-
Posts
21 -
Joined
-
Last visited
Reputation
0 Neutral-
Again I have to thank you for your help...... Thanks also for the links.......as a paid / pro version member I "thought" I had posted it on their help forum ??? Maybe you could PM me with your thoughts and suggestions - I do have several full backups on an external drive if things should go wrong
-
Hi, of course I am grateful for the trouble you nave been to in order to assist me so a big THANK YOU for that .... but also rather disappointed that there has not been a solution to the problem. There has to be a cause - and - a solution.....
-
Disregard that....with that drive unplugged it reported the same errors on volume 3 (!!) which was then my Z drive ! I unplugged that drive as well and it reported the same errors on volume 3 that appears to me my C drive In case you hadn't worked it out, I have programs etc on C:\ (an OCZ Vector SSD) and user files etc on D:\ - a normal hard drive Just did a custom scan on C: drive only and almost immediately it picked up the same errors !
-
Did some more digging and it seems that "vol 3" is in fact my X drive, used mainly for video editing.....
-
It was already ticked....everything is ticked....
-
OK, will do.....am slightly concerned to see MORE errors than before......
-
Aw dammit.....just ran another scan after re-booting...... Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 18/04/2014Scan Time: 11:56:53Logfile: MBAM.txtAdministrator: Yes Version: 2.00.1.1004Malware Database: v2014.04.18.03Rootkit Database: v2014.03.27.01License: PremiumMalware Protection: EnabledMalicious Website Protection: EnabledChameleon: Enabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: David Scan Type: Threat ScanResult: CompletedObjects Scanned: 426302Time Elapsed: 26 min, 34 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledShuriken: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 21Forged physical sector, Physical Sector #500089935 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500096708 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500096752 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500096792 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500096796 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500097072 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500097216 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500098720 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500099072 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500100096 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500100394 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500100397 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500101120 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500102144 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500103168 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500104192 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500105216 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500106240 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500107264 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500108288 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], Forged physical sector, Physical Sector #500109312 on Drive #3, , [022b6028989832b7fcbc1d3003035cf6], (end)
-
Listpart report as requested : ListParts by Farbar Version: 17-04-2014Ran by David (administrator) on 18-04-2014 at 11:22:44Windows 7 (X64)Running From: D:\Users\David\DownloadsLanguage: 0409************************************************************ ========================= Memory info ====================== Percentage of memory in use: 29%Total physical RAM: 12286.42 MBAvailable physical RAM: 8662.75 MBTotal Pagefile: 24571.02 MBAvailable Pagefile: 20301.68 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.88 MB ======================= Partitions ========================= 1 Drive c: (SYSTEM FILES) (Fixed) (Total:238.47 GB) (Free:147.75 GB) NTFS ==>[Drive with boot components (obtained from BCD)]2 Drive d: (USER DATA) (Fixed) (Total:465.76 GB) (Free:151.96 GB) NTFS5 Drive x: (VIDEO) (Fixed) (Total:465.76 GB) (Free:193 GB) NTFS6 Drive z: (BACKUPS) (Fixed) (Total:465.76 GB) (Free:118.97 GB) NTFS Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 465 GB 1024 KB Disk 1 Online 465 GB 1024 KB Disk 2 Online 465 GB 1024 KB Disk 3 Online 238 GB 0 B Partitions of