--------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1007 (c) Malwarebytes Corporation 2011-2012 OS version: 5.1.2600 Windows XP Service Pack 3 x86 Account is Administrative Internet Explorer version: 6.0.2900.5512 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, J:\ DRIVE_FIXED CPU speed: 1.670000 GHz Memory total: 804769792, free: 272703488 Downloaded database version: v2013.11.08.07 Downloaded database version: v2013.10.11.02 ======================================= Initializing... ------------ Kernel report ------------ 11/08/2013 20:05:42 ------------ Loaded modules ----------- \WINDOWS\system32\ntoskrnl.exe \WINDOWS\system32\hal.dll \WINDOWS\system32\KDCOM.DLL \WINDOWS\system32\BOOTVID.dll sptd.sys ACPI.sys \WINDOWS\System32\DRIVERS\WMILIB.SYS pci.sys ohci1394.sys \WINDOWS\System32\DRIVERS\1394BUS.SYS isapnp.sys pciide.sys \WINDOWS\System32\DRIVERS\PCIIDEX.SYS MountMgr.sys ftdisk.sys dmload.sys dmio.sys PartMgr.sys VolSnap.sys atapi.sys nvatabus.sys SI3112r.sys \WINDOWS\System32\DRIVERS\SCSIPORT.SYS disk.sys \WINDOWS\System32\DRIVERS\CLASSPNP.SYS fltmgr.sys sr.sys SiWinAcc.sys PxHelp20.sys KSecDD.sys WudfPf.sys Ntfs.sys NDIS.sys nv_agp.sys Mup.sys \SystemRoot\System32\DRIVERS\nic1394.sys \SystemRoot\System32\DRIVERS\amdk7.sys \SystemRoot\System32\DRIVERS\usbohci.sys \SystemRoot\System32\DRIVERS\USBPORT.SYS \SystemRoot\System32\DRIVERS\usbehci.sys \SystemRoot\system32\drivers\cmuda.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\System32\DRIVERS\R8139n51.SYS \SystemRoot\System32\Drivers\ASAPIW2K.sys \SystemRoot\system32\drivers\pfc.sys \SystemRoot\System32\DRIVERS\cdrom.sys \SystemRoot\System32\DRIVERS\redbook.sys \SystemRoot\System32\Drivers\GEARAspiWDM.sys \SystemRoot\System32\DRIVERS\imapi.sys \SystemRoot\System32\DRIVERS\nv4_mini.sys \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS \SystemRoot\System32\DRIVERS\fdc.sys \SystemRoot\System32\DRIVERS\serial.sys \SystemRoot\System32\DRIVERS\serenum.sys \SystemRoot\System32\DRIVERS\parport.sys \SystemRoot\System32\DRIVERS\i8042prt.sys \SystemRoot\System32\DRIVERS\kbdclass.sys \SystemRoot\System32\DRIVERS\gameenum.sys \SystemRoot\system32\drivers\msmpu401.sys \SystemRoot\System32\DRIVERS\audstub.sys \SystemRoot\System32\Drivers\RootMdm.sys \SystemRoot\System32\Drivers\Modem.SYS \SystemRoot\System32\DRIVERS\rasirda.sys \SystemRoot\System32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\rasl2tp.sys \SystemRoot\System32\DRIVERS\ndistapi.sys \SystemRoot\System32\DRIVERS\ndiswan.sys \SystemRoot\System32\DRIVERS\raspppoe.sys \SystemRoot\System32\DRIVERS\raspptp.sys \SystemRoot\System32\DRIVERS\psched.sys \SystemRoot\System32\DRIVERS\msgpc.sys \SystemRoot\System32\DRIVERS\ptilink.sys \SystemRoot\System32\DRIVERS\raspti.sys \SystemRoot\System32\DRIVERS\rdpdr.sys \SystemRoot\System32\DRIVERS\termdd.sys \SystemRoot\System32\DRIVERS\mouclass.sys \SystemRoot\System32\DRIVERS\swenum.sys \SystemRoot\System32\DRIVERS\update.sys \SystemRoot\System32\DRIVERS\mssmbios.sys \SystemRoot\System32\DRIVERS\usbhub.sys \SystemRoot\System32\DRIVERS\USBD.SYS \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\System32\Drivers\Fs_Rec.SYS \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\DRIVERS\HIDPARSE.SYS \SystemRoot\System32\DRIVERS\Amfilter.sys \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\Drivers\mnmdd.SYS \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\DRIVERS\rasacd.sys \SystemRoot\system32\DRIVERS\ipsec.sys \SystemRoot\System32\DRIVERS\tcpip.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\System32\drivers\ws2ifsl.sys \SystemRoot\System32\drivers\afd.sys \SystemRoot\System32\DRIVERS\netbios.sys \SystemRoot\System32\DRIVERS\rdbss.sys \??\C:\WINDOWS\system32\drivers\pclepci.sys \SystemRoot\System32\DRIVERS\mrxsmb.sys \SystemRoot\System32\Drivers\Fips.SYS \SystemRoot\System32\DRIVERS\ipnat.sys \SystemRoot\System32\DRIVERS\wanarp.sys \SystemRoot\System32\DRIVERS\arp1394.sys \SystemRoot\System32\DRIVERS\hidusb.sys \SystemRoot\System32\DRIVERS\HIDCLASS.SYS \SystemRoot\System32\DRIVERS\usbccgp.sys \SystemRoot\System32\DRIVERS\mouhid.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\System32\Drivers\Cdfs.SYS \SystemRoot\System32\Drivers\dump_nvatabus.sys \SystemRoot\System32\Drivers\dump_WMILIB.