystemRoot\System32\drivers\mountmgr.sys</p><p>\SystemRoot\System32\drivers\storahci.sys</p><p>\SystemRoot\System32\drivers\storport.sys</p><p>\SystemRoot\system32\drivers\fltmgr.sys</p><p>\SystemRoot\System32\drivers\fileinfo.sys</p><p>\SystemRoot\System32\Drivers\Ntfs.sys</p><p>\SystemRoot\System32\Drivers\ksecdd.sys</p><p>\SystemRoot\System32\drivers\pcw.sys</p><p>\SystemRoot\System32\Drivers\Fs_Rec.sys</p><p>\SystemRoot\system32\drivers\ndis.sys</p><p>\SystemRoot\system32\drivers\NETIO.SYS</p><p>\SystemRoot\System32\Drivers\ksecpkg.sys</p><p>\SystemRoot\System32\drivers\tcpip.sys</p><p>\SystemRoot\System32\drivers\fwpkclnt.sys</p><p>\SystemRoot\system32\DRIVERS\wfplwfs.sys</p><p>\SystemRoot\system32\DRIVERS\aswNdisFlt.sys</p><p>\SystemRoot\system32\drivers\DDCDrv.sys</p><p>\SystemRoot\System32\DRIVERS\fvevol.sys</p><p>\SystemRoot\System32\drivers\volsnap.sys</p><p>\SystemRoot\System32\drivers\rdyboost.sys</p><p>\SystemRoot\System32\Drivers\mup.sys</p><p>\SystemRoot\System32\drivers\disk.sys</p><p>\SystemRoot\System32\drivers\CLASSPNP.SYS</p><p>\SystemRoot\System32\Drivers\aswVmm.sys</p><p>\SystemRoot\System32\Drivers\aswRvrt.sys</p><p>\SystemRoot\System32\Drivers\crashdmp.sys</p><p>\SystemRoot\System32\drivers\cdrom.sys</p><p>\SystemRoot\system32\drivers\aswSnx.sys</p><p>\??\C:\windows\system32\drivers\mbamchameleon.sys</p><p>\SystemRoot\system32\drivers\aswSP.sys</p><p>\SystemRoot\System32\Drivers\Null.SYS</p><p>\SystemRoot\System32\Drivers\Beep.SYS</p><p>\SystemRoot\system32\drivers\aswKbd.sys</p><p>\SystemRoot\System32\drivers\BasicRender.sys</p><p>\SystemRoot\System32\drivers\dxgkrnl.sys</p><p>\SystemRoot\System32\drivers\watchdog.sys</p><p>\SystemRoot\System32\drivers\dxgmms1.sys</p><p>\SystemRoot\System32\drivers\BasicDisplay.sys</p><p>\SystemRoot\System32\Drivers\Npfs.SYS</p><p>\SystemRoot\System32\Drivers\Msfs.SYS</p><p>\SystemRoot\system32\DRIVERS\tdx.sys</p><p>\SystemRoot\system32\DRIVERS\TDI.SYS</p><p>\SystemRoot\System32\DRIVERS\netbt.sys</p><p>\SystemRoot\system32\drivers\aswRdr2.sys</p><p>\SystemRoot\system32\drivers\afd.sys</p><p>\SystemRoot\system32\DRIVERS\pacer.sys</p><p>\SystemRoot\system32\DRIVERS\vwififlt.sys</p><p>\SystemRoot\system32\DRIVERS\netbios.sys</p><p>\SystemRoot\system32\DRIVERS\rdbss.sys</p><p>\SystemRoot\system32\DRIVERS\wanarp.sys</p><p>\SystemRoot\system32\drivers\nsiproxy.sys</p><p>\SystemRoot\System32\drivers\npsvctrig.sys</p><p>\SystemRoot\System32\drivers\mssmbios.sys</p><p>\SystemRoot\System32\drivers\discache.sys</p><p>\SystemRoot\System32\Drivers\dfsc.sys</p><p>\SystemRoot\system32\DRIVERS\ndistapi.sys</p><p>\SystemRoot\system32\DRIVERS\ndiswan.sys</p><p>\SystemRoot\system32\DRIVERS\rassstp.sys</p><p>\SystemRoot\system32\DRIVERS\AgileVpn.sys</p><p>\SystemRoot\System32\drivers\CompositeBus.sys</p><p>\SystemRoot\system32\DRIVERS\kdnic.sys</p><p>\SystemRoot\System32\drivers\umbus.sys</p><p>\SystemRoot\system32\DRIVERS\igdkmd64.sys</p><p>\SystemRoot\System32\drivers\HECIx64.sys</p><p>\SystemRoot\System32\drivers\usbehci.sys</p><p>\SystemRoot\System32\drivers\USBPORT.SYS</p><p>\SystemRoot\System32\drivers\HDAudBus.sys</p><p>\SystemRoot\system32\DRIVERS\RtsP2Stor.sys</p><p>\SystemRoot\system32\DRIVERS\Rt630x64.sys</p><p>\SystemRoot\system32\DRIVERS\rtwlane.sys</p><p>\SystemRoot\System32\drivers\vwifibus.sys</p><p>\SystemRoot\System32\drivers\i8042prt.sys</p><p>\SystemRoot\System32\drivers\kbdclass.sys</p><p>\SystemRoot\System32\drivers\intelppm.sys</p><p>\SystemRoot\System32\drivers\wmiacpi.sys</p><p>\SystemRoot\system32\DRIVERS\raspptp.sys</p><p>\SystemRoot\system32\DRIVERS\rasl2tp.sys</p><p>\SystemRoot\system32\DRIVERS\raspppoe.sys</p><p>\SystemRoot\System32\drivers\swenum.sys</p><p>\SystemRoot\System32\drivers\ks.sys</p><p>\SystemRoot\System32\drivers\rdpbus.sys</p><p>\SystemRoot\System32\Drivers\NDProxy.SYS</p><p>\SystemRoot\System32\drivers\usbhub.sys</p><p>\SystemRoot\System32\drivers\USBD.SYS</p><p>\SystemRoot\system32\drivers\RTKVHD64.sys</p><p>\SystemRoot\system32\drivers\portcls.sys</p><p>\SystemRoot\system32\drivers\drmk.sys</p><p>\SystemRoot\system32\drivers\ksthunk.sys</p><p>\SystemRoot\system32\DRIVERS\IntcDAud.sys</p><p>\SystemRoot\System32\drivers\USBSTOR.SYS</p><p>\SystemRoot\System32\drivers\usbccgp.sys</p><p>\SystemRoot\System32\drivers\hidusb.sys</p><p>\SystemRoot\System32\drivers\HIDCLASS.SYS</p><p>\SystemRoot\System32\drivers\HIDPARSE.SYS</p><p>\SystemRoot\System32\drivers\mouhid.sys</p><p>\SystemRoot\System32\drivers\mouclass.sys</p><p>\SystemRoot\System32\drivers\kbdhid.sys</p><p>\SystemRoot\system32\drivers\bcbtums.sys</p><p>\??\C:\windows\system32\drivers\btwampfl.sys</p><p>\SystemRoot\System32\Drivers\BTHUSB.sys</p><p>\SystemRoot\System32\Drivers\bthport.sys</p><p>\SystemRoot\System32\Drivers\VMC412.sys</p><p>\SystemRoot\System32\Drivers\vmuacflt.sys</p><p>\SystemRoot\system32\drivers\usbaudio.sys</p><p>\SystemRoot\system32\DRIVERS\BthLEEnum.sys</p><p>\SystemRoot\System32\drivers\rfcomm.sys</p><p>\SystemRoot\System32\drivers\BthEnum.sys</p><p>\SystemRoot\system32\DRIVERS\bthpan.sys</p><p>\SystemRoot\System32\drivers\btwavdt.sys</p><p>\SystemRoot\system32\drivers\btwaudio.sys</p><p>\SystemRoot\system32\DRIVERS\btwl2cap.sys</p><p>\SystemRoot\System32\drivers\btwrchid.sys</p><p>\SystemRoot\System32\Drivers\fastfat.SYS</p><p>\SystemRoot\System32\win32k.sys</p><p>\SystemRoot\System32\drivers\monitor.sys</p><p>\SystemRoot\System32\TSDDD.dll</p><p>\SystemRoot\System32\cdd.dll</p><p>\SystemRoot\System32\Drivers\dump_diskdump.sys</p><p>\SystemRoot\System32\Drivers\dump_storahci.sys</p><p>\SystemRoot\System32\Drivers\dump_dumpfve.sys</p><p>\SystemRoot\system32\drivers\luafv.sys</p><p>\SystemRoot\system32\drivers\aswMonFlt.sys</p><p>\??