Code:
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
(c) Malwarebytes Corporation 2011-2012
OS version: 6.2.9200 Windows 8 x64
Account is Administrative
Internet Explorer version: 10.0.9200.16580
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8534646784, free: 6397489152
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
(c) Malwarebytes Corporation 2011-2012
OS version: 6.2.9200 Windows 8 x64
Account is Administrative
Internet Explorer version: 10.0.9200.16580
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8534646784, free: 6375387136
Downloaded database version: v2013.11.11.08
=======================================
Downloaded database version: v2013.10.11.02
=======================================
Initializing...
DDA Driver installation error.
=======================================
Initializing...
DDA Driver installation error.
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
(c) Malwarebytes Corporation 2011-2012
OS version: 6.2.9200 Windows 8 x64
Account is Administrative
Internet Explorer version: 10.0.9200.16580
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8534646784, free: 6423244800
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
(c) Malwarebytes Corporation 2011-2012
OS version: 6.2.9200 Windows 8 x64
Account is Administrative
Internet Explorer version: 10.0.9200.16580
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8534646784, free: 6400933888
=======================================
=======================================
Initializing...
------------ Kernel report ------------
11/11/2013 17:21:08
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\wd.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\SFEP.sys
\SystemRoot\System32\drivers\sows.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\btath_bus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\system32\drivers\AtihdW86.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\System32\drivers\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\bthmodem.sys
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_vdp.sys
\SystemRoot\System32\drivers\btath_rcp.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\System32\drivers\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avnetflt.sys
\??\C:\Windows\system32\Drivers\rikvm_9EC60124.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\ZTEusbnmea.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\ZTEusbser6k.sys
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR6
Upper Device Object: 0xfffffa8007b81060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\000000c1\
Lower Device Object: 0xfffffa8010368b00
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80083ee060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000003b\
Lower Device Object: 0xfffffa8007ccd060
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80083ee060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80083eeb10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80083ee060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007cd1c30, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007ccd060, DeviceName: \Device\0000003b\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 6343AF15
GPT Protective MBR Partition information:
Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
GPT Partition information:
GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 538713171
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid 96f6b44b-5ec1-44ec-aab7-6d25b342151
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128
Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 4205868104
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid 42d9ff31-87e-4961-9ca8-62a1a47d21bd
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128
Partition 0 Type f4019732-66e-4e12-8273-346c5641494f
Partition ID 94094370-1f79-4f87-a7c0-af4316d9e062
FirstLBA 2048 Last LBA 534527
Attributes 1
Partition Name EFI system partition
Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID a386764d-2371-4f3b-8abf-94c3a352f9b
FirstLBA 534528 Last LBA 3553279
Attributes 1
Partition Name Basic data partition
Partition 2 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID e376343e-fae9-44ba-ac5-3beb4b868db
FirstLBA 3553280 Last LBA 4085759
Attributes 0
Partition Name EFI system partition
GPT Partition 2 is bootable
Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID c8bbd19e-ba06-44d7-bd63-137ddec5078
FirstLBA 4085760 Last LBA 4347903
Attributes 0
Partition Name Microsoft reserved partition
Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 3c5ce312-ab04-4dcb-a580-139a28f9e29e
FirstLBA 4347904 Last LBA 1896294399
Attributes 0
Partition Name Basic data partition
Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID b2c6edc8-3e76-4b48-8052-96999b0213
FirstLBA 1896294400 Last LBA 1953523711
Attributes 1
Partition Name Basic data partition
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa8007b81060, DeviceName: \Device\Harddisk1\DR6\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007b82850, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007b81060, DeviceName: \Device\Harddisk1\DR6\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8010368b00, DeviceName: \Device\000000c1\, DriverName: \Driver\USBSTOR\
------------ End ----------
Infected: C:\Users\Georg\AppData\Local\Temp\h0ejz7b.dss --> [Trojan.Agent.ED]
Infected: C:\Users\Georg\Desktop\Verschiedene Dokumente\pcpholasetup.exe --> [Adware.InstallBrain]
Infected: C:\Users\Georg\Desktop\Verschiedene Dokumente\pcpholasetup[1].exe --> [Adware.InstallBrain]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
(c) Malwarebytes Corporation 2011-2012
OS version: 6.2.9200 Windows 8 x64
Account is Administrative
Internet Explorer version: 10.0.9200.16580
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8534646784, free: 6982864896
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
(c) Malwarebytes Corporation 2011-2012
OS version: 6.2.9200 Windows 8 x64
Account is Administrative
Internet Explorer version: 10.0.9200.16580
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8534646784, free: 6729904128
Initializing...
