Scribd Logo
Upload

Welcome to Scribd!

  • Dgdgs

    Uploaded by

    Martynov Medina
    4 views19 pages

    Original Title

    dgdgs.txt

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views19 pages

    Dgdgs

    Uploaded by

    Martynov Medina

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 19

    --------------------------------------Malwarebytes Anti-Rootkit BETA 1.09.3.

    1001
    (c) Malwarebytes Corporation 2011-2012
    OS version: 6.1.7601 Windows 7 Service Pack 1 x64
    Account is Administrative
    Internet Explorer version: 11.0.9600.18426
    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
    CPU speed: 3.200000 GHz
    Memory total: 8522719232, free: 4531204096
    --------------------------------------Malwarebytes Anti-Rootkit BETA 1.09.3.1001
    (c) Malwarebytes Corporation 2011-2012
    OS version: 6.1.7601 Windows 7 Service Pack 1 x64
    Account is Administrative
    Internet Explorer version: 11.0.9600.18426
    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
    CPU speed: 3.200000 GHz
    Memory total: 8522719232, free: 5282820096
    Downloaded database version: v2016.08.23.08
    Downloaded database version: v2016.08.15.01
    Downloaded database version: v2016.08.15.02
    =======================================
    Initializing...
    Driver version: 0.3.0.4
    ------------ Kernel report -----------08/23/2016 23:39:04
    ------------ Loaded modules ----------\SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\system32\DRIVERS\iusb3hcs.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys

    \SystemRoot\system32\drivers\vmbus.sys
    \SystemRoot\system32\drivers\winhv.sys
    \SystemRoot\system32\drivers\atapi.sys
    \SystemRoot\system32\drivers\ataport.SYS
    \SystemRoot\system32\drivers\msahci.sys
    \SystemRoot\system32\drivers\PCIIDEX.SYS
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\System32\Drivers\PxHlpa64.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\vmstorfl.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\drivers\EUBKMON.sys
    \SystemRoot\system32\drivers\eubakup.sys
    \SystemRoot\system32\drivers\disk.sys
    \SystemRoot\system32\drivers\CLASSPNP.SYS
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\DRIVERS\vsdatant.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\VBoxNetAdp6.sys
    \SystemRoot\system32\DRIVERS\VBoxNetLwf.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\serial.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
    \SystemRoot\system32\DRIVERS\VBoxDrv.sys
    \SystemRoot\system32\drivers\termdd.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys

    \SystemRoot\system32\drivers\mssmbios.sys
    \SystemRoot\System32\Drivers\GizmoDrv.SYS
    \??\C:\Windows\system32\drivers\EuFdDisk.sys
    \??\C:\Windows\system32\drivers\eudskacs.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\system32\drivers\csc.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\blbdrive.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\drivers\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\iusb3xhc.sys
    \SystemRoot\system32\DRIVERS\USBD.SYS
    \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
    \SystemRoot\system32\DRIVERS\usbehci.sys
    \SystemRoot\system32\DRIVERS\USBPORT.SYS
    \SystemRoot\system32\DRIVERS\Rt64win7.sys
    \SystemRoot\system32\drivers\i8042prt.sys
    \SystemRoot\system32\DRIVERS\kbdclass.sys
    \SystemRoot\system32\DRIVERS\serenum.sys
    \SystemRoot\system32\DRIVERS\parport.sys
    \SystemRoot\system32\drivers\wmiacpi.sys
    \SystemRoot\system32\DRIVERS\intelppm.sys
    \SystemRoot\system32\DRIVERS\ISCTD64.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\Neo_0090.sys
    \SystemRoot\system32\DRIVERS\rdpbus.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\drivers\serscan.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\drivers\ks.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\DRIVERS\ScpVBus.sys
    \SystemRoot\system32\drivers\umbus.sys
    \SystemRoot\system32\drivers\nvvad64v.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\drivers\nvhda64v.sys
    \SystemRoot\system32\DRIVERS\iusb3hub.sys
    \SystemRoot\system32\drivers\RTKVHD64.sys
    \SystemRoot\system32\DRIVERS\wachidrouter.sys
    \SystemRoot\system32\DRIVERS\hidkmdf.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\system32\DRIVERS\wacomrouterfilter.sys
    \SystemRoot\system32\DRIVERS\hidusb.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys

    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_dumpata.sys
    \SystemRoot\System32\Drivers\dump_msahci.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\system32\drivers\luafv.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\DRIVERS\lirsgt.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \SystemRoot\system32\drivers\spsys.sys
    \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
    \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys
    \SystemRoot\System32\ATMFD.DLL
    \SystemRoot\system32\DRIVERS\asyncmac.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\wininet.dll
    \Windows\System32\urlmon.dll
    \Windows\System32\usp10.dll
    \Windows\System32\imagehlp.dll
    \Windows\System32\gdi32.dll
    \Windows\System32\imm32.dll
    \Windows\System32\ws2_32.dll
    \Windows\System32\difxapi.dll
    \Windows\System32\setupapi.dll
    \Windows\System32\shell32.dll
    \Windows\System32\psapi.dll
    \Windows\System32\Wldap32.dll
    \Windows\System32\shlwapi.dll
    \Windows\System32\msctf.dll
    \Windows\System32\msvcrt.dll
    \Windows\System32\comdlg32.dll
    \Windows\System32\rpcrt4.dll
    \Windows\System32\user32.dll
    \Windows\System32\sechost.dll
    \Windows\System32\normaliz.dll
    \Windows\System32\iertutil.dll
    \Windows\System32\nsi.dll
    \Windows\System32\clbcatq.dll
    \Windows\System32\lpk.dll
    \Windows\System32\kernel32.dll

    \Windows\System32\oleaut32.dll
    \Windows\System32\advapi32.dll
    \Windows\System32\ole32.dll
    \Windows\System32\crypt32.dll
    \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    \Windows\System32\wintrust.dll
    \Windows\System32\KernelBase.dll
    \Windows\System32\cfgmgr32.dll
    \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    \Windows\System32\userenv.dll
    \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
    \Windows\System32\devobj.dll
    \Windows\System32\comctl32.dll
    \Windows\System32\profapi.dll
    \Windows\System32\msasn1.dll
    \Windows\SysWOW64\normaliz.dll
    ----------- End ----------Done!
    Scan started
    Database versions:
    main:
    v2016.08.23.08
    rootkit: v2016.08.15.01
    <<<2>>>
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa80074e6060, DeviceName: \Device\Harddisk0\DR0\,
    DriverName: \Driver\Disk\
    --------- Disk Stack -----DevicePointer: 0xfffffa80074e6b20, DeviceName: Unknown, DriverName: \Driver\part
    mgr\
    DevicePointer: 0xfffffa80074e6060, DeviceName: \Device\Harddisk0\DR0\, DriverNam
    e: \Driver\Disk\
    DevicePointer: 0xfffffa8007219060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, D
    riverName: \Driver\atapi\
    ------------ End ---------Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0x0, 0x0, 0x0
    Lower DeviceData: 0x0, 0x0, 0x0
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096
    bytes
    <<<2>>>
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096
    bytes
    Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
    Done!
    Drive 0
    This is a System drive
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA

    Disk Signature: 69A0C87E


    Partition information:
    Partition
    Partition
    Partition
    Partition
    Partition

    0 type is Primary (0x7)


    is ACTIVE.
    starts at LBA: 206848 Numsec = 591306452
    is bootable
    file system is NTFS

    Partition
    Partition
    Partition
    Partition
    Partition

    1 type is Primary (0x7)


    is NOT ACTIVE.
    starts at LBA: 591529360 Numsec = 1361990705
    is not bootable
    file system is NTFS

    Partition
    Partition
    Partition
    Partition

    2 type
    is NOT
    starts
    is not

    is Empty (0x0)
    ACTIVE.
    at LBA: 0 Numsec = 0
    bootable

    Partition
    Partition
    Partition
    Partition

    3 type
    is NOT
    starts
    is not

    is Empty (0x0)
    ACTIVE.
    at LBA: 0 Numsec = 0
    bootable

    Disk Size: 1000204886016 bytes


    Sector size: 512 bytes
    Done!
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.7C" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-DEFF6472866A22FF51
    800B2E5E6F4E000449A24E.bin.83" is compressed (flags = 1)