\C:\windows\system32\drivers\mbam.sys</p><p>\SystemRoot\system32\drivers\aswStm.sys</p><p>\SystemRoot\system32\DRIVERS\lltdio.sys</p><p>\SystemRoot\system32\DRIVERS\nwifi.sys</p><p>\SystemRoot\system32\DRIVERS\ndisuio.sys</p><p>\SystemRoot\system32\DRIVERS\rspndr.sys</p><p>\SystemRoot\System32\drivers\condrv.sys</p><p>\SystemRoot\system32\DRIVERS\vwifimp.sys</p><p>\SystemRoot\system32\drivers\HTTP.sys</p><p>\SystemRoot\system32\DRIVERS\bowser.sys</p><p>\SystemRoot\System32\drivers\mpsdrv.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb10.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb20.sys</p><p>\SystemRoot\system32\drivers\aswHwid.sys</p><p>\SystemRoot\system32\DRIVERS\idmwfp.sys</p><p>\SystemRoot\system32\drivers\Ndu.sys</p><p>\SystemRoot\system32\drivers\peauth.sys</p><p>\SystemRoot\System32\Drivers\secdrv.SYS</p><p>\SystemRoot\System32\DRIVERS\srvnet.sys</p><p>\SystemRoot\System32\drivers\tcpipreg.sys</p><p>\SystemRoot\System32\DRIVERS\srv2.sys</p><p>\SystemRoot\System32\DRIVERS\srv.sys</p><p>\SystemRoot\system32\drivers\WudfPf.sys</p><p>\SystemRoot\system32\DRIVERS\WUDFRd.sys</p><p>\SystemRoot\System32\drivers\WpdUpFltr.sys</p><p>\??\C:\windows\system32\drivers\MBAMSwissArmy.sys</p><p>----------- End -----------</p><p>Done!</p><p><<<1>>></p><p>Upper Device Name: \Device\Harddisk1\DR1</p><p>Upper Device Object: 0xfffffa8006151060</p><p>Upper Device Driver Name: \Driver\disk\</p><p>Lower Device Name: \Device\0000003e\</p><p>Lower Device Object: 0xfffffa8006158b00</p><p>Lower Device Driver Name: \Driver\USBSTOR\</p><p><<<1>>></p><p>Upper Device Name: \Device\Harddisk0\DR0</p><p>Upper Device Object: 0xfffffa8004dc1060</p><p>Upper Device Driver Name: \Driver\disk\</p><p>Lower Device Name: \Device\0000002f\</p><p>Lower Device Object: 0xfffffa80042d7060</p><p>Lower Device Driver Name: \Driver\storahci\</p><p><<<2>>></p><p>Physical Sector Size: 512</p><p>Drive: 0, DevicePointer: 0xfffffa8004dc1060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\</p><p>--------- Disk Stack ------</p><p>DevicePointer: 0xfffffa8004dc1b10, DeviceName: Unknown, DriverName: \Driver\partmgr\</p><p>DevicePointer: 0xfffffa8004dc1060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\</p><p>DevicePointer: 0xfffffa80042d68f0, DeviceName: Unknown, DriverName: \Driver\ACPI\</p><p>DevicePointer: 0xfffffa80042d7060, DeviceName: \Device\0000002f\, DriverName: \Driver\storahci\</p><p>------------ End ----------</p><p>Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\</p><p>Upper DeviceData: 0x0, 0x0, 0x0</p><p>Lower DeviceData: 0x0, 0x0, 0x0</p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p><<<2>>></p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p>Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...</p><p>File "C:\windows\System32\Drivers\vwifibus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)</p><p>Done!</p><p>Drive 0</p><p>This is a System drive</p><p>Scanning MBR on drive 0...</p><p>Inspecting partition table:</p><p>This drive is a GPT Drive.</p><p>MBR Signature: 55AA</p><p>Disk Signature: 3BA0E483</p><p></p><p>GPT Protective MBR Partition information:</p><p></p><p> Partition 0 type is EFI-GPT (0xee)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 1 Numsec = 4294967295</p><p></p><p> Partition 1 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 2 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 3 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p>GPT Partition information:</p><p></p><p> GPT Header Signature 4546492050415254</p><p> GPT Header Revision 65536 Size 92 CRC 3949877586</p><p> GPT Header CurrentLba = 1 BackupLba 976773167</p><p> GPT Header FirstUsableLba 34 LastUsableLba 976773134</p><p> GPT Header Guid 8ebf3e6b-8aeb-4339-91da-62e24a3ed376</p><p> GPT Header Contains 128 partition entries starting at LBA 2</p><p> GPT Header Partition entry size = 128</p><p></p><p> Backup GPT header Signature 4546492050415254</p><p> Backup GPT header Revision 65536 Size 92 CRC 3949877586</p><p> Backup GPT header CurrentLba = 976773167 BackupLba 1</p><p> Backup GPT header FirstUsableLba 34 LastUsableLba 976773134</p><p> Backup GPT header Guid 8ebf3e6b-8aeb-4339-91da-62e24a3ed376</p><p> Backup GPT header Contains 128 partition entries starting at LBA 976773135</p><p> Backup GPT header Partition entry size = 128</p><p></p><p> Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac</p><p> Partition ID 2a6b6ef5-8d59-426e-9a8b-659bbfbab2d6</p><p> FirstLBA 2048 Last LBA 2050047</p><p> Attributes 1</p><p> Partition Name </p><p></p><p> Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b</p><p> Partition ID af27197d-14c1-4e21-9273-d2b39ec5b7d5</p><p> FirstLBA 2050048 Last LBA 2582527</p><p> Attributes 0</p><p> Partition Name EFI system partition</p><p></p><p> GPT Partition 1 is bootable</p><p> Partition 2 Type bfbfafe7-a34f-448a-9a5b-6213eb736c22</p><p> Partition ID b176eb77-9caa-444f-a470-3d384a5e588c</p><p> FirstLBA 2582528 Last LBA 3606527</p><p> Attributes 1</p><p> Partition Name </p><p></p><p> Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae</p><p> Partition ID 84053137-c135-4d91-9b2e-4c6133e4ba49</p><p> FirstLBA 3606528 Last LBA 3868671</p><p> Attributes 0</p><p> Partition Name Microsoft reserved partition</p><p></p><p> Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7</p><p> Partition