aswMBR version 0.9.7.705 Copyright(c) 2011 AVAST Software Run date: 2011-07-06 07:32:17 ----------------------------- 07:32:17.790 OS Version: Windows x64 6.1.7601 Service Pack 1 07:32:17.790 Number of processors: 3 586 0x202 07:32:17.790 ComputerName: DONNIE UserName: 07:32:18.773 Initialize success 07:32:19.615 AVAST engine defs: 11062900 07:32:28.788 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061 07:32:28.788 Disk 0 Vendor: Hitachi_ GM3O Size: 305245MB BusType: 8 07:32:28.788 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000062 07:32:28.804 Disk 1 Vendor: Hitachi_ GM3O Size: 305245MB BusType: 8 07:32:30.847 Disk 0 MBR read successfully 07:32:30.847 Disk 0 MBR scan 07:32:31.128 Disk 0 Windows 7 default MBR code 07:32:31.128 Service scanning 07:32:32.142 Disk 0 trace - called modules: 07:32:32.158 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys 07:32:32.158 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80030b2060] 07:32:32.158 3 CLASSPNP.SYS[fffff880019a443f] -> nt!IofCallDriver -> [0xfffffa80024254d0] 07:32:32.158 5 ACPI.sys[fffff88000f6c7a1] -> nt!IofCallDriver -> \Device\00000061[0xfffffa80024209c0] 07:32:32.969 AVAST engine scan C:\Windows 07:36:36.407 File: C:\Windows\System32\drivers\en-US\bfe.dll.mui **SUSPICIOUS** 07:36:36.735 File: C:\Windows\System32\drivers\en-US\ndiscap.sys.mui **SUSPICIOUS** 07:36:36.859 File: C:\Windows\System32\drivers\en-US\pacer.sys.mui **SUSPICIOUS** 07:36:36.937 File: C:\Windows\System32\drivers\en-US\qwavedrv.sys.mui **SUSPICIOUS** 07:36:37.062 File: C:\Windows\System32\drivers\en-US\scfilter.sys.mui **SUSPICIOUS** 07:36:37.156 File: C:\Windows\System32\drivers\en-US\tcpip.sys.mui **SUSPICIOUS** 07:36:44.660 File: C:\Windows\System32\drivers\wimmount.sys **SUSPICIOUS** 07:55:49.072 AVAST engine scan C:\Users\penylane 08:06:34.694 AVAST engine scan C:\ProgramData 08:14:50.540 Scan finished successfully 16:23:29.769 Disk 0 MBR has been saved successfully to "C:\Users\penylane\Desktop\MBR.dat" 16:23:29.847 The log file has been saved successfully to "C:\Users\penylane\Desktop\aswMBR.txt"