Brighid
2013-07-02, 16:20
Seems there's a lot of those here in the forums! Thank you for help, ahead of time! Here's the log:
(ps: I researched the Anchor.hss and am I wrong in believing it's my wifi? I ran Spybot in Admin mode.)
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.25.2
Run by Barbara at 9:39:43 on 2013-07-02
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3546.1887 [GMT -4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Synaptics\Scrybe\scrybe.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\Barbara\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Works\WkCalRem.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN36118596272566332&ctid=CT3279141&SSPV=SP_IENSP06
uDefault_Page_URL = hxxp://www.dell.com
uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [PlayNC Launcher] <no file>
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\barbara\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\barbara\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\barbara\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\barbara\appdata\roaming\micros~1\windows\startm~1\programs\startup\wkcalrem.lnk - c:\program files\microsoft works\WkCalRem.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\scrybe.lnk - c:\windows\installer\{13061caa-0284-4f9a-b460-3d4699575b35}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Save video on Savevid.com - c:\program files\savevid\redirect.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{98587456-FA1F-44DB-9F22-291489F7AA69} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{98587456-FA1F-44DB-9F22-291489F7AA69}\142726973773539383 : DHCPNameServer = 192.168.1.1 4.2.2.2
TCP: Interfaces\{98587456-FA1F-44DB-9F22-291489F7AA69}\3574341383 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{DBC2B80B-0FB1-4404-9CE5-036295B93D43} : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\barbara\appdata\roaming\mozilla\firefox\profiles\xylfs8oa.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=3&q={searchTerms}&sspv=SP_FFNSP06&CUI=UN42693976353006826
FF - prefs.js: browser.startup.homepage - hxxp://us-mg4.mail.yahoo.com/neo/launch?.rand=76uiq793en5b5
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=2&CUI=UN42693976353006826&sspv=SP_FFNSP06&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\users\barbara\appdata\roaming\mozilla\firefox\profiles\xylfs8oa.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\barbara\appdata\roaming\mozilla\firefox\profiles\xylfs8oa.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-24 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-24 175176]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-8-22 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-8-22 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-8-22 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-8-22 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-5-26 46808]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-23 370688]
R3 swg3kser00;Sierra Wireless QMI USB Device for Legacy Serial Communication;c:\windows\system32\drivers\swg3kser00.sys [2012-7-15 215552]
R3 swiwdmbx;Sierra Wireless USB Bus Service;c:\windows\system32\drivers\swiwdmbx.sys [2012-7-15 83968]
R3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2012-7-15 208128]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\alcohol soft\alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-2-21 1153368]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-2-24 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-24 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-1-18 1343400]
S4 ScrybeUpdater;Scrybe Updater;"c:\program files\synaptics\scrybe\service\scrybeupdater.exe" -t2 --> c:\program files\synaptics\scrybe\service\ScrybeUpdater.exe [?]
.
=============== Created Last 30 ================
.
2013-06-28 14:45:15 -------- d-----r- c:\users\barbara\Dropbox
2013-06-28 14:42:48 -------- d-----w- c:\users\barbara\appdata\roaming\Dropbox
2013-06-28 14:00:42 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
2013-06-28 14:00:42 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
2013-06-28 14:00:42 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
2013-06-28 14:00:41 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
2013-06-28 14:00:41 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
2013-06-28 14:00:35 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
2013-06-28 14:00:20 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
2013-06-27 21:42:16 -------- d-----w- c:\users\barbara\appdata\roaming\UoFiddler
2013-06-27 11:52:47 -------- d-----w- c:\program files\iPod
2013-06-27 11:52:44 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-27 11:52:44 -------- d-----w- c:\program files\iTunes
2013-06-19 11:31:07 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M ====================
.