ID 86916018-ec08-4b12-90f8-59d13f73dd7c</p><p> FirstLBA 3868672 Last LBA 207951871</p><p> Attributes 0</p><p> Partition Name Basic data partition</p><p></p><p> Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac</p><p> Partition ID 3cef5f9f-7ae6-4d5c-b66-9ce8b7ced48c</p><p> FirstLBA 207951872 Last LBA 208668671</p><p> Attributes 1</p><p> Partition Name </p><p></p><p> Partition 6 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7</p><p> Partition ID 14620c78-b5ae-4275-abc5-226e2fa5c4bf</p><p> FirstLBA 208668672 Last LBA 925573119</p><p> Attributes 0</p><p> Partition Name Basic data partition</p><p></p><p> Partition 7 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac</p><p> Partition ID 34400421-edb-4a35-a4cd-9635969fea3</p><p> FirstLBA 925573120 Last LBA 976773119</p><p> Attributes 1</p><p> Partition Name </p><p></p><p>Disk Size: 500107862016 bytes</p><p>Sector size: 512 bytes</p><p></p><p>Done!</p><p>Physical Sector Size: 512</p><p>Drive: 1, DevicePointer: 0xfffffa8006151060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\</p><p>--------- Disk Stack ------</p><p>DevicePointer: 0xfffffa8006116b10, DeviceName: Unknown, DriverName: \Driver\partmgr\</p><p>DevicePointer: 0xfffffa8006151060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\</p><p>DevicePointer: 0xfffffa8006158b00, DeviceName: \Device\0000003e\, DriverName: \Driver\USBSTOR\</p><p>------------ End ----------</p><p>Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\</p><p>Upper DeviceData: 0x0, 0x0, 0x0</p><p>Lower DeviceData: 0x0, 0x0, 0x0</p><p>Drive 1</p><p>Scanning MBR on drive 1...</p><p>Inspecting partition table:</p><p>MBR Signature: 55AA</p><p>Disk Signature: BC746</p><p></p><p>Partition information:</p><p></p><p> Partition 0 type is Other (0xb)</p><p> Partition is ACTIVE.</p><p> Partition starts at LBA: 63 Numsec = 15149232</p><p> Partition file system is FAT32</p><p> Partition is not bootable</p><p></p><p> Partition 1 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 2 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 3 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p>Disk Size: 7759462400 bytes</p><p>Sector size: 512 bytes</p><p></p><p>Done!</p><p>---------------------------------------</p><p>Malwarebytes Anti-Rootkit BETA 1.08.2.1001</p><p></p><p>(c) Malwarebytes Corporation 2011-2012</p><p></p><p>OS version: 6.2.9200 Windows 8 x64</p><p></p><p>Account is Administrative</p><p></p><p>Internet Explorer version: 10.0.9200.17183</p><p></p><p>File system is: NTFS</p><p>Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED</p><p>CPU speed: 3.293000 GHz</p><p>Memory total: 4179349504, free: 3044732928</p><p></p><p>=======================================</p><p>Initializing...</p><p>------------ Kernel report ------------</p><p> 12/18/2014 18:23:40</p><p>------------ Loaded modules -----------</p><p>\SystemRoot\system32\ntoskrnl.exe</p><p>\SystemRoot\system32\hal.dll</p><p>\SystemRoot\system32\kd.dll</p><p>\SystemRoot\system32\mcupdate_GenuineIntel.dll</p><p>\SystemRoot\System32\drivers\CLFS.SYS</p><p>\SystemRoot\System32\drivers\tm.sys</p><p>\SystemRoot\system32\PSHED.dll</p><p>\SystemRoot\system32\BOOTVID.dll</p><p>\SystemRoot\system32\CI.dll</p><p>\SystemRoot\System32\drivers\msrpc.sys</p><p>\SystemRoot\system32\drivers\Wdf01000.sys</p><p>\SystemRoot\system32\drivers\WDFLDR.SYS</p><p>\SystemRoot\System32\Drivers\acpiex.sys</p><p>\SystemRoot\System32\Drivers\WppRecorder.sys</p><p>\SystemRoot\System32\drivers\ACPI.sys</p><p>\SystemRoot\System32\drivers\WMILIB.SYS</p><p>\SystemRoot\System32\drivers\msisadrv.sys</p><p>\SystemRoot\System32\drivers\pci.sys</p><p>\SystemRoot\System32\Drivers\cng.sys</p><p>\SystemRoot\system32\drivers\tpm.sys</p><p>\SystemRoot\System32\drivers\vdrvroot.sys</p><p>\SystemRoot\system32\drivers\pdc.sys</p><p>\SystemRoot\System32\drivers\partmgr.sys</p><p>\SystemRoot\System32\drivers\spaceport.sys</p><p>\SystemRoot\System32\drivers\volmgr.sys</p><p>\SystemRoot\System32\drivers\volmgrx.sys</p><p>\SystemRoot\System32\drivers\mountmgr.sys</p><p>\SystemRoot\System32\drivers\storahci.sys</p><p>\SystemRoot\System32\drivers\storport.sys</p><p>\SystemRoot\system32\drivers\fltmgr.sys</p><p>\SystemRoot\System32\drivers\fileinfo.sys</p><p>\SystemRoot\System32\Drivers\Ntfs.sys</p><p>\SystemRoot\System32\Drivers\ksecdd.sys</p><p>\SystemRoot\System32\drivers\pcw.sys</p><p>\SystemRoot\System32\Drivers\Fs_Rec.sys</p><p>\SystemRoot\system32\drivers\ndis.sys</p><p>\SystemRoot\system32\drivers\NETIO.SYS</p><p>\SystemRoot\System32\Drivers\ksecpkg.sys</p><p>\SystemRoot\System32\drivers\tcpip.sys</p><p>\SystemRoot\System32\drivers\fwpkclnt.sys</p><p>\SystemRoot\system32\DRIVERS\wfplwfs.sys</p><p>\SystemRoot\system32\DRIVERS\aswNdisFlt.sys</p><p>\SystemRoot\system32\drivers\DDCDrv.sys</p><p>\SystemRoot\System32\DRIVERS\fvevol.sys</p><p>\SystemRoot\System32\drivers\volsnap.sys</p><p>\SystemRoot\System32\drivers\rdyboost.sys</p><p>\SystemRoot\System32\Drivers\mup.sys</p><p>\SystemRoot\System32\drivers\disk.sys</p><p>\SystemRoot\System32\drivers\CLASSPNP.SYS</p><p>\SystemRoot\System32\Drivers\aswVmm.sys</p><p>\SystemRoot\System32\Drivers\aswRvrt.sys</p><p>\SystemRoot\System32\Drivers\crashdmp.sys</p><p>\SystemRoot\System32\drivers\cdrom.sys</p><p>\SystemRoot\system32\drivers\aswSnx.sys</p><p>\??