======================
------------ Kernel report ------------
11/11/2013 17:55:37
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\wd.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\SFEP.sys
\SystemRoot\System32\drivers\sows.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\btath_bus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\system32\drivers\AtihdW86.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\system32\DRIVERS\ZTEusbser6k.sys
\SystemRoot\system32\DRIVERS\ZTEusbnmea.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\System32\drivers\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\bthmodem.sys
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_vdp.sys
\SystemRoot\System32\drivers\btath_rcp.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\System32\drivers\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avnetflt.sys
\??\C:\Windows\system32\Drivers\rikvm_9EC60124.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800c50d740
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000052\
Lower Device Object: 0xfffffa800c3d9b00
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8009d82060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000003b\
Lower Device Object: 0xfffffa8007d282b0
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8009d82060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009d82b10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009d82060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa800706c470, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007d282b0, DeviceName: \Device\0000003b\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 6343AF15
GPT Protective MBR Partition information:
Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
GPT Partition information:
GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 538713171
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid 96f6b44b-5ec1-44ec-aab7-6d25b342151
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128
Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 4205868104
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid 42d9ff31-87e-4961-9ca8-62a1a47d21bd
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128
Partition 0 Type f4019732-66e-4e12-8273-346c5641494f
Partition ID 94094370-1f79-4f87-a7c0-af4316d9e062
FirstLBA 2048 Last LBA 534527
Attributes 1
Partition Name EFI system partition
Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID a386764d-2371-4f3b-8abf-94c3a352f9b
FirstLBA 534528 Last LBA 3553279
Attributes 1
Partition Name Basic data partition
Partition 2 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID e376343e-fae9-44ba-ac5-3beb4b868db
FirstLBA 3553280 Last LBA 4085759
Attributes 0
Partition Name EFI system partition
GPT Partition 2 is bootable
Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID c8bbd19e-ba06-44d7-bd63-137ddec5078
FirstLBA 4085760 Last LBA 4347903
Attributes 0
Partition Name Microsoft reserved partition
Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 3c5ce312-ab04-4dcb-a580-139a28f9e29e
FirstLBA 4347904 Last LBA 1896294399
Attributes 0
Partition Name Basic data partition
Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID b2c6edc8-3e76-4b48-8052-96999b0213
FirstLBA 1896294400 Last LBA 1953523711
Attributes 1
Partition Name Basic data partition
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa800c50d740, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800c41f590, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800c50d740, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa800c3d9b00, DeviceName: \Device\00000052\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
(c) Malwarebytes Corporation 2011-2012
OS version: 6.2.9200 Windows 8 x64
Account is Administrative
Internet Explorer version: 10.0.9200.16580
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8534646784, free: 7097307136
Initializing...
======================
------------ Kernel report ------------
11/11/2013 23:23:11
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\wd.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\SFEP.sys
\SystemRoot\System32\drivers\sows.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\btath_bus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\system32\drivers\AtihdW86.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\System32\drivers\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\bthmodem.sys
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_vdp.sys
\SystemRoot\System32\drivers\btath_rcp.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\System32\drivers\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avnetflt.sys
\??\C:\Windows\system32\Drivers\rikvm_9EC60124.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\cdd.dll
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8009d82060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000003b\
Lower Device Object: 0xfffffa8007d282b0
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8009d82060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009d82b10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009d82060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa800706c470, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007d282b0, DeviceName: \Device\0000003b\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 6343AF15
GPT Protective MBR Partition information:
Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
GPT Partition information:
GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 538713171
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid 96f6b44b-5ec1-44ec-aab7-6d25b342151
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128
Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 4205868104
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid 42d9ff31-87e-4961-9ca8-62a1a47d21bd
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128
Partition 0 Type f4019732-66e-4e12-8273-346c5641494f
Partition ID 94094370-1f79-4f87-a7c0-af4316d9e062
FirstLBA 2048 Last LBA 534527
Attributes 1
Partition Name EFI system partition
Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID a386764d-2371-4f3b-8abf-94c3a352f9b
FirstLBA 534528 Last LBA 3553279
Attributes 1
Partition Name Basic data partition
Partition 2 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID e376343e-fae9-44ba-ac5-3beb4b868db
FirstLBA 3553280 Last LBA 4085759
Attributes 0
Partition Name EFI system partition
GPT Partition 2 is bootable
Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID c8bbd19e-ba06-44d7-bd63-137ddec5078
FirstLBA 4085760 Last LBA 4347903
Attributes 0
Partition Name Microsoft reserved partition
Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 3c5ce312-ab04-4dcb-a580-139a28f9e29e
FirstLBA 4347904 Last LBA 1896294399
Attributes 0
Partition Name Basic data partition
Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID b2c6edc8-3e76-4b48-8052-96999b0213
FirstLBA 1896294400 Last LBA 1953523711
Attributes 1
Partition Name Basic data partition
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished Jetzt erkennt er den USB Wireless Stick wieder !! :D Der abgesicherte Modus hat geholfen. |