2013-06-27 22:23:25 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-27 22:23:25 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-13 01:48:23 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-13 01:48:17 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-11 19:55:15 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-11 19:55:15 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:59:10 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59:10 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59:09 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58:37 41664 ----a-w- c:\windows\avastSS.scr
2013-05-01 07:59:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-05-01 07:59:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
============= FINISH: 9:40:27.37 ===============
10794
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-02 09:47:16
-----------------------------
09:47:16.961 OS Version: Windows 6.1.7601 Service Pack 1
09:47:16.971 Number of processors: 2 586 0xF0D
09:47:16.971 ComputerName: BARBARA-LAPPY UserName: Barbara
09:47:18.781 Initialize success
09:47:19.230 AVAST engine defs: 13070101
09:47:29.803 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:47:29.813 Disk 0 Vendor: Hitachi_ FBEO Size: 238475MB BusType: 3
09:47:29.993 Disk 0 MBR read successfully
09:47:30.003 Disk 0 MBR scan
09:47:30.013 Disk 0 Windows 7 default MBR code
09:47:30.013 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:47:30.043 Disk 0 Partition 2 00 0C FAT32 LBA MSDOS5.0 15000 MB offset 81920
09:47:30.063 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 223434 MB offset 30801920
09:47:30.083 Disk 0 scanning sectors +488395120
09:47:30.293 Disk 0 scanning C:\Windows\system32\drivers
09:47:44.387 Service scanning
09:48:20.469 Modules scanning
09:48:37.976 Disk 0 MBR has been saved successfully to "C:\Users\Barbara\Desktop\MBR.dat"
09:48:37.979 The log file has been saved successfully to "C:\Users\Barbara\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-02 09:47:16
-----------------------------
09:47:16.961 OS Version: Windows 6.1.7601 Service Pack 1
09:47:16.971 Number of processors: 2 586 0xF0D
09:47:16.971 ComputerName: BARBARA-LAPPY UserName: Barbara
09:47:18.781 Initialize success
09:47:19.230 AVAST engine defs: 13070101
09:47:29.803 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:47:29.813 Disk 0 Vendor: Hitachi_ FBEO Size: 238475MB BusType: 3
09:47:29.993 Disk 0 MBR read successfully
09:47:30.003 Disk 0 MBR scan
09:47:30.013 Disk 0 Windows 7 default MBR code
09:47:30.013 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:47:30.043 Disk 0 Partition 2 00 0C FAT32 LBA MSDOS5.0 15000 MB offset 81920
09:47:30.063 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 223434 MB offset 30801920
09:47:30.083 Disk 0 scanning sectors +488395120
09:47:30.293 Disk 0 scanning C:\Windows\system32\drivers
09:47:44.387 Service scanning
09:48:20.469 Modules scanning
09:48:37.976 Disk 0 MBR has been saved successfully to "C:\Users\Barbara\Desktop\MBR.dat"
09:48:37.979 The log file has been saved successfully to "C:\Users\Barbara\Desktop\aswMBR.txt"
09:49:07.209 Disk 0 trace - called modules:
09:49:07.299 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys sptd.sys halmacpi.dll
09:49:07.319 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x882af8f8]
09:49:07.339 3 CLASSPNP.SYS[8cbaf59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8644e028]
09:49:08.620 AVAST engine scan C:\Windows
09:49:11.118 AVAST engine scan C:\Windows\system32
09:52:16.375 AVAST engine scan C:\Windows\system32\drivers
09:52:31.326 AVAST engine scan C:\Users\Barbara
09:56:11.496 AVAST engine scan C:\ProgramData
09:57:49.198 Scan finished successfully
10:02:06.926 Disk 0 MBR has been saved successfully to "C:\Users\Barbara\Desktop\MBR.dat"
10:02:06.946 The log file has been saved successfully to "C:\Users\Barbara\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-02 09:47:16
-----------------------------
09:47:16.961 OS Version: Windows 6.1.7601 Service Pack 1
09:47:16.971 Number of processors: 2 586 0xF0D
09:47:16.971 ComputerName: BARBARA-LAPPY UserName: Barbara
09:47:18.781 Initialize success
09:47:19.230 AVAST engine defs: 13070101
09:47:29.803 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:47:29.813 Disk 0 Vendor: Hitachi_ FBEO Size: 238475MB BusType: 3
09:47:29.993 Disk 0 MBR read successfully
09:47:30.003 Disk 0 MBR scan
09:47:30.013 Disk 0 Windows 7 default MBR code
09:47:30.013 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:47:30.043 Disk 0 Partition 2 00 0C FAT32 LBA MSDOS5.0 15000 MB offset 81920
09:47:30.063 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 223434 MB offset 30801920
09:47:30.083 Disk 0 scanning sectors +488395120
09:47:30.293 Disk 0 scanning C:\Windows\system32\drivers
09:47:44.387 Service scanning
09:48:20.469 Modules scanning
09:48:37.976 Disk 0 MBR has been saved successfully to "C:\Users\Barbara\Desktop\MBR.dat"
09:48:37.979 The log file has been saved successfully to "C:\Users\Barbara\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-02 09:47:16
-----------------------------
09:47:16.961 OS Version: Windows 6.1.7601 Service Pack 1
09:47:16.971 Number of processors: 2 586 0xF0D
09:47:16.971 ComputerName: BARBARA-LAPPY UserName: Barbara
09:47:18.781 Initialize success