\C:\windows\system32\drivers\mbamchameleon.sys</p><p>\SystemRoot\system32\drivers\aswSP.sys</p><p>\SystemRoot\System32\Drivers\Null.SYS</p><p>\SystemRoot\System32\Drivers\Beep.SYS</p><p>\SystemRoot\system32\drivers\aswKbd.sys</p><p>\SystemRoot\System32\drivers\BasicRender.sys</p><p>\SystemRoot\System32\drivers\dxgkrnl.sys</p><p>\SystemRoot\System32\drivers\watchdog.sys</p><p>\SystemRoot\System32\drivers\dxgmms1.sys</p><p>\SystemRoot\System32\drivers\BasicDisplay.sys</p><p>\SystemRoot\System32\Drivers\Npfs.SYS</p><p>\SystemRoot\System32\Drivers\Msfs.SYS</p><p>\SystemRoot\system32\DRIVERS\tdx.sys</p><p>\SystemRoot\system32\DRIVERS\TDI.SYS</p><p>\SystemRoot\System32\DRIVERS\netbt.sys</p><p>\SystemRoot\system32\drivers\aswRdr2.sys</p><p>\SystemRoot\system32\drivers\afd.sys</p><p>\SystemRoot\system32\DRIVERS\pacer.sys</p><p>\SystemRoot\system32\DRIVERS\vwififlt.sys</p><p>\SystemRoot\system32\DRIVERS\netbios.sys</p><p>\SystemRoot\system32\DRIVERS\rdbss.sys</p><p>\SystemRoot\system32\DRIVERS\wanarp.sys</p><p>\SystemRoot\system32\drivers\nsiproxy.sys</p><p>\SystemRoot\System32\drivers\npsvctrig.sys</p><p>\SystemRoot\System32\drivers\mssmbios.sys</p><p>\SystemRoot\System32\drivers\discache.sys</p><p>\SystemRoot\System32\Drivers\dfsc.sys</p><p>\SystemRoot\system32\DRIVERS\ndistapi.sys</p><p>\SystemRoot\system32\DRIVERS\ndiswan.sys</p><p>\SystemRoot\system32\DRIVERS\rassstp.sys</p><p>\SystemRoot\system32\DRIVERS\AgileVpn.sys</p><p>\SystemRoot\System32\drivers\CompositeBus.sys</p><p>\SystemRoot\system32\DRIVERS\kdnic.sys</p><p>\SystemRoot\System32\drivers\umbus.sys</p><p>\SystemRoot\system32\DRIVERS\igdkmd64.sys</p><p>\SystemRoot\System32\drivers\HECIx64.sys</p><p>\SystemRoot\System32\drivers\usbehci.sys</p><p>\SystemRoot\System32\drivers\USBPORT.SYS</p><p>\SystemRoot\System32\drivers\HDAudBus.sys</p><p>\SystemRoot\system32\DRIVERS\RtsP2Stor.sys</p><p>\SystemRoot\system32\DRIVERS\Rt630x64.sys</p><p>\SystemRoot\system32\DRIVERS\rtwlane.sys</p><p>\SystemRoot\System32\drivers\vwifibus.sys</p><p>\SystemRoot\System32\drivers\i8042prt.sys</p><p>\SystemRoot\System32\drivers\kbdclass.sys</p><p>\SystemRoot\System32\drivers\intelppm.sys</p><p>\SystemRoot\System32\drivers\wmiacpi.sys</p><p>\SystemRoot\system32\DRIVERS\raspptp.sys</p><p>\SystemRoot\system32\DRIVERS\rasl2tp.sys</p><p>\SystemRoot\system32\DRIVERS\raspppoe.sys</p><p>\SystemRoot\System32\drivers\swenum.sys</p><p>\SystemRoot\System32\drivers\ks.sys</p><p>\SystemRoot\System32\drivers\rdpbus.sys</p><p>\SystemRoot\System32\Drivers\NDProxy.SYS</p><p>\SystemRoot\System32\drivers\usbhub.sys</p><p>\SystemRoot\System32\drivers\USBD.SYS</p><p>\SystemRoot\system32\drivers\RTKVHD64.sys</p><p>\SystemRoot\system32\drivers\portcls.sys</p><p>\SystemRoot\system32\drivers\drmk.sys</p><p>\SystemRoot\system32\drivers\ksthunk.sys</p><p>\SystemRoot\system32\DRIVERS\IntcDAud.sys</p><p>\SystemRoot\System32\Drivers\fastfat.SYS</p><p>\SystemRoot\System32\drivers\USBSTOR.SYS</p><p>\SystemRoot\System32\drivers\usbccgp.sys</p><p>\SystemRoot\System32\drivers\hidusb.sys</p><p>\SystemRoot\System32\drivers\HIDCLASS.SYS</p><p>\SystemRoot\System32\drivers\HIDPARSE.SYS</p><p>\SystemRoot\System32\win32k.sys</p><p>\SystemRoot\System32\drivers\mouhid.sys</p><p>\SystemRoot\System32\drivers\mouclass.sys</p><p>\SystemRoot\System32\drivers\kbdhid.sys</p><p>\SystemRoot\System32\drivers\monitor.sys</p><p>\SystemRoot\System32\TSDDD.dll</p><p>\SystemRoot\system32\drivers\bcbtums.sys</p><p>\??\C:\windows\system32\drivers\btwampfl.sys</p><p>\SystemRoot\System32\Drivers\BTHUSB.sys</p><p>\SystemRoot\System32\Drivers\bthport.sys</p><p>\SystemRoot\System32\cdd.dll</p><p>\SystemRoot\System32\Drivers\VMC412.sys</p><p>\SystemRoot\System32\Drivers\vmuacflt.sys</p><p>\SystemRoot\system32\drivers\usbaudio.sys</p><p>\SystemRoot\System32\Drivers\dump_diskdump.sys</p><p>\SystemRoot\System32\Drivers\dump_storahci.sys</p><p>\SystemRoot\System32\Drivers\dump_dumpfve.sys</p><p>\SystemRoot\system32\DRIVERS\BthLEEnum.sys</p><p>\SystemRoot\System32\drivers\rfcomm.sys</p><p>\SystemRoot\System32\drivers\BthEnum.sys</p><p>\SystemRoot\system32\DRIVERS\bthpan.sys</p><p>\SystemRoot\System32\drivers\btwavdt.sys</p><p>\SystemRoot\system32\drivers\btwaudio.sys</p><p>\SystemRoot\system32\DRIVERS\btwl2cap.sys</p><p>\SystemRoot\System32\drivers\btwrchid.sys</p><p>\SystemRoot\system32\drivers\luafv.sys</p><p>\SystemRoot\system32\drivers\aswMonFlt.sys</p><p>\??\C:\windows\system32\drivers\mbam.sys</p><p>\SystemRoot\system32\drivers\aswStm.sys</p><p>\SystemRoot\system32\DRIVERS\lltdio.sys</p><p>\SystemRoot\system32\DRIVERS\nwifi.sys</p><p>\SystemRoot\system32\DRIVERS\ndisuio.sys</p><p>\SystemRoot\system32\DRIVERS\rspndr.sys</p><p>\SystemRoot\System32\drivers\condrv.sys</p><p>\SystemRoot\system32\DRIVERS\vwifimp.sys</p><p>\SystemRoot\system32\drivers\HTTP.sys</p><p>\SystemRoot\system32\DRIVERS\bowser.sys</p><p>\SystemRoot\System32\drivers\mpsdrv.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb10.sys</p><p>\SystemRoot\system32\DRIVERS\mrxsmb20.sys</p><p>\SystemRoot\system32\drivers\aswHwid.sys</p><p>\SystemRoot\system32\DRIVERS\idmwfp.sys</p><p>\SystemRoot\system32\drivers\Ndu.sys</p><p>\SystemRoot\system32\drivers\peauth.sys</p><p>\SystemRoot\System32\Drivers\secdrv.SYS</p><p>\SystemRoot\System32\DRIVERS\srvnet.sys</p><p>\SystemRoot\System32\drivers\tcpipreg.sys</p><p>\SystemRoot\System32\DRIVERS\srv2.sys</p><p>\SystemRoot\System32\DRIVERS\srv.sys</p><p>\SystemRoot\system32\drivers\WudfPf.sys</p><p>\SystemRoot\system32\DRIVERS\WUDFRd.sys</p><p>\SystemRoot\System32\drivers\WpdUpFltr.sys</p><p>\??\C:\windows\system32\drivers\MBAMSwissArmy.sys</p><p>----------- End -----------</p><p>Done!