aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-13 19:27:16 ----------------------------- 19:27:16.778 OS Version: Windows x64 6.1.7601 Service Pack 1 19:27:16.778 Number of processors: 4 586 0x503 19:27:16.778 ComputerName: HOME UserName: 19:27:21.676 Initialize success 19:27:25.888 AVAST engine defs: 11111200 19:27:30.787 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 19:27:30.802 Disk 0 Vendor: ST31000528AS CC38 Size: 953869MB BusType: 11 19:27:30.802 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP6T1L0-9 19:27:30.818 Disk 1 Vendor: WDC_WD1600JB-00GVC0 08.02D08 Size: 152627MB BusType: 3 19:27:32.830 Disk 0 MBR read successfully 19:27:32.830 Disk 0 MBR scan 19:27:32.846 Disk 0 MBR:Alureon-I [Rtk] 19:27:32.846 Disk 0 TDL4@MBR code has been found 19:27:32.862 Disk 0 Windows 7 default MBR code found via API 19:27:32.862 Disk 0 MBR hidden 19:27:32.877 Disk 0 MBR [TDL4] **ROOTKIT** 19:27:32.877 Disk 0 trace - called modules: 19:27:32.877 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8004d92254]<< 19:27:32.893 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004cbd790] 19:27:32.893 3 CLASSPNP.SYS[fffff880019c143f] -> nt!IofCallDriver -> [0xfffffa8004be0940] 19:27:32.908 5 ACPI.sys[fffff88000f4e7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004c95680] 19:27:32.908 \Driver\atapi[0xfffffa800468de70] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8004d92254 19:27:35.436 AVAST engine scan C:\Windows 19:27:39.211 AVAST engine scan C:\Windows\system32 19:29:24.979 AVAST engine scan C:\Windows\system32\drivers 19:29:35.244 AVAST engine scan C:\Users\Matthew Abrahamson 19:37:14.563 AVAST engine scan C:\ProgramData 19:38:34.998 Scan finished successfully 19:38:55.714 Disk 0 MBR has been saved successfully to "C:\Users\Matthew Abrahamson\Desktop\MBR.dat" 19:38:55.714 The log file has been saved successfully to "C:\Users\Matthew Abrahamson\Desktop\aswMBR1.txt"