09:47:19.230 AVAST engine defs: 13070101
09:47:29.803 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:47:29.813 Disk 0 Vendor: Hitachi_ FBEO Size: 238475MB BusType: 3
09:47:29.993 Disk 0 MBR read successfully
09:47:30.003 Disk 0 MBR scan
09:47:30.013 Disk 0 Windows 7 default MBR code
09:47:30.013 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:47:30.043 Disk 0 Partition 2 00 0C FAT32 LBA MSDOS5.0 15000 MB offset 81920
09:47:30.063 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 223434 MB offset 30801920
09:47:30.083 Disk 0 scanning sectors +488395120
09:47:30.293 Disk 0 scanning C:\Windows\system32\drivers
09:47:44.387 Service scanning
09:48:20.469 Modules scanning
09:48:37.976 Disk 0 MBR has been saved successfully to "C:\Users\Barbara\Desktop\MBR.dat"
09:48:37.979 The log file has been saved successfully to "C:\Users\Barbara\Desktop\aswMBR.txt"
09:49:07.209 Disk 0 trace - called modules:
09:49:07.299 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys sptd.sys halmacpi.dll
09:49:07.319 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x882af8f8]
09:49:07.339 3 CLASSPNP.SYS[8cbaf59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8644e028]
09:49:08.620 AVAST engine scan C:\Windows
09:49:11.118 AVAST engine scan C:\Windows\system32
09:52:16.375 AVAST engine scan C:\Windows\system32\drivers
09:52:31.326 AVAST engine scan C:\Users\Barbara
09:56:11.496 AVAST engine scan C:\ProgramData
09:57:49.198 Scan finished successfully
10:02:06.926 Disk 0 MBR has been saved successfully to "C:\Users\Barbara\Desktop\MBR.dat"
10:02:06.946 The log file has been saved successfully to "C:\Users\Barbara\Desktop\aswMBR.txt"
(ps: I researched the Anchor.hss and am I wrong in believing it's my wifi? I ran Spybot in Admin mode.)
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.25.2
Run by Barbara at 9:39:43 on 2013-07-02
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3546.1887 [GMT -4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Synaptics\Scrybe\scrybe.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\Barbara\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Works\WkCalRem.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN36118596272566332&ctid=CT3279141&SSPV=SP_IENSP06
uDefault_Page_URL = hxxp://www.dell.com
uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [PlayNC Launcher] <no file>
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\barbara\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\barbara\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\barbara\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\barbara\appdata\roaming\micros~1\windows\startm~1\programs\startup\wkcalrem.lnk - c:\program files\microsoft works\WkCalRem.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\scrybe.lnk - c:\windows\installer\{13061caa-0284-4f9a-b460-3d4699575b35}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Save video on Savevid.com - c:\program files\savevid\redirect.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{98587456-FA1F-44DB-9F22-291489F7AA69} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{98587456-FA1F-44DB-9F22-291489F7AA69}\142726973773539383 : DHCPNameServer = 192.168.1.1 4.2.2.2
TCP: Interfaces\{98587456-FA1F-44DB-9F22-291489F7AA69}\3574341383 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{DBC2B80B-0FB1-4404-9CE5-036295B93D43} : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\barbara\appdata\roaming\mozilla\firefox\profiles\xylfs8oa.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=3&q={searchTerms}&sspv=SP_FFNSP06&CUI=UN42693976353006826
FF - prefs.js: browser.startup.homepage - hxxp://us-mg4.mail.yahoo.com/neo/launch?.rand=76uiq793en5b5
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=2&CUI=UN42693976353006826&sspv=SP_FFNSP06&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\users\barbara\appdata\roaming\mozilla\firefox\profiles\xylfs8oa.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\barbara\appdata\roaming\mozilla\firefox\profiles\xylfs8oa.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-24 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-24 175176]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-8-22 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-8-22 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-8-22 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-8-22 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-5-26 46808]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-23 370688]
R3 swg3kser00;Sierra Wireless QMI USB Device for Legacy Serial Communication;c:\windows\system32\drivers\swg3kser00.sys [2012-7-15 215552]
R3 swiwdmbx;Sierra Wireless USB Bus Service;c:\windows\system32\drivers\swiwdmbx.sys [2012-7-15 83968]
R3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2012-7-15 208128]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\alcohol soft\alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-2-21 1153368]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-2-24 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-24 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-1-18 1343400]
S4 ScrybeUpdater;Scrybe Updater;"c:\program files\synaptics\scrybe\service\scrybeupdater.exe" -t2 --> c:\program files\synaptics\scrybe\service\ScrybeUpdater.exe [?]