</p><p><<<1>>></p><p>Upper Device Name: \Device\Harddisk1\DR1</p><p>Upper Device Object: 0xfffffa80061dc740</p><p>Upper Device Driver Name: \Driver\disk\</p><p>Lower Device Name: \Device\0000003e\</p><p>Lower Device Object: 0xfffffa80061ecb00</p><p>Lower Device Driver Name: \Driver\USBSTOR\</p><p><<<1>>></p><p>Upper Device Name: \Device\Harddisk0\DR0</p><p>Upper Device Object: 0xfffffa8004dbd060</p><p>Upper Device Driver Name: \Driver\disk\</p><p>Lower Device Name: \Device\0000002f\</p><p>Lower Device Object: 0xfffffa80042d1720</p><p>Lower Device Driver Name: \Driver\storahci\</p><p><<<2>>></p><p>Physical Sector Size: 512</p><p>Drive: 0, DevicePointer: 0xfffffa8004dbd060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\</p><p>--------- Disk Stack ------</p><p>DevicePointer: 0xfffffa80045d3980, DeviceName: Unknown, DriverName: \Driver\partmgr\</p><p>DevicePointer: 0xfffffa8004dbd060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\</p><p>DevicePointer: 0xfffffa80042d0af0, DeviceName: Unknown, DriverName: \Driver\ACPI\</p><p>DevicePointer: 0xfffffa80042d1720, DeviceName: \Device\0000002f\, DriverName: \Driver\storahci\</p><p>------------ End ----------</p><p>Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\</p><p>Upper DeviceData: 0x0, 0x0, 0x0</p><p>Lower DeviceData: 0x0, 0x0, 0x0</p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p><<<2>>></p><p><<<3>>></p><p>Volume: C:</p><p>File system type: NTFS</p><p>SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes</p><p>Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...</p><p>File "C:\windows\System32\Drivers\vwifibus.sys" is compressed (flags = 1)</p><p>File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)</p><p>Done!</p><p>Drive 0</p><p>This is a System drive</p><p>Scanning MBR on drive 0...</p><p>Inspecting partition table:</p><p>This drive is a GPT Drive.</p><p>MBR Signature: 55AA</p><p>Disk Signature: 3BA0E483</p><p></p><p>GPT Protective MBR Partition information:</p><p></p><p> Partition 0 type is EFI-GPT (0xee)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 1 Numsec = 4294967295</p><p></p><p> Partition 1 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 2 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 3 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p>GPT Partition information:</p><p></p><p> GPT Header Signature 4546492050415254</p><p> GPT Header Revision 65536 Size 92 CRC 3949877586</p><p> GPT Header CurrentLba = 1 BackupLba 976773167</p><p> GPT Header FirstUsableLba 34 LastUsableLba 976773134</p><p> GPT Header Guid 8ebf3e6b-8aeb-4339-91da-62e24a3ed376</p><p> GPT Header Contains 128 partition entries starting at LBA 2</p><p> GPT Header Partition entry size = 128</p><p></p><p> Backup GPT header Signature 4546492050415254</p><p> Backup GPT header Revision 65536 Size 92 CRC 3949877586</p><p> Backup GPT header CurrentLba = 976773167 BackupLba 1</p><p> Backup GPT header FirstUsableLba 34 LastUsableLba 976773134</p><p> Backup GPT header Guid 8ebf3e6b-8aeb-4339-91da-62e24a3ed376</p><p> Backup GPT header Contains 128 partition entries starting at LBA 976773135</p><p> Backup GPT header Partition entry size = 128</p><p></p><p> Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac</p><p> Partition ID 2a6b6ef5-8d59-426e-9a8b-659bbfbab2d6</p><p> FirstLBA 2048 Last LBA 2050047</p><p> Attributes 1</p><p> Partition Name </p><p></p><p> Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b</p><p> Partition ID af27197d-14c1-4e21-9273-d2b39ec5b7d5</p><p> FirstLBA 2050048 Last LBA 2582527</p><p> Attributes 0</p><p> Partition Name EFI system partition</p><p></p><p> GPT Partition 1 is bootable</p><p> Partition 2 Type bfbfafe7-a34f-448a-9a5b-6213eb736c22</p><p> Partition ID b176eb77-9caa-444f-a470-3d384a5e588c</p><p> FirstLBA 2582528 Last LBA 3606527</p><p> Attributes 1</p><p> Partition Name </p><p></p><p> Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae</p><p> Partition ID 84053137-c135-4d91-9b2e-4c6133e4ba49</p><p> FirstLBA 3606528 Last LBA 3868671</p><p> Attributes 0</p><p> Partition Name Microsoft reserved partition</p><p></p><p> Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7</p><p> Partition ID 86916018-ec08-4b12-90f8-59d13f73dd7c</p><p> FirstLBA 3868672 Last LBA 207951871</p><p> Attributes 0</p><p> Partition Name Basic data partition</p><p></p><p> Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac</p><p> Partition ID 3cef5f9f-7ae6-4d5c-b66-9ce8b7ced48c</p><p> FirstLBA 207951872 Last LBA 208668671</p><p> Attributes 1</p><p> Partition Name </p><p></p><p> Partition 6 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7</p><p> Partition ID 14620c78-b5ae-4275-abc5-226e2fa5c4bf</p><p> FirstLBA 208668672 Last LBA 925573119</p><p> Attributes 0</p><p> Partition Name Basic data partition</p><p></p><p> Partition 7 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac</p><p> Partition ID 34400421-edb-4a35-a4cd-9635969fea3</p><p> FirstLBA 925573120 Last LBA 976773119</p><p> Attributes 1</p><p> Partition Name </p><p></p><p>Disk Size: 500107862016 bytes</p><p>Sector size: 512 bytes</p><p></p><p>Done!</p><p>Physical Sector Size: 512</p><p>Drive: 1, DevicePointer: 0xfffffa80061dc740, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\</p><p>--------- Disk Stack ------</p><p>DevicePointer: 0xfffffa800610e760, DeviceName: Unknown, DriverName: \Driver\partmgr\</p><p>DevicePointer: 0xfffffa80061dc740, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\</p><p>DevicePointer: 0xfffffa80061ecb00, DeviceName: \Device\0000003e\, DriverName: \Driver\USBSTOR\</p><p>------------ End ----------</p><p>Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\</p><p>Upper DeviceData: 0x0, 0x0, 0x0</p><p>Lower DeviceData: 0x0, 0x0, 0x0</p><p>Drive 1</p><p>Scanning MBR on drive 1...