    Scan Interrupted
    Scan was aborted.
    =======================================
    Removal queue found; removal started
    Removing C:\ProgramData\Malwarebytes' Anti-Malware
    Removing C:\ProgramData\Malwarebytes' Anti-Malware
    bam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware
    i.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware
    Removal finished
    --------------------------------------Malwarebytes Anti-Rootkit BETA 1.09.3.1001
    (c) Malwarebytes Corporation 2011-2012
    OS version: 6.1.7601 Windows 7 Service Pack 1 x64
    Account is Administrative
    Internet Explorer version: 11.0.9600.18426
    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
    CPU speed: 3.200000 GHz
    Memory total: 8522719232, free: 3488399360
    =======================================
    --------------------------------------Malwarebytes Anti-Rootkit BETA 1.09.3.1001
    (c) Malwarebytes Corporation 2011-2012
    OS version: 6.1.7601 Windows 7 Service Pack 1 x64
    Account is Administrative
    Internet Explorer version: 11.0.9600.18426
    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
    CPU speed: 3.200000 GHz
    Memory total: 8522719232, free: 3461812224
    Downloaded database version: v2016.08.23.09
    Downloaded database version: v2016.08.23.10
    Downloaded database version: v2016.08.23.11
    Downloaded database version: v2016.08.23.12
    Downloaded database version: v2016.08.23.13
    =======================================
    Initializing...
    Driver version: 0.3.0.4
    ------------ Kernel report -----------08/24/2016 09:44:22
    ------------ Loaded modules ----------\SystemRoot\system32\ntoskrnl.exe

    (portable)\MBR-0-i.mbam...
    (portable)\VBR-0-0-206848-i.m
    (portable)\VBR-0-1-591529360(portable)\MBR-0-r.mbam...

    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\system32\DRIVERS\iusb3hcs.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\vmbus.sys
    \SystemRoot\system32\drivers\winhv.sys
    \SystemRoot\system32\drivers\atapi.sys
    \SystemRoot\system32\drivers\ataport.SYS
    \SystemRoot\system32\drivers\msahci.sys
    \SystemRoot\system32\drivers\PCIIDEX.SYS
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\System32\Drivers\PxHlpa64.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\vmstorfl.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\drivers\EUBKMON.sys
    \SystemRoot\system32\drivers\eubakup.sys
    \SystemRoot\system32\drivers\disk.sys
    \SystemRoot\system32\drivers\CLASSPNP.SYS
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS

    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\DRIVERS\vsdatant.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\VBoxNetAdp6.sys
    \SystemRoot\system32\DRIVERS\VBoxNetLwf.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\serial.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
    \SystemRoot\system32\DRIVERS\VBoxDrv.sys
    \SystemRoot\system32\drivers\termdd.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\drivers\mssmbios.sys
    \SystemRoot\System32\Drivers\GizmoDrv.SYS
    \??\C:\Windows\system32\drivers\EuFdDisk.sys
    \??\C:\Windows\system32\drivers\eudskacs.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\system32\drivers\csc.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\blbdrive.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\drivers\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\iusb3xhc.sys
    \SystemRoot\system32\DRIVERS\USBD.SYS
    \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
    \SystemRoot\system32\DRIVERS\usbehci.sys
    \SystemRoot\system32\DRIVERS\USBPORT.SYS
    \SystemRoot\system32\DRIVERS\Rt64win7.sys
    \SystemRoot\system32\drivers\i8042prt.sys
    \SystemRoot\system32\DRIVERS\kbdclass.sys
    \SystemRoot\system32\DRIVERS\serenum.sys
    \SystemRoot\system32\DRIVERS\parport.sys
    \SystemRoot\system32\drivers\wmiacpi.sys
    \SystemRoot\system32\DRIVERS\intelppm.sys
    \SystemRoot\system32\DRIVERS\ISCTD64.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\Neo_0090.sys
    \SystemRoot\system32\DRIVERS\rdpbus.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\drivers\serscan.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\drivers\ks.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\DRIVERS\ScpVBus.sys

    \SystemRoot\system32\drivers\umbus.sys
    \SystemRoot\system32\drivers\nvvad64v.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\drivers\nvhda64v.sys
    \SystemRoot\system32\DRIVERS\iusb3hub.sys
    \SystemRoot\system32\drivers\RTKVHD64.sys
    \SystemRoot\system32\DRIVERS\wachidrouter.sys
    \SystemRoot\system32\DRIVERS\hidkmdf.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\system32\DRIVERS\wacomrouterfilter.sys
    \SystemRoot\system32\DRIVERS\hidusb.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_dumpata.sys
    \SystemRoot\System32\Drivers\dump_msahci.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\system32\drivers\luafv.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\DRIVERS\lirsgt.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
    \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys
    \SystemRoot\System32\ATMFD.DLL
    \SystemRoot\system32\DRIVERS\asyncmac.sys
    \SystemRoot\system32\DRIVERS\avgloga.sys
    \SystemRoot\system32\DRIVERS\avguniva.sys
    \SystemRoot\system32\DRIVERS\avgrkx64.sys
    \SystemRoot\system32\DRIVERS\avgldx64.sys
    \SystemRoot\system32\DRIVERS\avgmfx64.sys
    \SystemRoot\system32\DRIVERS\avgtdia.sys
    \SystemRoot\system32\DRIVERS\avgidsha.sys
    \SystemRoot\system32\DRIVERS\avgidsdrivera.sys
    \SystemRoot\system32\DRIVERS\avgdiska.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll

    \Windows\System32\autochk.exe
    \Windows\System32\wininet.dll
    \Windows\System32\urlmon.dll
    \Windows\System32\usp10.dll
    \Windows\System32\imagehlp.dll
    \Windows\System32\gdi32.dll
    \Windows\System32\imm32.dll
    \Windows\System32\ws2_32.dll
    \Windows\System32\difxapi.dll
    \Windows\System32\setupapi.dll
    \Windows\System32\shell32.dll
    \Windows\System32\psapi.dll
    \Windows\System32\Wldap32.dll
    \Windows\System32\shlwapi.dll
    \Windows\System32\msctf.dll
    \Windows\System32\msvcrt.dll
    \Windows\System32\comdlg32.dll
    \Windows\System32\rpcrt4.dll
    \Windows\System32\user32.dll
    \Windows\System32\sechost.dll
    \Windows\System32\normaliz.dll
    \Windows\System32\iertutil.dll
    \Windows\System32\nsi.dll
    \Windows\System32\clbcatq.dll
    \Windows\System32\lpk.dll
    \Windows\System32\kernel32.dll
    \Windows\System32\oleaut32.dll
    \Windows\System32\advapi32.dll
    \Windows\System32\ole32.dll
    \Windows\System32\crypt32.dll
    \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    \Windows\System32\wintrust.dll
    \Windows\System32\KernelBase.dll
    \Windows\System32\cfgmgr32.dll
    \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    \Windows\System32\userenv.dll
    \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
    \Windows\System32\devobj.dll
    \Windows\System32\comctl32.dll
    \Windows\System32\profapi.dll
    \Windows\System32\msasn1.dll
    \Windows\SysWOW64\normaliz.dll
    ----------- End ----------Done!
    Scan started
    Database versions:
    main:
    v2016.08.23.13
    rootkit: v2016.08.15.01
    <<<2>>>
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa80074e6060, DeviceName: \Device\Harddisk0\DR0\,
    DriverName: \Driver\Disk\
    --------- Disk Stack -----DevicePointer: 0xfffffa80074e6b20, DeviceName: Unknown, DriverName: \Driver\part
    mgr\

    DevicePointer: 0xfffffa80074e6060, DeviceName: \Device\Harddisk0\DR0\, DriverNam


    e: \Driver\Disk\
    DevicePointer: 0xfffffa8007219060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, D
    riverName: \Driver\atapi\
    ------------ End ---------Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0x0, 0x0, 0x0
    Lower DeviceData: 0x0, 0x0, 0x0
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096
    bytes
    <<<2>>>
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096
    bytes
    Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
    Done!
    Drive 0
    This is a System drive
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 69A0C87E
    Partition information:
    Partition
    Partition
    Partition
    Partition
    Partition

    0 type is Primary (0x7)


    is ACTIVE.
    starts at LBA: 206848 Numsec = 591306452
    is bootable
    file system is NTFS

    Partition
    Partition
    Partition
    Partition
    Partition

    1 type is Primary (0x7)


    is NOT ACTIVE.
    starts at LBA: 591529360 Numsec = 1361990705
    is not bootable
    file system is NTFS

    Partition
    Partition
    Partition
    Partition

    2 type
    is NOT
    starts
    is not

    is Empty (0x0)
    ACTIVE.
    at LBA: 0 Numsec = 0
    bootable

    Partition
    Partition
    Partition
    Partition

    3 type
    is NOT
    starts
    is not

    is Empty (0x0)
    ACTIVE.
    at LBA: 0 Numsec = 0
    bootable

    Disk Size: 1000204886016 bytes


    Sector size: 512 bytes
    Done!
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)

    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061


    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.7C" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.83" is compressed (flags = 1)
    File "c:\programdata\avg\av\chjw\26c2f6bbc2f68df5.dat:2a71f21a-6d5b-4e60-8436-19
    529dcdc613" is sparse (flags = 32768)
    File "c:\programdata\avg\av\chjw\26c2f6bbc2f68df5.dat:b7e71166-119e-4d5d-9046-69
    03e5c80a19" is sparse (flags = 32768)
    File "c:\programdata\avg\av\chjw\9cfaf16afaf14156.dat:68a65421-4b83-493b-ae11-fc
    19a9f02d55" is sparse (flags = 32768)
    Scan finished
    =======================================
    Removal queue found; removal started
    Removing C:\ProgramData\Malwarebytes' Anti-Malware
    Removing C:\ProgramData\Malwarebytes' Anti-Malware
    bam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware
    i.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware
    Removal finished
    --------------------------------------Malwarebytes Anti-Rootkit BETA 1.09.3.1001
    (c) Malwarebytes Corporation 2011-2012
    OS version: 6.1.7601 Windows 7 Service Pack 1 x64
    System is currently in a safe mode
    Account is Administrative
    Internet Explorer version: 11.0.9600.18426
    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
    CPU speed: 3.200000 GHz

    (portable)\MBR-0-i.mbam...
    (portable)\VBR-0-0-206848-i.m
    (portable)\VBR-0-1-591529360(portable)\MBR-0-r.mbam...

    Memory total: 8522719232, free: 6340034560


    Downloaded database version: v2016.08.24.01
    Downloaded database version: v2016.08.24.02
    Downloaded database version: v2016.08.24.03
    Downloaded database version: v2016.08.24.04
    Downloaded database version: v2016.08.24.05
    Downloaded database version: v2016.08.24.06
    Downloaded database version: v2016.08.24.07
    Downloaded database version: v2016.08.24.08
    Downloaded database version: v2016.08.24.09
    Downloaded database version: v2016.08.24.10
    =======================================
    Initializing...
    Driver version: 0.3.0.4
    ------------ Kernel report -----------08/25/2016 01:57:35
    ------------ Loaded modules ----------\SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\system32\DRIVERS\iusb3hcs.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\vmbus.sys
    \SystemRoot\system32\drivers\winhv.sys
    \SystemRoot\system32\drivers\atapi.sys
    \SystemRoot\system32\drivers\ataport.SYS
    \SystemRoot\system32\drivers\msahci.sys
    \SystemRoot\system32\drivers\PCIIDEX.SYS
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\System32\Drivers\PxHlpa64.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\vmstorfl.sys
    \SystemRoot\system32\drivers\volsnap.sys

    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\drivers\EUBKMON.sys
    \SystemRoot\system32\drivers\eubakup.sys
    \SystemRoot\system32\drivers\disk.sys
    \SystemRoot\system32\drivers\CLASSPNP.SYS
    \SystemRoot\system32\DRIVERS\avgrkx64.sys
    \SystemRoot\system32\DRIVERS\avgmfx64.sys
    \SystemRoot\system32\DRIVERS\avgidsha.sys
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\DRIVERS\avgtdia.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\system32\DRIVERS\vsdatant.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\VBoxNetAdp6.sys
    \SystemRoot\system32\DRIVERS\VBoxNetLwf.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\drivers\csc.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\drivers\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\iusb3xhc.sys
    \SystemRoot\system32\DRIVERS\USBD.SYS
    \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
    \SystemRoot\system32\DRIVERS\usbehci.sys
    \SystemRoot\system32\DRIVERS\USBPORT.SYS
    \SystemRoot\system32\DRIVERS\Rt64win7.sys
    \SystemRoot\system32\drivers\i8042prt.sys
    \SystemRoot\system32\DRIVERS\kbdclass.sys
    \SystemRoot\system32\drivers\wmiacpi.sys
    \SystemRoot\system32\DRIVERS\ISCTD64.sys
    \SystemRoot\system32\DRIVERS\blbdrive.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\drivers\mssmbios.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\Neo_0090.sys
    \SystemRoot\system32\DRIVERS\rdpbus.sys
    \SystemRoot\system32\drivers\termdd.sys