.
=============== Created Last 30 ================
.
2013-06-28 14:45:15 -------- d-----r- c:\users\barbara\Dropbox
2013-06-28 14:42:48 -------- d-----w- c:\users\barbara\appdata\roaming\Dropbox
2013-06-28 14:00:42 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
2013-06-28 14:00:42 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
2013-06-28 14:00:42 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
2013-06-28 14:00:41 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
2013-06-28 14:00:41 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
2013-06-28 14:00:35 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
2013-06-28 14:00:20 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
2013-06-27 21:42:16 -------- d-----w- c:\users\barbara\appdata\roaming\UoFiddler
2013-06-27 11:52:47 -------- d-----w- c:\program files\iPod
2013-06-27 11:52:44 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-27 11:52:44 -------- d-----w- c:\program files\iTunes
2013-06-19 11:31:07 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M ====================
.
2013-06-27 22:23:25 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-27 22:23:25 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-13 01:48:23 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-13 01:48:17 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-11 19:55:15 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-11 19:55:15 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:59:10 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59:10 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59:09 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58:37 41664 ----a-w- c:\windows\avastSS.scr
2013-05-01 07:59:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-05-01 07:59:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
============= FINISH: 9:40:27.37 ===============
10794
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-02 09:47:16
-----------------------------
09:47:16.961 OS Version: Windows 6.1.7601 Service Pack 1
09:47:16.971 Number of processors: 2 586 0xF0D
09:47:16.971 ComputerName: BARBARA-LAPPY UserName: Barbara
09:47:18.781 Initialize success
09:47:19.230 AVAST engine defs: 13070101
09:47:29.803 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:47:29.813 Disk 0 Vendor: Hitachi_ FBEO Size: 238475MB BusType: 3
09:47:29.993 Disk 0 MBR read successfully
09:47:30.003 Disk 0 MBR scan
09:47:30.013 Disk 0 Windows 7 default MBR code
09:47:30.013 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:47:30.043 Disk 0 Partition 2 00 0C FAT32 LBA MSDOS5.0 15000 MB offset 81920
09:47:30.063 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 223434 MB offset 30801920
09:47:30.083 Disk 0 scanning sectors +488395120
09:47:30.293 Disk 0 scanning C:\Windows\system32\drivers
09:47:44.387 Service scanning
09:48:20.469 Modules scanning
09:48:37.976 Disk 0 MBR has been saved successfully to "C:\Users\Barbara\Desktop\MBR.dat"
09:48:37.979 The log file has been saved successfully to "C:\Users\Barbara\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-02 09:47:16
-----------------------------
09:47:16.961 OS Version: Windows 6.1.7601 Service Pack 1
09:47:16.971 Number of processors: 2 586 0xF0D
09:47:16.971 ComputerName: BARBARA-LAPPY UserName: Barbara
09:47:18.781 Initialize success
09:47:19.230 AVAST engine defs: 13070101
09:47:29.803 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:47:29.813 Disk 0 Vendor: Hitachi_ FBEO Size: 238475MB BusType: 3
09:47:29.993 Disk 0 MBR read successfully
09:47:30.003 Disk 0 MBR scan
09:47:30.013 Disk 0 Windows 7 default MBR code
09:47:30.013 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:47:30.043 Disk 0 Partition 2 00 0C FAT32 LBA MSDOS5.0 15000 MB offset 81920
09:47:30.063 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 223434 MB offset 30801920
09:47:30.083 Disk 0 scanning sectors +488395120
09:47:30.293 Disk 0 scanning C:\Windows\system32\drivers
09:47:44.387 Service scanning
09:48:20.469 Modules scanning