Disk 0:=============== Disk ID: C3A28E30 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 465 GB 1024 KB ====================================================================================================== Disk: 0Partition 1Type : 07Hidden: NoActive: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- --------* Volume 2 D USER DATA NTFS Partition 465 GB Healthy ====================================================================================================== Partitions of Disk 1:=============== Disk ID: DD44569B Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 465 GB 1024 KB ====================================================================================================== Disk: 1Partition 1Type : 07Hidden: NoActive: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- --------* Volume 3 X VIDEO NTFS Partition 465 GB Healthy ====================================================================================================== Partitions of Disk 2:=============== Disk ID: 1C519507 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 465 GB 1024 KB ====================================================================================================== Disk: 2Partition 1Type : 07Hidden: NoActive: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- --------* Volume 4 Z BACKUPS NTFS Partition 465 GB Healthy ====================================================================================================== Partitions of Disk 3:=============== Disk ID: 829EEDC2 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 238 GB 1024 KB ====================================================================================================== Disk: 3Partition 1Type : 07Hidden: NoActive: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- --------* Volume 5 C SYSTEM FILE NTFS Partition 238 GB Healthy System (partition with boot components) ==================================================================================================================================== MBR Partition Table ================== ==============================Partitions of Disk 0:===============Disk ID: C3A28E30Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS) ==============================Partitions of Disk 1:===============Disk ID: DD44569BPartition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ==============================Partitions of Disk 2:===============Disk ID: 1C519507Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ==============================Partitions of Disk 3:===============Disk ID: 829EEDC2Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS) ****** End Of Log ******
-
Just completed the scan......and NO ERRORS protection log : Malwarebytes Anti-Malware www.malwarebytes.org Update, 18/04/2014 10:59:24, SYSTEM, PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1, Update, 18/04/2014 10:59:51, SYSTEM, PC, Manual, Malware Database, 2014.3.4.9, 2014.4.18.3, Protection, 18/04/2014 11:00:07, SYSTEM, PC, Protection, Malware Protection, Starting, Protection, 18/04/2014 11:00:07, SYSTEM, PC, Protection, Malware Protection, Started, Protection, 18/04/2014 11:00:07, SYSTEM, PC, Protection, Malicious Website Protection, Starting, Protection, 18/04/2014 11:00:07, SYSTEM, PC, Protection, Refresh, Starting, Protection, 18/04/2014 11:00:07, SYSTEM, PC, Protection, Malicious Website Protection, Started, Protection, 18/04/2014 11:00:07, SYSTEM, PC, Protection, Malicious Website Protection, Stopping, Protection, 18/04/2014 11:00:07, SYSTEM, PC, Protection, Malicious Website Protection, Stopped, Protection, 18/04/2014 11:00:10, SYSTEM, PC, Protection, Refresh, Success, Protection, 18/04/2014 11:00:10, SYSTEM, PC, Protection, Malicious Website Protection, Starting, Protection, 18/04/2014 11:00:10, SYSTEM, PC, Protection, Malicious Website Protection, Started, (end) scan log : Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 18/04/2014Scan Time: 11:08:04Logfile: scan.txtAdministrator: Yes Version: 2.00.1.1004Malware Database: v2014.04.18.03Rootkit Database: v2014.03.27.01License: PremiumMalware Protection: DisabledMalicious Website Protection: DisabledChameleon: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: David Scan Type: Threat ScanResult: CompletedObjects Scanned: 423816Time Elapsed: 8 min, 10 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledShuriken: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) So, on the face of it at least it looks like the MBAR scan may have found and deleted the problem.....maybe I should have left it running longer....maybe it needs some more "confidence" indication that it is actually doing something - it certainly appeared to have frozen !