</p><p>Inspecting partition table:</p><p>MBR Signature: 55AA</p><p>Disk Signature: BC746</p><p></p><p>Partition information:</p><p></p><p> Partition 0 type is Other (0xb)</p><p> Partition is ACTIVE.</p><p> Partition starts at LBA: 63 Numsec = 15149232</p><p> Partition file system is FAT32</p><p> Partition is not bootable</p><p></p><p> Partition 1 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 2 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p> Partition 3 type is Empty (0x0)</p><p> Partition is NOT ACTIVE.</p><p> Partition starts at LBA: 0 Numsec = 0</p><p></p><p>Disk Size: 7759462400 bytes</p><p>Sector size: 512 bytes</p><p></p><p>Done!</p><p>Scan finished</p><p>=======================================</p><p></p><p></p><p>Removal queue found; removal started</p><p>Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...</p><p>Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...</p><p>Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...</p><p>Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-63-i.mbam...</p><p>Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...</p><p>Removal finished</p></blockquote><p></p>
[QUOTE="Axel, post: 316951, member: 31464"] Here you go Malwarebytes Anti-Rootkit BETA 1.08.2.1001 [url="http://www.malwarebytes.org"]www.malwarebytes.org[/url] Database version: v2014.12.18.02 Windows 8 x64 NTFS Internet Explorer 10.0.9200.17183 User :: IDEA-PC [administrator] 18/12/2014 6:23:47 PM mbar-log-2014-12-18 (18-23-47).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 351416 Time elapsed: 23 minute(s), 30 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.08.2.1001 (c) Malwarebytes Corporation 2011-2012 OS version: 6.2.9200 Windows 8 x64 Account is Administrative Internet Explorer version: 10.0.9200.17183 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 3.293000 GHz Memory total: 4179349504, free: 3086864384 Downloaded database version: v2014.12.18.02 Downloaded database version: v2014.12.14.01 Downloaded database version: v2014.12.06.01 Initializing... ====================== ------------ Kernel report ------------ 12/18/2014 18:05:01 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\system32\drivers\tpm.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\storahci.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\wfplwfs.sys \SystemRoot\system32\DRIVERS\aswNdisFlt.sys \SystemRoot\system32\drivers\DDCDrv.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\aswVmm.sys \SystemRoot\System32\Drivers\aswRvrt.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\system32\drivers\aswSnx.sys \??\C:\windows\system32\drivers\mbamchameleon.sys \SystemRoot\system32\drivers\aswSP.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\system32\drivers\aswKbd.sys \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\aswRdr2.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\System32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\HECIx64.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\RtsP2Stor.sys \SystemRoot\system32\DRIVERS\Rt630x64.sys \SystemRoot\system32\DRIVERS\rtwlane.sys \SystemRoot\System32\drivers\vwifibus.sys \SystemRoot\System32\drivers\i8042prt.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\System32\drivers\intelppm.sys \SystemRoot\System32\drivers\wmiacpi.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\USBD.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\System32\drivers\USBSTOR.SYS \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\drivers\mouhid.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\System32\drivers\kbdhid.sys \SystemRoot\system32\drivers\bcbtums.sys \??\C:\windows\system32\drivers\btwampfl.sys \SystemRoot\System32\Drivers\BTHUSB.sys \SystemRoot\System32\Drivers\bthport.sys \SystemRoot\System32\Drivers\VMC412.sys \SystemRoot\System32\Drivers\vmuacflt.sys \SystemRoot\system32\drivers\usbaudio.sys \SystemRoot\system32\DRIVERS\BthLEEnum.sys \SystemRoot\System32\drivers\rfcomm.sys \SystemRoot\System32\drivers\BthEnum.sys \SystemRoot\system32\DRIVERS\bthpan.sys \SystemRoot\System32\drivers\btwavdt.sys \SystemRoot\system32\drivers\btwaudio.sys \SystemRoot\system32\DRIVERS\btwl2cap.sys \SystemRoot\System32\drivers\btwrchid.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_storahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\drivers\aswMonFlt.sys \??\C:\windows\system32\drivers\mbam.sys \SystemRoot\system32\drivers\aswStm.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\drivers\aswHwid.sys \SystemRoot\system32\DRIVERS\idmwfp.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\WUDFRd.sys \SystemRoot\System32\drivers\WpdUpFltr.sys \??