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\watchdog.sys \SystemRoot\System32\drivers\dxg.sys \SystemRoot\System32\drivers\dxgthk.sys \SystemRoot\System32\nv4_disp.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\System32\DRIVERS\irda.sys \SystemRoot\System32\DRIVERS\ndisuio.sys \SystemRoot\system32\drivers\wdmaud.sys \SystemRoot\system32\drivers\sysaudio.sys \SystemRoot\System32\Drivers\ParVdm.SYS \SystemRoot\System32\DRIVERS\srv.sys \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys \WINDOWS\system32\ntdll.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xffffffff83f578a0 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000070\ Lower Device Object: 0xffffffff83eea030 Lower Device Driver Name: \Driver\nvatabus\ IRP handler 0 of \Driver\nvatabus points to an unknown module Unhooking enabled. <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xffffffff83f578a0 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000070\ Lower Device Object: 0xffffffff83eea030 Lower Device Driver Name: \Driver\nvatabus\ Driver name found: nvatabus Initialization returned 0x0 Load Function returned 0x0 <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xffffffff83f57030 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000006f\ Lower Device Object: 0xffffffff83eeb8c0 Lower Device Driver Name: \Driver\nvatabus\ Driver name found: nvatabus <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffffff83f57030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff83f57e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff83f57030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff83eea7a8, DeviceName: \Device\00000073\, DriverName: \Driver\ACPI\ DevicePointer: 0xffffffff83eeb8c0, DeviceName: \Device\0000006f\, DriverName: \Driver\nvatabus\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0xffffffffe39c84b8, 0xffffffff83f57030, 0xffffffff8368dab8 Lower DeviceData: 0xffffffffe3ac5f00, 0xffffffff83eeb8c0, 0xffffffff8376d630 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes The directory C:\WINDOWS\SYSTEM32\drivers seems inaccessible or encrypted. Drivers scan is aborted. Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 12061205 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 39230667 Partition file system is NTFS Partition is bootable Partition 1 type is Extended with CSH (0x5) Partition is NOT ACTIVE. Partition starts at LBA: 39230730 Numsec = 195205815 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 120034123776 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-234421648-234441648)... Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xffffffff83f578a0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff83f57678, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff83f578a0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff83eea030, DeviceName: \Device\00000070\, DriverName: \Driver\nvatabus\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ Upper DeviceData: 0xffffffffe1dd1350, 0xffffffff83f578a0, 0xffffffff83a95040 Lower DeviceData: 0xffffffffe1cf7728, 0xffffffff83eea030, 0xffffffff83ab3cd8 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: 9CC3290D Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 41945652 Partition file system is NTFS Partition is not bootable Partition 1 type is Extended with CSH (0x5) Partition is NOT ACTIVE. Partition starts at LBA: 41945715 Numsec = 114350670 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 80026361856 bytes Sector size: 512 bytes Done! Infected: HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify --> [PUM.Disabled.SecurityCenter] Infected: HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify --> [PUM.Disabled.SecurityCenter] Scan finished ======================================= Removal queue found; removal started Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam... Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_63_i.mbam... Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam... Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam... Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\Bootstrap_1_0_63_i.mbam... Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam... Removal finished --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1007 (c) Malwarebytes Corporation 2011-2012 OS version: 5.1.2600 Windows XP Service Pack 3 x86 Account is Administrative Internet Explorer version: 6.0.2900.5512 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, J:\ DRIVE_FIXED CPU speed: 1.670000 GHz Memory total: 804769792, free: 237711360 ======================================= Initializing... ------------ Kernel report ------------ 11/08/2013 20:18:36 ------------ Loaded modules ----------- \WINDOWS\system32\ntoskrnl.exe \WINDOWS\system32\hal.dll \WINDOWS\system32\KDCOM.DLL \WINDOWS\system32\BOOTVID.dll sptd.sys ACPI.sys \WINDOWS\System32\DRIVERS\WMILIB.SYS pci.sys ohci1394.sys \WINDOWS\System32\DRIVERS\1394BUS.SYS isapnp.sys pciide.sys \WINDOWS\System32\DRIVERS\PCIIDEX.SYS MountMgr.sys ftdisk.sys dmload.sys dmio.sys PartMgr.sys VolSnap.sys atapi.sys nvatabus.sys SI3112r.sys \WINDOWS\System32\DRIVERS\SCSIPORT.SYS disk.sys \WINDOWS\System32\DRIVERS\CLASSPNP.SYS fltmgr.sys sr.sys SiWinAcc.sys PxHelp20.sys KSecDD.sys WudfPf.sys Ntfs.sys NDIS.sys nv_agp.sys Mup.sys \SystemRoot\System32\DRIVERS\nic1394.sys \SystemRoot\System32\DRIVERS\amdk7.sys \SystemRoot\System32\DRIVERS\usbohci.sys \SystemRoot\System32\DRIVERS\USBPORT.SYS \SystemRoot\System32\DRIVERS\usbehci.sys \SystemRoot\system32\drivers\cmuda.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\System32\DRIVERS\R8139n51.SYS \SystemRoot\System32\Drivers\ASAPIW2K.sys \SystemRoot\system32\drivers\pfc.sys \SystemRoot\System32\DRIVERS\cdrom.sys \SystemRoot\System32\DRIVERS\redbook.sys \SystemRoot\System32\Drivers\GEARAspiWDM.sys \SystemRoot\System32\DRIVERS\imapi.sys \SystemRoot\System32\DRIVERS\nv4_mini.sys \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS \SystemRoot\System32\DRIVERS\fdc.sys \SystemRoot\System32\DRIVERS\serial.sys \SystemRoot\System32\DRIVERS\serenum.sys \SystemRoot\System32\DRIVERS\parport.sys \SystemRoot\System32\DRIVERS\i8042prt.sys \SystemRoot\System32\DRIVERS\kbdclass.sys \SystemRoot\System32\DRIVERS\gameenum.sys \SystemRoot\system32\drivers\msmpu401.sys \SystemRoot\System32\DRIVERS\audstub.sys \SystemRoot\System32\Drivers\RootMdm.sys \SystemRoot\System32\Drivers\Modem.SYS \SystemRoot\System32\DRIVERS\rasirda.sys \SystemRoot\System32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\rasl2tp.sys \SystemRoot\System32\DRIVERS\ndistapi.sys \SystemRoot\System32\DRIVERS\ndiswan.sys \SystemRoot\System32\DRIVERS\raspppoe.sys \SystemRoot\System32\DRIVERS\raspptp.sys \SystemRoot\System32\DRIVERS\psched.sys \SystemRoot\System32\DRIVERS\msgpc.sys \SystemRoot\System32\DRIVERS\ptilink.sys \SystemRoot\System32\DRIVERS\raspti.sys \SystemRoot\System32\DRIVERS\rdpdr.sys \SystemRoot\System32\DRIVERS\termdd.sys \SystemRoot\System32\DRIVERS\mouclass.sys \SystemRoot\System32\DRIVERS\swenum.sys \SystemRoot\System32\DRIVERS\update.sys \SystemRoot\System32\DRIVERS\mssmbios.sys \SystemRoot\System32\DRIVERS\usbhub.sys \SystemRoot\System32\DRIVERS\USBD.SYS \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\System32\Drivers\Fs_Rec.SYS \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\DRIVERS\HIDPARSE.SYS \SystemRoot\System32\DRIVERS\Amfilter.sys \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\Drivers\mnmdd.SYS \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\DRIVERS\rasacd.sys \SystemRoot\system32\DRIVERS\ipsec.sys \SystemRoot\System32\DRIVERS\tcpip.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\System32\drivers\ws2ifsl.sys \SystemRoot\System32\drivers\afd.sys \SystemRoot\System32\DRIVERS\netbios.sys \SystemRoot\System32\DRIVERS\rdbss.sys \??\C:\WINDOWS\system32\drivers\pclepci.sys \SystemRoot\System32\DRIVERS\mrxsmb.sys \SystemRoot\System32\Drivers\Fips.SYS \SystemRoot\System32\DRIVERS\ipnat.sys \SystemRoot\System32\DRIVERS\wanarp.sys \SystemRoot\System32\DRIVERS\arp1394.sys \SystemRoot\System32\DRIVERS\hidusb.sys \SystemRoot\System32\DRIVERS\HIDCLASS.SYS \SystemRoot\System32\DRIVERS\usbccgp.sys \SystemRoot\System32\DRIVERS\mouhid.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\System32\Drivers\Cdfs.SYS \SystemRoot\System32\Drivers\dump_nvatabus.sys \SystemRoot\System32\Drivers\dump_WMILIB.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\watchdog.sys \SystemRoot\System32\drivers\dxg.sys \SystemRoot\System32\drivers\dxgthk.sys \SystemRoot\System32\nv4_disp.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\System32\DRIVERS\irda.sys \SystemRoot\System32\DRIVERS\ndisuio.sys \SystemRoot\system32\drivers\wdmaud.sys \SystemRoot\system32\drivers\sysaudio.sys \SystemRoot\System32\Drivers\ParVdm.SYS \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\kmixer.sys \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys \WINDOWS\system32\ntdll.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xffffffff83f578a0 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000070\ Lower Device Object: 0xffffffff83eea030 Lower Device Driver Name: \Driver\nvatabus\ IRP handler 0 of \Driver\nvatabus points to an unknown module Unhooking enabled. <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xffffffff83f578a0 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000070\ Lower Device Object: 0xffffffff83eea030 Lower Device Driver Name: \Driver\nvatabus\ Device already Exists: 0xffffffff83ab3cd8 <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xffffffff83f57030 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000006f\ Lower Device Object: 0xffffffff83eeb8c0 Lower Device Driver Name: \Driver\nvatabus\ Device already Exists: 0xffffffff8376d630 <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffffff83f57030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff83f57e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff83f57030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff83eea7a8, DeviceName: \Device\00000073\, DriverName: \Driver\ACPI\ DevicePointer: 0xffffffff83eeb8c0, DeviceName: \Device\0000006f\, DriverName: \Driver\nvatabus\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0xffffffffe1974150, 0xffffffff83f57030, 0xffffffff8368dab8 Lower DeviceData: 0xffffffffe412c7e8, 0xffffffff83eeb8c0, 0xffffffff8376d630 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes The directory C:\WINDOWS\SYSTEM32\drivers seems inaccessible or encrypted. Drivers scan is aborted. Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 12061205 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 39230667 Partition file system is NTFS Partition is bootable Partition 1 type is Extended with CSH (0x5) Partition is NOT ACTIVE. Partition starts at LBA: 39230730 Numsec = 195205815 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 120034123776 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-234421648-234441648)... Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xffffffff83f578a0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffffff83f57678, DeviceName: Unknown, DriverName: \Driver\PartMgr\ DevicePointer: 0xffffffff83f578a0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ DevicePointer: 0xffffffff83eea030, DeviceName: \Device\00000070\, DriverName: \Driver\nvatabus\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ Upper DeviceData: 0xffffffffe183f1c8, 0xffffffff83f578a0, 0xffffffff83a95040 Lower DeviceData: 0xffffffffe1d49448, 0xffffffff83eea030, 0xffffffff83ab3cd8 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: 9CC3290D Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 41945652 Partition file system is NTFS Partition is not bootable Partition 1 type is Extended with CSH (0x5) Partition is NOT ACTIVE. Partition starts at LBA: 41945715 Numsec = 114350670 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 80026361856 bytes Sector size: 512 bytes Done! Infected: HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify --> [PUM.Disabled.SecurityCenter] Infected: HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify --> [PUM.Disabled.SecurityCenter] Scan finished Creating System Restore point... Cleaning up... Removal successful. No system shutdown is required. ======================================= Removal queue found; removal started Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam... Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_63_i.mbam... Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam... Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam... Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\Bootstrap_1_0_63_i.mbam... Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam... Removal finished