-
I was about to run Malware Bytes again to see if it still picked up those errors.....but it seems to have disappeared off my system !!! ????? Will re-install and see
-
I ran the anti root kit scanner again and left it running overnight ....here is the system log.txt from that ---------------------------------------Malwarebytes Anti-Rootkit BETA 1.07.0.1009 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 11.0.9600.17041 File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, X:\ DRIVE_FIXED, Z:\ DRIVE_FIXEDCPU speed: 3.064000 GHzMemory total: 12883247104, free: 8702431232 Could not load protection driver=======================================Initializing...Done!<<<1>>>Upper Device Name: \Device\Harddisk3\DR3Upper Device Object: 0xfffffa800bd95790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\00000071\Lower Device Object: 0xfffffa8009c387e0Lower Device Driver Name: \Driver\mvs91xx\<<<1>>>Upper Device Name: \Device\Harddisk2\DR2Upper Device Object: 0xfffffa800bdb9790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-4\Lower Device Object: 0xfffffa8009c30050Lower Device Driver Name: \Driver\iaStor\<<<1>>>Upper Device Name: \Device\Harddisk1\DR1Upper Device Object: 0xfffffa800bdda790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-3\Lower Device Object: 0xfffffa8009c2e050Lower Device Driver Name: \Driver\iaStor\<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xfffffa800bdc7790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-2\Lower Device Object: 0xfffffa8009a97050Lower Device Driver Name: \Driver\iaStor\<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>><<<3>>>Volume: D:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>><<<3>>>Volume: D:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>><<<3>>>Volume: D:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesDone!Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: C3A28E30 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 976766976 Partition file system is NTFS Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytesSector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...Done!Drive 1Scanning MBR on drive 1...Inspecting partition table:MBR Signature: 55AADisk Signature: DD44569B Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 976766976 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytesSector size: 512 bytes Done!Drive 2Scanning MBR on drive 2...Inspecting partition table:MBR Signature: 55AADisk Signature: 1C519507 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 976766976 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytesSector size: 512 bytes Done!Drive 3Scanning MBR on drive 3...Inspecting partition table:MBR Signature: 55AADisk Signature: 829EEDC2 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 500107888 Partition file system is NTFS Partition is bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 256056286720 bytesSector size: 512 bytes Done!Scan finished======================================= Removal queue found; removal startedRemoving d:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...Removing d:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...Removing d:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...Removing d:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...Removing d:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...Removing d:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...Removing d:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...Removing d:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-i.mbam...Removing d:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-3-0-2048-i.mbam...Removing d:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-r.mbam...Removal finished
-
Files attached as requested thank you aswMBR.txt mbr_dat.zip
-
OK, will do later - thanks
-
Just re-scanned....as before it scans user Alex all OK including the roaming folder, it scans user David OK including the roaming folder, it stops on user Fred roaming folder \ file xxx I deleted file xxx, re-started and it stops on file yyy in that folder, deleted that file, re-started and it stops on another file in that folder !