09:48:37.976 Disk 0 MBR has been saved successfully to "C:\Users\Barbara\Desktop\MBR.dat"
09:48:37.979 The log file has been saved successfully to "C:\Users\Barbara\Desktop\aswMBR.txt"
09:49:07.209 Disk 0 trace - called modules:
09:49:07.299 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys sptd.sys halmacpi.dll
09:49:07.319 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x882af8f8]
09:49:07.339 3 CLASSPNP.SYS[8cbaf59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8644e028]
09:49:08.620 AVAST engine scan C:\Windows
09:49:11.118 AVAST engine scan C:\Windows\system32
09:52:16.375 AVAST engine scan C:\Windows\system32\drivers
09:52:31.326 AVAST engine scan C:\Users\Barbara
09:56:11.496 AVAST engine scan C:\ProgramData
09:57:49.198 Scan finished successfully
10:02:06.926 Disk 0 MBR has been saved successfully to "C:\Users\Barbara\Desktop\MBR.dat"
10:02:06.946 The log file has been saved successfully to "C:\Users\Barbara\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-02 09:47:16
-----------------------------
09:47:16.961 OS Version: Windows 6.1.7601 Service Pack 1
09:47:16.971 Number of processors: 2 586 0xF0D
09:47:16.971 ComputerName: BARBARA-LAPPY UserName: Barbara
09:47:18.781 Initialize success
09:47:19.230 AVAST engine defs: 13070101
09:47:29.803 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:47:29.813 Disk 0 Vendor: Hitachi_ FBEO Size: 238475MB BusType: 3
09:47:29.993 Disk 0 MBR read successfully
09:47:30.003 Disk 0 MBR scan
09:47:30.013 Disk 0 Windows 7 default MBR code
09:47:30.013 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:47:30.043 Disk 0 Partition 2 00 0C FAT32 LBA MSDOS5.0 15000 MB offset 81920
09:47:30.063 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 223434 MB offset 30801920
09:47:30.083 Disk 0 scanning sectors +488395120
09:47:30.293 Disk 0 scanning C:\Windows\system32\drivers
09:47:44.387 Service scanning
09:48:20.469 Modules scanning
09:48:37.976 Disk 0 MBR has been saved successfully to "C:\Users\Barbara\Desktop\MBR.dat"
09:48:37.979 The log file has been saved successfully to "C:\Users\Barbara\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-02 09:47:16
-----------------------------
09:47:16.961 OS Version: Windows 6.1.7601 Service Pack 1
09:47:16.971 Number of processors: 2 586 0xF0D
09:47:16.971 ComputerName: BARBARA-LAPPY UserName: Barbara
09:47:18.781 Initialize success
09:47:19.230 AVAST engine defs: 13070101
09:47:29.803 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:47:29.813 Disk 0 Vendor: Hitachi_ FBEO Size: 238475MB BusType: 3
09:47:29.993 Disk 0 MBR read successfully
09:47:30.003 Disk 0 MBR scan
09:47:30.013 Disk 0 Windows 7 default MBR code
09:47:30.013 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
09:47:30.043 Disk 0 Partition 2 00 0C FAT32 LBA MSDOS5.0 15000 MB offset 81920
09:47:30.063 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 223434 MB offset 30801920
09:47:30.083 Disk 0 scanning sectors +488395120
09:47:30.293 Disk 0 scanning C:\Windows\system32\drivers
09:47:44.387 Service scanning
09:48:20.469 Modules scanning
09:48:37.976 Disk 0 MBR has been saved successfully to "C:\Users\Barbara\Desktop\MBR.dat"
09:48:37.979 The log file has been saved successfully to "C:\Users\Barbara\Desktop\aswMBR.txt"
09:49:07.209 Disk 0 trace - called modules:
09:49:07.299 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys sptd.sys halmacpi.dll
09:49:07.319 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x882af8f8]
09:49:07.339 3 CLASSPNP.SYS[8cbaf59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8644e028]
09:49:08.620 AVAST engine scan C:\Windows
09:49:11.118 AVAST engine scan C:\Windows\system32
09:52:16.375 AVAST engine scan C:\Windows\system32\drivers
09:52:31.326 AVAST engine scan C:\Users\Barbara
09:56:11.496 AVAST engine scan C:\ProgramData
09:57:49.198 Scan finished successfully
10:02:06.926 Disk 0 MBR has been saved successfully to "C:\Users\Barbara\Desktop\MBR.dat"
10:02:06.946 The log file has been saved successfully to "C:\Users\Barbara\Desktop\aswMBR.txt"