PDA

View Full Version : widgi.toolbar



Gene45
2012-09-24, 18:58
I had 6 instances of it, 4 , removed by spybot,
machine restarted, rescanned, still 2 left,
the log tells me where, but i can't see them

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by Gene at 9:35:37 on 2012-09-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.2037.895 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Gene\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer.msn.com
uDefault_Page_URL = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe
BHO: AutorunsDisabled - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Google Update] "C:\Users\Gene\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\Gene\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Gene\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 216.234.161.25 216.194.64.160
TCP: Interfaces\{1A0DD12D-C6E3-4E55-816E-382188A5E019} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{306445AD-D7C7-4F1F-B042-BAD58994CEFB} : DhcpNameServer = 216.234.161.25 216.194.64.160
TCP: Interfaces\{306445AD-D7C7-4F1F-B042-BAD58994CEFB}\1427572616D205F6274716C6 : DhcpNameServer = 10.11.1.12 10.1.1.10
TCP: Interfaces\{306445AD-D7C7-4F1F-B042-BAD58994CEFB}\25F6467756C6C6D27657563747 : DhcpNameServer = 216.234.161.25 216.194.64.160
TCP: Interfaces\{306445AD-D7C7-4F1F-B042-BAD58994CEFB}\25F67656273734234424 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{306445AD-D7C7-4F1F-B042-BAD58994CEFB}\34963736F64383331333 : DhcpNameServer = 216.234.161.25 216.194.64.160
TCP: Interfaces\{306445AD-D7C7-4F1F-B042-BAD58994CEFB}\452554E444E65647 : DhcpNameServer = 192.168.10.1
TCP: Interfaces\{306445AD-D7C7-4F1F-B042-BAD58994CEFB}\C49626271627970275962756C6563737 : DhcpNameServer = 4.2.2.2 4.2.2.3
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: AutorunsDisabled - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO-X64: IESpeakDoc - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Gene\AppData\Roaming\Mozilla\Firefox\Profiles\zdwpza69.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Users\Gene\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Gene\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Gene\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-9-27 52896]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-28 44808]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-11-15 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-12-18 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-15 13336]
R2 RS_Service;Raw Socket Service;C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-11-15 260640]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-11-6 1153368]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-11-15 243232]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-21 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-7-24 250288]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]
S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]
S3 EUCR;EUCR;C:\Windows\system32\DRIVERS\EUCR6SK.SYS --> C:\Windows\system32\DRIVERS\EUCR6SK.SYS [?]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-21 136176]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;C:\Windows\System32\drivers\libusb0.sys [2011-11-23 21504]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-4 113120]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-26 305520]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-09-22 04:03:22 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BDC12FF2-228F-4B71-9963-737D6DCA7A64}\mpengine.dll
2012-09-22 03:53:36 -------- d-----r- C:\Program Files (x86)\Skype
2012-09-12 18:45:10 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-09-12 18:45:10 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-09-12 18:45:09 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-02 20:44:47 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-09-02 20:44:47 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
.
==================== Find3M ====================
.
2012-09-21 23:13:38 73136 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-21 23:13:38 696240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-24 18:05:06 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 16:57:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 15:59:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 15:20:39 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-21 09:13:13 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-08-21 09:13:12 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-08-21 09:13:12 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-08-21 09:12:33 41224 ----a-w- C:\Windows\avastSS.scr
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
.
============= FINISH: 9:38:18.19 ===============

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-24 09:43:46
-----------------------------
09:43:46.957 OS Version: Windows x64 6.1.7601 Service Pack 1
09:43:46.957 Number of processors: 2 586 0x1C0A
09:43:46.957 ComputerName: GENE-PC UserName: Gene
09:43:52.214 Initialize success
09:43:53.228 AVAST engine defs: 12092400
09:43:55.085 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
09:43:55.100 Disk 0 Vendor: Hitachi_ PB2O Size: 238475MB BusType: 3
09:43:55.132 Disk 0 MBR read successfully
09:43:55.147 Disk 0 MBR scan
09:43:55.163 Disk 0 Windows 7 default MBR code
09:43:55.178 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
09:43:55.210 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
09:43:55.241 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 225061 MB offset 27469824
09:43:55.272 Disk 0 scanning C:\Windows\system32\drivers
09:44:12.994 Service scanning
09:44:53.179 Modules scanning
09:44:53.210 Disk 0 trace - called modules:
09:44:53.242 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
09:44:53.257 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80044fc330]
09:44:53.273 3 CLASSPNP.SYS[fffff88001baf43f] -> nt!IofCallDriver -> [0xfffffa8002639c90]
09:44:53.304 5 ACPI.sys[fffff88000f8b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8002638050]
09:44:54.068 AVAST engine scan C:\Windows
09:44:56.783 AVAST engine scan C:\Windows\system32
09:48:54.950 AVAST engine scan C:\Windows\system32\drivers
09:49:12.266 AVAST engine scan C:\Users\Gene
09:50:34.322 Disk 0 MBR has been saved successfully to "C:\Users\Gene\Desktop\MBR.dat"
09:50:34.368 The log file has been saved successfully to "C:\Users\Gene\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-24 09:43:46
-----------------------------
09:43:46.957 OS Version: Windows x64 6.1.7601 Service Pack 1
09:43:46.957 Number of processors: 2 586 0x1C0A
09:43:46.957 ComputerName: GENE-PC UserName: Gene
09:43:52.214 Initialize success
09:43:53.228 AVAST engine defs: 12092400
09:43:55.085 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
09:43:55.100 Disk 0 Vendor: Hitachi_ PB2O Size: 238475MB BusType: 3
09:43:55.132 Disk 0 MBR read successfully
09:43:55.147 Disk 0 MBR scan
09:43:55.163 Disk 0 Windows 7 default MBR code
09:43:55.178 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
09:43:55.210 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
09:43:55.241 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 225061 MB offset 27469824
09:43:55.272 Disk 0 scanning C:\Windows\system32\drivers
09:44:12.994 Service scanning
09:44:53.179 Modules scanning
09:44:53.210 Disk 0 trace - called modules:
09:44:53.242 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
09:44:53.257 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80044fc330]
09:44:53.273 3 CLASSPNP.SYS[fffff88001baf43f] -> nt!IofCallDriver -> [0xfffffa8002639c90]
09:44:53.304 5 ACPI.sys[fffff88000f8b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8002638050]
09:44:54.068 AVAST engine scan C:\Windows
09:44:56.783 AVAST engine scan C:\Windows\system32
09:48:54.950 AVAST engine scan C:\Windows\system32\drivers
09:49:12.266 AVAST engine scan C:\Users\Gene
09:50:34.322 Disk 0 MBR has been saved successfully to "C:\Users\Gene\Desktop\MBR.dat"
09:50:34.368 The log file has been saved successfully to "C:\Users\Gene\Desktop\aswMBR.txt"
09:52:37.144 AVAST engine scan C:\ProgramData
09:53:48.390 Scan finished successfully
09:57:01.424 Disk 0 MBR has been saved successfully to "C:\Users\Gene\Desktop\MBR.dat"
09:57:01.456 The log file has been saved successfully to "C:\Users\Gene\Desktop\aswMBR.txt"

9931

Edit
Waiting for help in the Malware Forum FOUR days or longer? (http://forums.spybot.info/showthread.php?t=1137)
Open Topics moved to archives (http://forums.spybot.info/showthread.php?t=20965)