-
I downloaded and ran MBAR as requested, (I had in fact already done this but have removed and started afresh).....and have come across the same problem I had before : it appears to freeze when scanning one of our user accounts \ roaming folders (we have 4 user accounts, it passes two) .... the hard disk light is on and it sounds like it is still scanning but appears to be frozen - screen dump attached If I "cancel" the scan it just sits there, if I terminate the process in task manager it does close down. system log file : ( NO scan log !) ---------------------------------------Malwarebytes Anti-Rootkit BETA 1.07.0.1009 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 11.0.9600.17041 File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, X:\ DRIVE_FIXED, Z:\ DRIVE_FIXEDCPU speed: 3.064000 GHzMemory total: 12883247104, free: 10727698432 Could not load protection driverDownloaded database version: v2014.04.16.10Downloaded database version: v2014.03.27.01=======================================Initializing...------------ Kernel report ------------ 04/17/2014 00:19:20------------ Loaded modules -----------\SystemRoot\system32\ntoskrnl.exe\SystemRoot\system32\hal.dll\SystemRoot\system32\kdcom.dll\SystemRoot\system32\mcupdate_GenuineIntel.dll\SystemRoot\system32\PSHED.dll\SystemRoot\system32\CLFS.SYS\SystemRoot\system32\CI.dll\SystemRoot\system32\drivers\Wdf01000.sys\SystemRoot\system32\drivers\WDFLDR.SYS\SystemRoot\system32\drivers\ACPI.sys\SystemRoot\system32\drivers\WMILIB.SYS\SystemRoot\system32\drivers\msisadrv.sys\SystemRoot\system32\drivers\pci.sys\SystemRoot\system32\drivers\vdrvroot.sys\SystemRoot\system32\DRIVERS\vidsflt.sys\SystemRoot\System32\drivers\partmgr.sys\SystemRoot\system32\DRIVERS\compbatt.sys\SystemRoot\system32\DRIVERS\BATTC.SYS\SystemRoot\system32\drivers\volmgr.sys\SystemRoot\System32\drivers\volmgrx.sys\SystemRoot\system32\drivers\pciide.sys\SystemRoot\system32\drivers\PCIIDEX.SYS\SystemRoot\system32\DRIVERS\jraid.sys\SystemRoot\system32\DRIVERS\SCSIPORT.SYS\SystemRoot\System32\drivers\mountmgr.sys\SystemRoot\system32\drivers\vmbus.sys\SystemRoot\system32\drivers\winhv.sys\SystemRoot\system32\DRIVERS\iaStor.sys\SystemRoot\system32\drivers\atapi.sys\SystemRoot\system32\drivers\ataport.SYS\SystemRoot\system32\drivers\msahci.sys\SystemRoot\system32\DRIVERS\mvs91xx.sys\SystemRoot\system32\DRIVERS\storport.sys\SystemRoot\system32\DRIVERS\mvxxmm.sys\SystemRoot\system32\drivers\amdxata.sys\SystemRoot\system32\drivers\fltmgr.sys\SystemRoot\system32\drivers\fileinfo.sys\SystemRoot\system32\DRIVERS\MpFilter.sys\SystemRoot\System32\Drivers\Ntfs.sys\SystemRoot\System32\Drivers\msrpc.sys\SystemRoot\System32\Drivers\ksecdd.sys\SystemRoot\System32\Drivers\cng.sys\SystemRoot\System32\drivers\pcw.sys\SystemRoot\System32\Drivers\Fs_Rec.sys\SystemRoot\system32\drivers\ndis.sys\SystemRoot\system32\drivers\NETIO.SYS\SystemRoot\System32\Drivers\ksecpkg.sys\SystemRoot\System32\drivers\tcpip.sys\SystemRoot\System32\drivers\fwpkclnt.sys\SystemRoot\system32\DRIVERS\vididr.sys\SystemRoot\system32\DRIVERS\tib_mounter.sys\SystemRoot\system32\drivers\vmstorfl.sys\SystemRoot\system32\drivers\volsnap.sys\SystemRoot\system32\DRIVERS\tib.sys\SystemRoot\System32\Drivers\spldr.sys\SystemRoot\system32\DRIVERS\snapman.sys\SystemRoot\System32\drivers\rdyboost.sys\SystemRoot\system32\DRIVERS\NBVol.sys\SystemRoot\system32\DRIVERS\NBVolUp.sys\SystemRoot\System32\Drivers\mup.sys\SystemRoot\system32\DRIVERS\mounthlp.sys\SystemRoot\System32\drivers\hwpolicy.sys\SystemRoot\system32\DRIVERS\fltsrv.sys\SystemRoot\system32\DRIVERS\gpt_loader.sys\SystemRoot\System32\DRIVERS\fvevol.sys\SystemRoot\system32\DRIVERS\disk.sys\SystemRoot\system32\DRIVERS\CLASSPNP.SYS\SystemRoot\system32\DRIVERS\apmwin.sys\SystemRoot\System32\Drivers\dump_mvxxmm.sys\SystemRoot\system32\DRIVERS\cdrom.sys\SystemRoot\System32\Drivers\cdrbsdrv.SYS\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\drivers\VIDEOPRT.SYS\SystemRoot\System32\drivers\watchdog.sys\SystemRoot\System32\DRIVERS\RDPCDD.sys\SystemRoot\system32\drivers\rdpencdd.sys\SystemRoot\system32\drivers\rdprefmp.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\system32\DRIVERS\tdx.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\system32\drivers\afd.sys\SystemRoot\System32\DRIVERS\netbt.sys\SystemRoot\system32\DRIVERS\wfplwf.sys\SystemRoot\system32\DRIVERS\pacer.sys\SystemRoot\system32\DRIVERS\vpcnfltr.