    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\drivers\ks.sys
    \SystemRoot\system32\DRIVERS\ScpVBus.sys
    \SystemRoot\system32\drivers\umbus.sys
    \SystemRoot\system32\DRIVERS\iusb3hub.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_dumpata.sys
    \SystemRoot\System32\Drivers\dump_msahci.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\System32\drivers\dxg.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\framebuf.dll
    \SystemRoot\system32\DRIVERS\wachidrouter.sys
    \SystemRoot\system32\DRIVERS\hidkmdf.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\hidusb.sys
    \SystemRoot\System32\ATMFD.DLL
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\system32\DRIVERS\wacomrouterfilter.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\setupapi.dll
    \Windows\System32\rpcrt4.dll
    \Windows\System32\iertutil.dll
    \Windows\System32\wininet.dll
    \Windows\System32\ole32.dll
    \Windows\System32\nsi.dll
    \Windows\System32\msvcrt.dll
    \Windows\System32\urlmon.dll
    \Windows\System32\shell32.dll
    \Windows\System32\gdi32.dll
    \Windows\System32\normaliz.dll
    \Windows\System32\advapi32.dll
    \Windows\System32\oleaut32.dll
    \Windows\System32\imagehlp.dll
    \Windows\System32\lpk.dll
    \Windows\System32\kernel32.dll
    \Windows\System32\sechost.dll
    \Windows\System32\usp10.dll
    \Windows\System32\difxapi.dll
    \Windows\System32\psapi.dll
    \Windows\System32\comdlg32.dll
    \Windows\System32\ws2_32.dll

    \Windows\System32\Wldap32.dll
    \Windows\System32\imm32.dll
    \Windows\System32\user32.dll
    \Windows\System32\msctf.dll
    \Windows\System32\clbcatq.dll
    \Windows\System32\shlwapi.dll
    \Windows\System32\userenv.dll
    \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    \Windows\System32\cfgmgr32.dll
    \Windows\System32\crypt32.dll
    \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    \Windows\System32\devobj.dll
    \Windows\System32\KernelBase.dll
    \Windows\System32\comctl32.dll
    \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
    \Windows\System32\wintrust.dll
    \Windows\System32\profapi.dll
    \Windows\System32\msasn1.dll
    \Windows\SysWOW64\normaliz.dll
    ----------- End ----------Done!
    Scan started
    Database versions:
    main:
    v2016.08.24.10
    rootkit: v2016.08.15.01
    <<<2>>>
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa80074cc060, DeviceName: \Device\Harddisk0\DR0\,
    DriverName: \Driver\Disk\
    --------- Disk Stack -----DevicePointer: 0xfffffa800731b8c0, DeviceName: Unknown, DriverName: \Driver\part
    mgr\
    DevicePointer: 0xfffffa80074cc060, DeviceName: \Device\Harddisk0\DR0\, DriverNam
    e: \Driver\Disk\
    DevicePointer: 0xfffffa80071be680, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, D
    riverName: \Driver\atapi\
    ------------ End ---------Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0x0, 0x0, 0x0
    Lower DeviceData: 0x0, 0x0, 0x0
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096
    bytes
    <<<2>>>
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096
    bytes
    Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
    Done!
    Drive 0
    This is a System drive

    Scanning MBR on drive 0...


    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 69A0C87E
    Partition information:
    Partition
    Partition
    Partition
    Partition
    Partition

    0 type is Primary (0x7)


    is ACTIVE.
    starts at LBA: 206848 Numsec = 591306452
    is bootable
    file system is NTFS

    Partition
    Partition
    Partition
    Partition
    Partition

    1 type is Primary (0x7)


    is NOT ACTIVE.
    starts at LBA: 591529360 Numsec = 1361990705
    is not bootable
    file system is NTFS

    Partition
    Partition
    Partition
    Partition

    2 type
    is NOT
    starts
    is not

    is Empty (0x0)
    ACTIVE.
    at LBA: 0 Numsec = 0
    bootable

    Partition
    Partition
    Partition
    Partition

    3 type
    is NOT
    starts
    is not

    is Empty (0x0)
    ACTIVE.
    at LBA: 0 Numsec = 0
    bootable

    Disk Size: 1000204886016 bytes


    Sector size: 512 bytes
    Done!
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.79" is compressed (flags = 1)
    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061

    5BB7D1ECBE6A7A73E040C6.bin.7C" is compressed (flags = 1)


    File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BACB7589496392C061
    5BB7D1ECBE6A7A73E040C6.bin.83" is compressed (flags = 1)
    Scan finished
    =======================================
    Removal queue found; removal started
    Removing C:\ProgramData\Malwarebytes'
    Removing C:\ProgramData\Malwarebytes'
    bam...
    Removing C:\ProgramData\Malwarebytes'
    i.mbam...
    Removing C:\ProgramData\Malwarebytes'
    Removal finished

    Anti-Malware (portable)\MBR-0-i.mbam...
    Anti-Malware (portable)\VBR-0-0-206848-i.m
    Anti-Malware (portable)\VBR-0-1-591529360Anti-Malware (portable)\MBR-0-r.mbam...

    You might also like