ÿþ--------------------------------------- Malwarebytes Anti-Rootkit BETA 1.10.3.1001 (c) Malwarebytes Corporation 2011-2012 OS version: 10.0.9200 Windows 10 x64 Account is Administrative Internet Explorer version: 11.726.15063.0 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, J:\ DRIVE_FIXED, L:\ DRIVE_FIXED, Q:\ DRIVE_FIXED CPU speed: 1.397000 GHz Memory total: 3837509632, free: 802594816 --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.10.3.1001 (c) Malwarebytes Corporation 2011-2012 OS version: 10.0.9200 Windows 10 x64 Account is Administrative Internet Explorer version: 11.726.15063.0 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, J:\ DRIVE_FIXED, L:\ DRIVE_FIXED, Q:\ DRIVE_FIXED CPU speed: 1.397000 GHz Memory total: 3837509632, free: 803610624 Downloaded database version: v2017.11.19.04 ======================================= Initializing... Driver version: 4.3.0.15 ------------ Kernel report ------------ 11/19/2017 19:34:59 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_AuthenticAMD.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\System32\drivers\ksecdd.sys \SystemRoot\System32\drivers\werkernel.sys \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\System32\drivers\FLTMGR.SYS \SystemRoot\System32\drivers\clipsp.sys \SystemRoot\System32\drivers\cmimcext.sys \SystemRoot\System32\drivers\ntosext.sys \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\cng.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\SleepStudyHelper.sys \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\drivers\intelpep.sys \SystemRoot\system32\drivers\WindowsTrustedRT.sys \SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\system32\drivers\CEA.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\storahci.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\system32\drivers\DKDFM.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Wof.sys \SystemRoot\system32\drivers\WdFilter.sys \SystemRoot\system32\drivers\DKTLFSMF.sys \SystemRoot\System32\Drivers\NTFS.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\System32\drivers\wfplwfs.sys \SystemRoot\system32\drivers\ignis.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\volume.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\system32\drivers\iorate.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\system32\drivers\filecrypt.sys \SystemRoot\system32\drivers\tbs.sys \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\vmbkmclr.sys \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\drivers\vwififlt.sys \SystemRoot\System32\drivers\pacer.sys \SystemRoot\system32\drivers\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \??\C:\WINDOWS\System32\drivers\zamguard64.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\drivers\gpuenergydrv.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\ahcache.sys \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys \SystemRoot\System32\drivers\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\atikmpag.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\System32\drivers\usbohci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\System32\drivers\portcls.sys \SystemRoot\System32\drivers\drmk.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\L1C63x64.sys \SystemRoot\System32\drivers\amdppm.sys \SystemRoot\System32\drivers\NdisVirtualBus.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\CLVirtualBus01.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\system32\DRIVERS\clwvdVM.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\drivers\clvad.sys \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\USBD.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\system32\Drivers\RtsUer.sys \SystemRoot\System32\drivers\USBSTOR.SYS \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\drivers\kbdhid.sys \SystemRoot\system32\DRIVERS\KeyCrypt64.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\System32\drivers\mouhid.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\system32\DRIVERS\ZTEusbvoice.sys \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys \SystemRoot\system32\drivers\modem.sys \SystemRoot\System32\drivers\ZTEusbnet.sys \SystemRoot\System32\drivers\wdcsam64.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\win32kfull.sys \SystemRoot\System32\win32kbase.sys \SystemRoot\system32\DRIVERS\udfs.sys \SystemRoot\system32\DRIVERS\cdfs.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\dxgmms2.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\System32\drivers\monitor.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_storahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\drivers\wcifs.sys \SystemRoot\system32\drivers\storqosflt.sys \??\C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\IFS64.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\System32\drivers\registry.sys \SystemRoot\system32\DRIVERS\dokan.sys \SystemRoot\system32\drivers\lltdio.sys \SystemRoot\system32\drivers\mslldp.sys \SystemRoot\system32\drivers\rspndr.sys \SystemRoot\System32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\ndisuio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \??\C:\WINDOWS\System32\amwrtdrv.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\system32\drivers\mmcss.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\system32\Drivers\WdNisDrv.sys \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0FD9F059-5B9C-4803-ACD7-DF09CE539702}\MpKsl69fbe511.sys \??\C:\Windows\System32\drivers\TrueSight.sys \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys \??\C:\WINDOWS\system32\drivers\B51221F5.sys ----------- End ----------- Done! Scan started Database versions: main: v2017.11.19.04 rootkit: v2017.10.14.01 --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.10.3.1001 (c) Malwarebytes Corporation 2011-2012 OS version: 10.0.9200 Windows 10 x64 Account is Administrative Internet Explorer version: 11.726.15063.0 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 1.397000 GHz Memory total: 3837509632, free: 1262592000 Downloaded database version: v2017.11.19.05 ======================================= Initializing... Driver version: 4.3.0.15 ------------ Kernel report ------------ 11/20/2017 06:13:13 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_AuthenticAMD.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\System32\drivers\ksecdd.sys \SystemRoot\System32\drivers\werkernel.sys \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\System32\drivers\FLTMGR.SYS \SystemRoot\System32\drivers\clipsp.sys \SystemRoot\System32\drivers\cmimcext.sys \SystemRoot\System32\drivers\ntosext.sys \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\cng.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\SleepStudyHelper.sys \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\drivers\intelpep.sys \SystemRoot\system32\drivers\WindowsTrustedRT.sys \SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\system32\drivers\CEA.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\storahci.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\system32\drivers\DKDFM.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Wof.sys \SystemRoot\system32\drivers\WdFilter.sys \SystemRoot\system32\drivers\DKTLFSMF.sys \SystemRoot\System32\Drivers\NTFS.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\System32\drivers\wfplwfs.sys \SystemRoot\system32\drivers\ignis.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\volume.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\system32\drivers\iorate.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\system32\drivers\filecrypt.sys \SystemRoot\system32\drivers\tbs.sys \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\vmbkmclr.sys \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\drivers\vwififlt.sys \SystemRoot\System32\drivers\pacer.sys \SystemRoot\system32\drivers\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \??\C:\WINDOWS\System32\drivers\zamguard64.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0FD9F059-5B9C-4803-ACD7-DF09CE539702}\MpKsl69fbe511.sys \SystemRoot\System32\drivers\gpuenergydrv.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\ahcache.sys \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys \SystemRoot\System32\drivers\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\atikmpag.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\System32\drivers\usbohci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\System32\drivers\portcls.sys \SystemRoot\System32\drivers\drmk.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\L1C63x64.sys \SystemRoot\System32\drivers\amdppm.sys \SystemRoot\System32\drivers\NdisVirtualBus.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\CLVirtualBus01.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\system32\DRIVERS\clwvdVM.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\drivers\clvad.sys \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\USBD.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\system32\Drivers\RtsUer.sys \SystemRoot\System32\drivers\USBSTOR.SYS \SystemRoot\System32\drivers\mouhid.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\System32\drivers\kbdhid.sys \SystemRoot\system32\DRIVERS\KeyCrypt64.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\system32\DRIVERS\ZTEusbvoice.sys \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys \SystemRoot\system32\drivers\modem.sys \SystemRoot\System32\drivers\ZTEusbnet.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\win32kfull.sys \SystemRoot\System32\win32kbase.sys \SystemRoot\system32\DRIVERS\udfs.sys \SystemRoot\system32\DRIVERS\cdfs.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\dxgmms2.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\System32\drivers\monitor.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_storahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\drivers\wcifs.sys \SystemRoot\system32\drivers\storqosflt.sys \??\C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\IFS64.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\WUDFRd.sys \SystemRoot\System32\drivers\WpdUpFltr.sys \SystemRoot\System32\drivers\registry.sys \SystemRoot\system32\DRIVERS\dokan.sys \SystemRoot\system32\drivers\lltdio.sys \SystemRoot\system32\drivers\mslldp.sys \SystemRoot\system32\drivers\rspndr.sys \SystemRoot\System32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\ndisuio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \??\C:\WINDOWS\System32\amwrtdrv.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\system32\drivers\mmcss.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\system32\Drivers\WdNisDrv.sys \SystemRoot\System32\drivers\condrv.sys \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0FD9F059-5B9C-4803-ACD7-DF09CE539702}\MpKsl2127a20c.sys \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys \??\C:\WINDOWS\system32\drivers\B51221F5.sys ----------- End ----------- Done! Scan started Database versions: main: v2017.11.19.05 rootkit: v2017.10.14.01 <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffb48fd8dbb370, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffb48fd8dba6f0, DeviceName: Unknown, DriverName: \Driver\DKDFM\ DevicePointer: 0xffffb48fd8dba040, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffb48fd8dbb370, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xffffb48fd8b9e060, DeviceName: \Device\00000027\, DriverName: \Driver\storahci\ ------------ End ---------- Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... Done! Drive 0 This is a System drive Scanning MBR on drive 0... Inspecting partition table: This drive is a GPT Drive. MBR Signature: 55AA Disk Signature: 8CF19791 GPT Protective MBR Partition information: Partition 0 type is EFI-GPT (0xee) Partition is NOT ACTIVE. Partition starts at LBA: 1 Numsec = 4294967295 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 GPT Partition information: GPT Header Signature 4546492050415254 GPT Header Revision 65536 Size 92 CRC 1759639809 GPT Header CurrentLba = 1 BackupLba 1953525167 GPT Header FirstUsableLba 34 LastUsableLba 1953525134 GPT Header Guid ee24147a-735b-43ac-bf98-a1ef4708ab1 GPT Header Contains 128 partition entries starting at LBA 2 GPT Header Partition entry size = 128 Backup GPT header Signature 4546492050415254 Backup GPT header Revision 65536 Size 92 CRC 0 Backup GPT header CurrentLba = 1953525167 BackupLba 1 Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134 Backup GPT header Guid ee24147a-735b-43ac-bf98-a1ef4708ab1 Backup GPT header Contains 128 partition entries starting at LBA 1953525135 Backup GPT header Partition entry size = 128 Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b Partition ID 5012f85-e811-4f41-9aae-9e281ee4eb4 FirstLBA 2048 Last LBA 739327 Attributes 0 Partition Name EFI system partition GPT Partition 0 is bootable Partition 1 Type e3c9e316-b5c-4db8-817d-f92df0215ae Partition ID d1f42923-8314-4eea-b074-8f2b98afec80 FirstLBA 739328 Last LBA 1001471 Attributes 0 Partition Name Microsoft reserved partition Partition 2 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID f025a42a-ca17-4ad9-8d14-f2cda1bc48f FirstLBA 1001472 Last LBA 1922711668 Attributes 0 Partition Name Basic data partition Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID b24eb195-2710-0-539-4c72b9f956a2 FirstLBA 1922711792 Last LBA 1950130042 Attributes 0 Partition Name Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID e855ea41-1b87-475e-805d-fa416ab4b287 FirstLBA 1950130176 Last LBA 1951899647 Attributes 1 Partition Name Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 4132f69e-9693-4c0b-9cf0-bb86f4f833d2 FirstLBA 1951901696 Last LBA 1953523711 Attributes 0 Partition Name Basic data partition Disk Size: 1000204886016 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xffffb48fd9e66690, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffb48fd9e64760, DeviceName: Unknown, DriverName: \Driver\DKDFM\ DevicePointer: 0xffffb48fd9e64040, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffb48fd9e66690, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ DevicePointer: 0xffffb48fd9e66060, DeviceName: \Device\0000004a\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: AE420040 Partition information: Partition 0 type is Other (0xc) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 30266397 Partition is not bootable Partition file system is FAT32 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Disk Size: 15502147584 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 2, DevicePointer: 0xffffb48fda53c060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffb48fda4ed760, DeviceName: Unknown, DriverName: \Driver\DKDFM\ DevicePointer: 0xffffb48fda4eb040, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffb48fda53c060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ DevicePointer: 0xffffb48fda5213f0, DeviceName: \Device\0000004b\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 2 Scanning MBR on drive 2... Inspecting partition table: MBR Signature: 55AA Disk Signature: 25C8BCC2 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 32 Numsec = 62980064 Partition is bootable Partition file system is NTFS Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Disk Size: 32245809152 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 3, DevicePointer: 0xffffb48fda51b690, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffb48fda51d760, DeviceName: Unknown, DriverName: \Driver\DKDFM\ DevicePointer: 0xffffb48fda5209f0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffb48fda51b690, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\ DevicePointer: 0xffffb48fd9eff470, DeviceName: \Device\0000004c\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 3 Scanning MBR on drive 3... Inspecting partition table: MBR Signature: 55AA Disk Signature: 6A42D688 Partition information: Partition 0 type is Other (0xc) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 31276507 Partition is not bootable Partition file system is FAT32 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Disk Size: 16025387008 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 6, DevicePointer: 0xffffb48fda3cf060, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffb48fda3cd040, DeviceName: Unknown, DriverName: \Driver\DKDFM\ DevicePointer: 0xffffb48fda3d0520, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffb48fda3cf060, DeviceName: \Device\Harddisk6\DR6\, DriverName: \Driver\Disk\ DevicePointer: 0xffffb48fda514060, DeviceName: \Device\00000059\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 6 Scanning MBR on drive 6... Inspecting partition table: MBR Signature: 55AA Disk Signature: 621DC43 Partition information: Partition 0 type is Other (0xc) Partition is NOT ACTIVE. Partition starts at LBA: 8192 Numsec = 60743680 Partition is not bootable Partition file system is FAT32 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Disk Size: 31104958464 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 8, DevicePointer: 0xffffb48fdb18a060, DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffb48fdabf7040, DeviceName: Unknown, DriverName: \Driver\DKDFM\ DevicePointer: 0xffffb48fdabf8040, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffb48fdb18a060, DeviceName: \Device\Harddisk8\DR8\, DriverName: \Driver\Disk\ DevicePointer: 0xffffb48fdabedb10, DeviceName: \Device\0000005e\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 8 Scanning MBR on drive 8... Inspecting partition table: This drive is a GPT Drive. MBR Signature: 55AA Disk Signature: 0 GPT Protective MBR Partition information: Partition 0 type is EFI-GPT (0xee) Partition is NOT ACTIVE. Partition starts at LBA: 1 Numsec = 4294967295 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 GPT Partition information: GPT Header Signature 4546492050415254 GPT Header Revision 65536 Size 92 CRC 2035558326 GPT Header CurrentLba = 1 BackupLba 250609663 GPT Header FirstUsableLba 34 LastUsableLba 250609630 GPT Header Guid 42001d1e-ffdb-4408-afde-c5e322b2e065 GPT Header Contains 128 partition entries starting at LBA 2 GPT Header Partition entry size = 128 Backup GPT header Signature 4546492050415254 Backup GPT header Revision 65536 Size 92 CRC 2035558326 Backup GPT header CurrentLba = 250609663 BackupLba 1 Backup GPT header FirstUsableLba 34 LastUsableLba 250609630 Backup GPT header Guid 42001d1e-ffdb-4408-afde-c5e322b2e065 Backup GPT header Contains 128 partition entries starting at LBA 250609631 Backup GPT header Partition entry size = 128 Partition 0 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID 43c2c2f4-3970-4b80-bc5e-1c21c9fbc22 FirstLBA 2048 Last LBA 250609630 Attributes 0 Partition Name Microsoft Basic Data Disk Size: 128312147968 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 9, DevicePointer: 0xffffb48fdb269060, DeviceName: \Device\Harddisk9\DR9\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffb48fdb26c040, DeviceName: Unknown, DriverName: \Driver\DKDFM\ DevicePointer: 0xffffb48fdabb2040, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffb48fdb269060, DeviceName: \Device\Harddisk9\DR9\, DriverName: \Driver\Disk\ DevicePointer: 0xffffb48fdb267b10, DeviceName: \Device\00000062\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 9 Scanning MBR on drive 9... Inspecting partition table: MBR Signature: 55AA Disk Signature: 21105EF1 Partition information: Partition 0 type is Other (0xc) Partition is ACTIVE. Partition starts at LBA: 8192 Numsec = 62932991 Partition is not bootable Partition file system is FAT32 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Disk Size: 32227983360 bytes Sector size: 512 bytes Done! File "C:\Users\jean-\AppData\Local\Comms\UnistoreDB\store.vol" is sparse (flags = 32768) File "C:\ProgramData\Microsoft\Network\Downloader\qmgr.db" is sparse (flags = 32768) Scan finished ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-63-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-32-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-3-0-2048-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-6-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-6-0-8192-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-6-r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-8-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-8-r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-9-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-9-0-8192-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-9-r.mbam... Removal finished