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\wanarp.sys\SystemRoot\system32\drivers\vpcvmm.sys\SystemRoot\system32\drivers\termdd.sys\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\drivers\nsiproxy.sys\SystemRoot\system32\drivers\mssmbios.sys\SystemRoot\System32\drivers\discache.sys\SystemRoot\system32\drivers\csc.sys\SystemRoot\System32\Drivers\dfsc.sys\SystemRoot\system32\DRIVERS\blbdrive.sys\SystemRoot\system32\DRIVERS\AppleCharger.sys\SystemRoot\system32\DRIVERS\tunnel.sys\SystemRoot\system32\DRIVERS\intelppm.sys\SystemRoot\system32\DRIVERS\nusb3xhc.sys\SystemRoot\system32\DRIVERS\USBD.SYS\SystemRoot\system32\DRIVERS\nvlddmkm.sys\SystemRoot\System32\drivers\dxgkrnl.sys\SystemRoot\System32\drivers\dxgmms1.sys\SystemRoot\system32\DRIVERS\HDAudBus.sys\SystemRoot\system32\DRIVERS\usbuhci.sys\SystemRoot\system32\DRIVERS\USBPORT.SYS\SystemRoot\system32\DRIVERS\usbehci.sys\SystemRoot\system32\DRIVERS\Rt64win7.sys\SystemRoot\system32\DRIVERS\HCW71364.sys\SystemRoot\system32\DRIVERS\ks.sys\SystemRoot\system32\DRIVERS\BdaSup.SYS\SystemRoot\system32\drivers\ksthunk.sys\SystemRoot\system32\drivers\1394ohci.sys\SystemRoot\system32\drivers\wmiacpi.sys\SystemRoot\system32\drivers\CompositeBus.sys\SystemRoot\system32\DRIVERS\AgileVpn.sys\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\rassstp.sys\SystemRoot\system32\DRIVERS\rdpbus.sys\SystemRoot\system32\DRIVERS\kbdclass.sys\SystemRoot\system32\DRIVERS\mouclass.sys\SystemRoot\system32\drivers\swenum.sys\SystemRoot\system32\drivers\umbus.sys\SystemRoot\system32\drivers\nvvad64v.sys\SystemRoot\system32\drivers\portcls.sys\SystemRoot\system32\drivers\drmk.sys\SystemRoot\system32\DRIVERS\vpcusb.sys\SystemRoot\system32\DRIVERS\usbrpm.sys\SystemRoot\system32\DRIVERS\vpchbus.sys\SystemRoot\system32\DRIVERS\nusb3hub.sys\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\system32\drivers\nvhda64v.sys\SystemRoot\system32\drivers\RTKVHD64.sys\SystemRoot\system32\DRIVERS\usbprint.sys\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\system32\DRIVERS\monitor.sys\SystemRoot\System32\TSDDD.dll\SystemRoot\System32\Drivers\crashdmp.sys\SystemRoot\System32\Drivers\dump_diskdump.sys\SystemRoot\System32\Drivers\dump_mvs91xx.sys\SystemRoot\System32\Drivers\dump_dumpfve.sys\SystemRoot\system32\DRIVERS\ser2pl64.sys\SystemRoot\system32\DRIVERS\serenum.sys\SystemRoot\System32\cdd.dll\SystemRoot\System32\ATMFD.DLL\SystemRoot\system32\DRIVERS\usbccgp.sys\SystemRoot\System32\Drivers\nx6000.sys\SystemRoot\System32\Drivers\usbvideo.sys\SystemRoot\system32\drivers\usbaudio.sys\SystemRoot\system32\drivers\luafv.sys\SystemRoot\system32\DRIVERS\hfsplusrec.sys\SystemRoot\system32\DRIVERS\lltdio.sys\SystemRoot\system32\DRIVERS\rspndr.sys\SystemRoot\system32\DRIVERS\RtNdPt60.sys\SystemRoot\system32\drivers\HTTP.sys\SystemRoot\system32\DRIVERS\bowser.sys\SystemRoot\System32\drivers\mpsdrv.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\system32\DRIVERS\mrxsmb10.sys\SystemRoot\system32\DRIVERS\mrxsmb20.sys\SystemRoot\system32\DRIVERS\dc3d.sys\SystemRoot\system32\DRIVERS\HIDPARSE.SYS\SystemRoot\system32\DRIVERS\hidusb.sys\SystemRoot\system32\DRIVERS\HIDCLASS.SYS\SystemRoot\system32\DRIVERS\kbdhid.sys\SystemRoot\system32\DRIVERS\mouhid.sys\SystemRoot\system32\DRIVERS\point64.sys\??\C:\windows\system32\Drivers\rikvm_38F51D56.sys\SystemRoot\system32\DRIVERS\NisDrvWFP.sys\SystemRoot\system32\drivers\peauth.sys\SystemRoot\System32\Drivers\secdrv.SYS\SystemRoot\System32\DRIVERS\srvnet.sys\SystemRoot\System32\drivers\tcpipreg.sys\SystemRoot\System32\DRIVERS\srv2.sys\SystemRoot\System32\DRIVERS\srv.sys\SystemRoot\system32\drivers\MSPQM.sys\SystemRoot\system32\DRIVERS\afcdp.sys\??\C:\Windows\gdrv.sys\??\C:\Windows\GVTDrv64.sys\??\C:\windows\system32\drivers\MBAMSwissArmy.sys\Windows\System32\ntdll.dll\Windows\System32\smss.exe\Windows\System32\apisetschema.dll----------- End -----------Done!