\C:\windows\system32\drivers\MBAMSwissArmy.sys ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa8006151060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\0000003e\ Lower Device Object: 0xfffffa8006158b00 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8004dc1060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\0000002f\ Lower Device Object: 0xfffffa80042d7060 Lower Device Driver Name: \Driver\storahci\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8004dc1060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8004dc1b10, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8004dc1060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ DevicePointer: 0xfffffa80042d68f0, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xfffffa80042d7060, DeviceName: \Device\0000002f\, DriverName: \Driver\storahci\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... File "C:\windows\System32\Drivers\vwifibus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1) Done! Drive 0 This is a System drive Scanning MBR on drive 0... Inspecting partition table: This drive is a GPT Drive. MBR Signature: 55AA Disk Signature: 3BA0E483 GPT Protective MBR Partition information: Partition 0 type is EFI-GPT (0xee) Partition is NOT ACTIVE. Partition starts at LBA: 1 Numsec = 4294967295 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 GPT Partition information: GPT Header Signature 4546492050415254 GPT Header Revision 65536 Size 92 CRC 3949877586 GPT Header CurrentLba = 1 BackupLba 976773167 GPT Header FirstUsableLba 34 LastUsableLba 976773134 GPT Header Guid 8ebf3e6b-8aeb-4339-91da-62e24a3ed376 GPT Header Contains 128 partition entries starting at LBA 2 GPT Header Partition entry size = 128 Backup GPT header Signature 4546492050415254 Backup GPT header Revision 65536 Size 92 CRC 3949877586 Backup GPT header CurrentLba = 976773167 BackupLba 1 Backup GPT header FirstUsableLba 34 LastUsableLba 976773134 Backup GPT header Guid 8ebf3e6b-8aeb-4339-91da-62e24a3ed376 Backup GPT header Contains 128 partition entries starting at LBA 976773135 Backup GPT header Partition entry size = 128 Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 2a6b6ef5-8d59-426e-9a8b-659bbfbab2d6 FirstLBA 2048 Last LBA 2050047 Attributes 1 Partition Name Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b Partition ID af27197d-14c1-4e21-9273-d2b39ec5b7d5 FirstLBA 2050048 Last LBA 2582527 Attributes 0 Partition Name EFI system partition GPT Partition 1 is bootable Partition 2 Type bfbfafe7-a34f-448a-9a5b-6213eb736c22 Partition ID b176eb77-9caa-444f-a470-3d384a5e588c FirstLBA 2582528 Last LBA 3606527 Attributes 1 Partition Name Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae Partition ID 84053137-c135-4d91-9b2e-4c6133e4ba49 FirstLBA 3606528 Last LBA 3868671 Attributes 0 Partition Name Microsoft reserved partition Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID 86916018-ec08-4b12-90f8-59d13f73dd7c FirstLBA 3868672 Last LBA 207951871 Attributes 0 Partition Name Basic data partition Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 3cef5f9f-7ae6-4d5c-b66-9ce8b7ced48c FirstLBA 207951872 Last LBA 208668671 Attributes 1 Partition Name Partition 6 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID 14620c78-b5ae-4275-abc5-226e2fa5c4bf FirstLBA 208668672 Last LBA 925573119 Attributes 0 Partition Name Basic data partition Partition 7 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 34400421-edb-4a35-a4cd-9635969fea3 FirstLBA 925573120 Last LBA 976773119 Attributes 1 Partition Name Disk Size: 500107862016 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa8006151060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8006116b10, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8006151060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ DevicePointer: 0xfffffa8006158b00, DeviceName: \Device\0000003e\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: BC746 Partition information: Partition 0 type is Other (0xb) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 15149232 Partition file system is FAT32 Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 7759462400 bytes Sector size: 512 bytes Done! --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.08.2.1001 (c) Malwarebytes Corporation 2011-2012 OS version: 6.2.9200 Windows 8 x64 Account is Administrative Internet Explorer version: 10.0.9200.17183 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 3.293000 GHz Memory total: 4179349504, free: 3044732928 ======================================= Initializing... ------------ Kernel report ------------ 12/18/2014 18:23:40 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\system32\drivers\tpm.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\storahci.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\wfplwfs.sys \SystemRoot\system32\DRIVERS\aswNdisFlt.sys \SystemRoot\system32\drivers\DDCDrv.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\aswVmm.sys \SystemRoot\System32\Drivers\aswRvrt.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\system32\drivers\aswSnx.sys \??\C:\windows\system32\drivers\mbamchameleon.sys \SystemRoot\system32\drivers\aswSP.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\system32\drivers\aswKbd.sys \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\aswRdr2.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\System32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\HECIx64.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\RtsP2Stor.sys \SystemRoot\system32\DRIVERS\Rt630x64.sys \SystemRoot\system32\DRIVERS\rtwlane.sys \SystemRoot\System32\drivers\vwifibus.sys \SystemRoot\System32\drivers\i8042prt.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\System32\drivers\intelppm.sys \SystemRoot\System32\drivers\wmiacpi.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\USBD.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\System32\drivers\USBSTOR.SYS \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\mouhid.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\System32\drivers\kbdhid.sys \SystemRoot\System32\drivers\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\system32\drivers\bcbtums.sys \??\C:\windows\system32\drivers\btwampfl.sys \SystemRoot\System32\Drivers\BTHUSB.sys \SystemRoot\System32\Drivers\bthport.sys \SystemRoot\System32\cdd.dll \SystemRoot\System32\Drivers\VMC412.sys \SystemRoot\System32\Drivers\vmuacflt.sys \SystemRoot\system32\drivers\usbaudio.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_storahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\BthLEEnum.sys \SystemRoot\System32\drivers\rfcomm.sys \SystemRoot\System32\drivers\BthEnum.sys \SystemRoot\system32\DRIVERS\bthpan.sys \SystemRoot\System32\drivers\btwavdt.sys \SystemRoot\system32\drivers\btwaudio.sys \SystemRoot\system32\DRIVERS\btwl2cap.sys \SystemRoot\System32\drivers\btwrchid.sys \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\drivers\aswMonFlt.sys \??\C:\windows\system32\drivers\mbam.sys \SystemRoot\system32\drivers\aswStm.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\drivers\aswHwid.sys \SystemRoot\system32\DRIVERS\idmwfp.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\WUDFRd.sys \SystemRoot\System32\drivers\WpdUpFltr.sys \??\C:\windows\system32\drivers\MBAMSwissArmy.sys ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa80061dc740 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\0000003e\ Lower Device Object: 0xfffffa80061ecb00 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8004dbd060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\0000002f\ Lower Device Object: 0xfffffa80042d1720 Lower Device Driver Name: \Driver\storahci\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8004dbd060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa80045d3980, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8004dbd060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ DevicePointer: 0xfffffa80042d0af0, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xfffffa80042d1720, DeviceName: \Device\0000002f\, DriverName: \Driver\storahci\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... File "C:\windows\System32\Drivers\vwifibus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1) Done! Drive 0 This is a System drive Scanning MBR on drive 0... Inspecting partition table: This drive is a GPT Drive. MBR Signature: 55AA Disk Signature: 3BA0E483 GPT Protective MBR Partition information: Partition 0 type is EFI-GPT (0xee) Partition is NOT ACTIVE. Partition starts at LBA: 1 Numsec = 4294967295 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 GPT Partition information: GPT Header Signature 4546492050415254 GPT Header Revision 65536 Size 92 CRC 3949877586 GPT Header CurrentLba = 1 BackupLba 976773167 GPT Header FirstUsableLba 34 LastUsableLba 976773134 GPT Header Guid 8ebf3e6b-8aeb-4339-91da-62e24a3ed376 GPT Header Contains 128 partition entries starting at LBA 2 GPT Header Partition entry size = 128 Backup GPT header Signature 4546492050415254 Backup GPT header Revision 65536 Size 92 CRC 3949877586 Backup GPT header CurrentLba = 976773167 BackupLba 1 Backup GPT header FirstUsableLba 34 LastUsableLba 976773134 Backup GPT header Guid 8ebf3e6b-8aeb-4339-91da-62e24a3ed376 Backup GPT header Contains 128 partition entries starting at LBA 976773135 Backup GPT header Partition entry size = 128 Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 2a6b6ef5-8d59-426e-9a8b-659bbfbab2d6 FirstLBA 2048 Last LBA 2050047 Attributes 1 Partition Name Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b Partition ID af27197d-14c1-4e21-9273-d2b39ec5b7d5 FirstLBA 2050048 Last LBA 2582527 Attributes 0 Partition Name EFI system partition GPT Partition 1 is bootable Partition 2 Type bfbfafe7-a34f-448a-9a5b-6213eb736c22 Partition ID b176eb77-9caa-444f-a470-3d384a5e588c FirstLBA 2582528 Last LBA 3606527 Attributes 1 Partition Name Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae Partition ID 84053137-c135-4d91-9b2e-4c6133e4ba49 FirstLBA 3606528 Last LBA 3868671 Attributes 0 Partition Name Microsoft reserved partition Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID 86916018-ec08-4b12-90f8-59d13f73dd7c FirstLBA 3868672 Last LBA 207951871 Attributes 0 Partition Name Basic data partition Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 3cef5f9f-7ae6-4d5c-b66-9ce8b7ced48c FirstLBA 207951872 Last LBA 208668671 Attributes 1 Partition Name Partition 6 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID 14620c78-b5ae-4275-abc5-226e2fa5c4bf FirstLBA 208668672 Last LBA 925573119 Attributes 0 Partition Name Basic data partition Partition 7 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 34400421-edb-4a35-a4cd-9635969fea3 FirstLBA 925573120 Last LBA 976773119 Attributes 1 Partition Name Disk Size: 500107862016 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa80061dc740, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa800610e760, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa80061dc740, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ DevicePointer: 0xfffffa80061ecb00, DeviceName: \Device\0000003e\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: BC746 Partition information: Partition 0 type is Other (0xb) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 15149232 Partition file system is FAT32 Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 7759462400 bytes Sector size: 512 bytes Done! Scan finished ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-63-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam... Removal finished [/QUOTE]
Insert quotes…
Verification
Post reply
Top