aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-04-23 22:17:57 ----------------------------- 22:17:57.210 OS Version: Windows 6.0.6002 Service Pack 2 22:17:57.211 Number of processors: 4 586 0xF07 22:17:57.211 ComputerName: M8120N-2 UserName: 22:17:59.081 Initialize success 22:18:49.873 AVAST engine defs: 12042301 22:19:14.392 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 22:19:14.394 Disk 0 Vendor: Hitachi_ V54O Size: 305245MB BusType: 3 22:19:14.397 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2 22:19:14.399 Disk 1 Vendor: Hitachi_ V54O Size: 305245MB BusType: 3 22:19:14.420 Disk 0 MBR read successfully 22:19:14.431 Disk 0 MBR scan 22:19:14.444 Disk 0 unknown MBR code 22:19:14.447 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 296096 MB offset 63 22:19:14.478 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 9146 MB offset 606405555 22:19:14.484 Disk 0 scanning sectors +625137345 22:19:14.546 Disk 0 scanning C:\Windows\system32\drivers 22:19:24.979 Service scanning 22:19:36.118 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32 22:19:58.084 Modules scanning 22:20:02.549 Disk 0 trace - called modules: 22:20:02.562 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll 22:20:02.569 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85bb2030] 22:20:02.569 3 CLASSPNP.SYS[8b5a78b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85ba4030] 22:20:05.236 AVAST engine scan C:\Windows 22:20:10.127 AVAST engine scan C:\Windows\system32 22:23:42.328 AVAST engine scan C:\Windows\system32\drivers 22:23:55.693 AVAST engine scan C:\Users\Executive 22:36:53.268 Disk 0 MBR has been saved successfully to "C:\Users\Executive\Documents\MBR.dat" 22:36:53.268 The log file has been saved successfully to "C:\Users\Executive\Documents\aswMBR.txt" aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-04-23 22:38:03 ----------------------------- 22:38:03.617 OS Version: Windows 6.0.6002 Service Pack 2 22:38:03.617 Number of processors: 4 586 0xF07 22:38:03.618 ComputerName: M8120N-2 UserName: 22:38:06.903 Initialize success 22:38:10.744 AVAST engine defs: 12042301 22:38:12.746 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 22:38:12.749 Disk 0 Vendor: Hitachi_ V54O Size: 305245MB BusType: 3 22:38:12.754 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2 22:38:12.757 Disk 1 Vendor: Hitachi_ V54O Size: 305245MB BusType: 3 22:38:12.802 Disk 0 MBR read successfully 22:38:12.805 Disk 0 MBR scan 22:38:12.810 Disk 0 unknown MBR code 22:38:12.824 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 296096 MB offset 63 22:38:12.868 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 9146 MB offset 606405555 22:38:12.887 Disk 0 scanning sectors +625137345 22:38:13.033 Disk 0 scanning C:\Windows\system32\drivers 22:38:35.048 Service scanning 22:38:45.757 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32 22:39:06.441 Modules scanning 22:39:22.603 Disk 0 trace - called modules: 22:39:22.624 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll 22:39:22.629 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85bb2030] 22:39:22.634 3 CLASSPNP.SYS[8b5a78b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85ba4030] 22:39:24.573 AVAST engine scan C:\Windows 22:40:00.366 AVAST engine scan C:\Windows\system32 22:45:42.970 AVAST engine scan C:\Windows\system32\drivers 22:46:28.288 AVAST engine scan C:\Users\Executive 02:58:56.965 AVAST engine scan C:\ProgramData 03:05:52.514 File: C:\ProgramData\Symantec\SRTSP\Quarantine\APQD326.tmp **INFECTED** Win32:Aluroot [Rtk] 03:05:56.025 File: C:\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\xfer\4F95B361.TMP **INFECTED** Win32:Downloader-LEF [Trj] 03:05:56.643 File: C:\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\xfer\4F95B36D.TMP **INFECTED** Win32:Downloader-LEF [Trj] 03:05:57.214 File: C:\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\xfer\4F95B370.TMP **INFECTED** Win32:Downloader-LEF [Trj] 03:05:57.845 File: C:\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\xfer\4F95B373.TMP **INFECTED** Win32:Downloader-LEF [Trj] 03:07:36.278 Scan finished successfully 17:42:50.397 Disk 0 MBR has been saved successfully to "C:\Users\Executive\Documents\MBR.dat" 17:42:50.408 The log file has been saved successfully to "C:\Users\Executive\Documents\aswMBR.txt"