<<<1>>>Upper Device Name: \Device\Harddisk3\DR3Upper Device Object: 0xfffffa800bd95790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\00000071\Lower Device Object: 0xfffffa8009c387e0Lower Device Driver Name: \Driver\mvs91xx\<<<1>>>Upper Device Name: \Device\Harddisk2\DR2Upper Device Object: 0xfffffa800bdb9790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-4\Lower Device Object: 0xfffffa8009c30050Lower Device Driver Name: \Driver\iaStor\<<<1>>>Upper Device Name: \Device\Harddisk1\DR1Upper Device Object: 0xfffffa800bdda790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-3\Lower Device Object: 0xfffffa8009c2e050Lower Device Driver Name: \Driver\iaStor\<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xfffffa800bdc7790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-2\Lower Device Object: 0xfffffa8009a97050Lower Device Driver Name: \Driver\iaStor\<<<2>>>Physical Sector Size: 512Drive: 3, DevicePointer: 0xfffffa800bd95790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa800bcd9ac0, DeviceName: Unknown, DriverName: \Driver\gpt_loader\DevicePointer: 0xfffffa800bcd9cd0, DeviceName: Unknown, DriverName: \Driver\apmwin\DevicePointer: 0xfffffa800bd952c0, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa800bd95790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa800bcd5870, DeviceName: Unknown, DriverName: \Driver\vidsflt\DevicePointer: 0xfffffa8009c387e0, DeviceName: \Device\00000071\, DriverName: \Driver\mvs91xx\------------ End ----------Alternate DeviceName: Unknown, DriverName: \Driver\apmwin\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesDone!Physical Sector Size: 512Drive: 0, DevicePointer: 0xfffffa800bdc7790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa800bcca940, DeviceName: Unknown, DriverName: \Driver\gpt_loader\DevicePointer: 0xfffffa8009ee6b60, DeviceName: Unknown, DriverName: \Driver\apmwin\DevicePointer: 0xfffffa800bccbb90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa800bdc7790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8009ee9d30, DeviceName: Unknown, DriverName: \Driver\vidsflt\DevicePointer: 0xfffffa8009a97050, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\------------ End ----------Alternate DeviceName: Unknown, DriverName: \Driver\apmwin\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: C3A28E30 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 976766976 Partition file system is NTFS Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytesSector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...Done!Physical Sector Size: 512Drive: 1, DevicePointer: 0xfffffa800bdda790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa800bcce940, DeviceName: Unknown, DriverName: \Driver\gpt_loader\DevicePointer: 0xfffffa800bcd2cd0, DeviceName: Unknown, DriverName: \Driver\apmwin\DevicePointer: 0xfffffa800bccfb90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa800bdda790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa800bcccb40, DeviceName: Unknown, DriverName: \Driver\vidsflt\DevicePointer: 0xfffffa8009c2e050, DeviceName: \Device\Ide\IAAStorageDevice-3\, DriverName: \Driver\iaStor\------------ End ----------Alternate DeviceName: Unknown, DriverName: \Driver\apmwin\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 1Scanning MBR on drive 1...Inspecting partition table:MBR Signature: 55AADisk Signature: DD44569B Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 976766976 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytesSector size: 512 bytes Done!Physical Sector Size: 512Drive: 2, DevicePointer: 0xfffffa800bdb9790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa800bcd4940, DeviceName: Unknown, DriverName: \Driver\gpt_loader\DevicePointer: 0xfffffa800bcd5cd0, DeviceName: Unknown, DriverName: \Driver\apmwin\DevicePointer: 0xfffffa800bdb92c0, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa800bdb9790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa800bcd2a90, DeviceName: Unknown, DriverName: \Driver\vidsflt\DevicePointer: 0xfffffa8009c30050, DeviceName: \Device\Ide\IAAStorageDevice-4\, DriverName: \Driver\iaStor\------------ End ----------Alternate DeviceName: Unknown, DriverName: \Driver\apmwin\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 2Scanning MBR on drive 2...Inspecting partition table:MBR Signature: 55AADisk Signature: 1C519507 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 976766976 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytesSector size: 512 bytes Done!Drive 3Scanning MBR on drive 3...Inspecting partition table:MBR Signature: 55AADisk Signature: 829EEDC2 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 500107888 Partition file system is NTFS Partition is bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 256056286720 bytesSector size: 512 bytes Done!<<<2>>><<<3>>>Volume: D:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes