---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.2.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, G:\ DRIVE_FIXED
CPU speed: 2.255000 GHz
Memory total: 1852518400, free: 876343296

Downloaded database version: v2015.01.04.06
Downloaded database version: v2014.12.30.01
Downloaded database version: v2014.12.06.01
=======================================
Initializing...
------------ Kernel report ------------
     01/04/2015 11:56:06
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
kl1.sys
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
cm_km_w.sys
compbatt.sys
\WINDOWS\system32\DRIVERS\BATTC.SYS
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
ACPIEC.sys
\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
PartMgr.sys
AppleMNT.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltMgr.sys
sr.sys
KSecDD.sys
AppleHFS.sys
Ntfs.sys
NDIS.sys
Mup.sys
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\nvsmu.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\nvnetbus.sys
\SystemRoot\system32\DRIVERS\NVNRM.SYS
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\bcmwl5.sys
\SystemRoot\system32\DRIVERS\dsNcAdpt.sys
\SystemRoot\system32\DRIVERS\klim5.sys
\SystemRoot\system32\DRIVERS\klflt.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\NVENETFD.sys
\SystemRoot\system32\drivers\clhdaud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\system32\DRIVERS\klhk.sys
\SystemRoot\system32\DRIVERS\IRFilter.sys
\SystemRoot\system32\DRIVERS\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\Wdf01000.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\KeyMagic.sys
\SystemRoot\system32\DRIVERS\applemtp.sys
\SystemRoot\system32\DRIVERS\applemtm.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\klkbdflt.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\kltdi.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\kltdf.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\kneps.sys
\SystemRoot\system32\DRIVERS\klpd.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\bthmodem.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\system32\DRIVERS\hidbth.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\WudfPf.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\??\C:\WINDOWS\system32\drivers\KeyAgent.sys
\SystemRoot\system32\DRIVERS\kldisk.sys
\SystemRoot\system32\DRIVERS\srv.sys
\??\C:\WINDOWS\system32\drivers\MacHALDriver.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR4
Upper Device Object: 0xffffffff898c9ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\000000a6\
Lower Device Object: 0xffffffff898c7438
Lower Device Driver Name: \Driver\usbstor\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8aad9ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff8ab03d98
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8aad9ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8ab56128, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8aad9ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8abdf338, DeviceName: \Device\00000086\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8ab03d98, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\WINDOWS\system32\drivers\1394bus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394bus.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\amdk6.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk6.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\amdk7.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk7.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atmepvc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atmepvc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnkipx.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nwlnkipx.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnknb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nwlnknb.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwlnkspx.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nwlnkspx.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nwrdr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nwrdr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\oprghdlr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\oprghdlr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\p3.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\p3.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\gm.dls" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\gm.dls" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\gmreadme.txt" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\gmreadme.txt" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rio8drv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rio8drv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\riodrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\riodrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rmcast.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rmcast.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rndismp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rndismp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rootmdm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rootmdm.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sffdisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sffdisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sffp_mmc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sffp_mmc.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sffp_sd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sffp_sd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\smclib.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\smclib.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\sonydcam.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sonydcam.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tape.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tape.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tcpip6.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tcpip6.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tosdvd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tosdvd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tsbvcap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tsbvcap.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\tunmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tunmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbcamd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcamd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atmlane.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atmlane.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mqac.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mqac.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\rawwan.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rawwan.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbcamd2.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcamd2.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cpqdap01.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cpqdap01.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\crusoe.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\crusoe.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\diskdump.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\diskdump.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\enum1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\enum1394.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\usbintel.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbintel.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\vdmindvd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vdmindvd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\ws2ifsl.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ws2ifsl.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mcd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mcd.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\mf.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mf.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\fsvga.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fsvga.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nikedrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nikedrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\nmnt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\nmnt.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\atmuni.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atmuni.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\bridge.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bridge.sys" is compressed (flags = 1)
File "C:\WINDOWS\system32\drivers\cinemst2.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cinemst2.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2EAD

Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 409639

    Partition 1 type is Other (0xaf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 409640  Numsec = 154927104

    Partition 2 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 155600896  Numsec = 156979200
    Partition file system is NTFS
    Partition is bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 160041885696 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff898c9ab8, DeviceName: \Device\Harddisk1\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff898c0020, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff898c9ab8, DeviceName: \Device\Harddisk1\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff898c7438, DeviceName: \Device\000000a6\, DriverName: \Driver\usbstor\
------------ End ----------
Infected: C:\Program Files\Cain\Abel.exe --> [HackTool.Cain]
Infected: C:\Program Files\Cain\Abel64.exe --> [HackTool.Cain]
File "C:\WINDOWS\system32\config\system" is compressed (flags = 1)
File "C:\Documents and Settings\apple3\Cookies\index.dat" is compressed (flags = 1)
File "C:\Documents and Settings\apple3\IETldCache\index.dat" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\VBR-0-2-155600896-i.mbam...
Removing C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished