hgtsbsd
2013-11-28, 00:31
My PC and symptoms
-------------------
PC running Windows XP Professional with 2GB RAM.
Installed are: Spybot-SD v2.2; Avast! Antivirus (free version); and Spyblaster v5.
Symptoms
-------------------
Slow program initial-loads; slow internet browse. Spybot-SD (free version) scan revealed about 58 issues of which 55 fixed but 3 issues resisted Spybot-SD fixing. Subsequents scans reveal a varying number of issues ranging from 3 to 14 which when fixed by SpybotSD reduces to 3.
I also have Avast! Antivirus (free version) and Spyblaster installed.
I ran ERUNT as advised to save a backup copy of my registry.
DDS & aswMBR sca logs are pasted or attached below; as requested:
+++++++++++++++++++++++++++++++++++
dds.txt (per dds.scr)
----------------------------------------------
DDS (Ver_2012-11-20.01) - FAT32_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.45.2
Run by hgt at 21:54:52 on 2013-11-27
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1919.1346 [GMT 0:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SMSERIAL] c:\windows\sm56hlpr.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [ATKMEDIA] c:\program files\asus\atk media\DMEDIA.EXE
mRun: [ACMON] c:\program files\asus\splendid\ACMON.exe
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AvastUI.exe] "c:\program files\alwil software\avast5\AvastUI.exe" /nogui
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [20131121] c:\program files\alwil software\avast5\setup\emupdate\c50108c9-60e3-44be-9c25-24e35766ab11.exe /check
StartupFolder: c:\docume~1\hgt\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: SDWinLogon - SDWinLogon.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\hgt\application data\mozilla\firefox\profiles\so5lu1l5.default-1360493369218\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_152.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-14 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-14 178304]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2010-5-29 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-4-23 403440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-4-23 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-3-14 70384]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-4-23 50344]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-11-20 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-11-20 1042272]
R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [2013-1-18 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [2013-1-18 7808]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-11-20 171416]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-11-19 00:02:10 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-19 00:02:10 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-19 00:02:10 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-19 00:02:10 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-11-19 00:02:08 43152 ----a-w- c:\windows\avastSS.scr
2013-10-13 07:25:38 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:25:08 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-13 07:25:02 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:24:18 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:58:00 385024 ----a-w- c:\windows\system32\html.iec
2013-10-12 15:56:20 278528 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-08 07:50:42 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-08 07:29:36 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-07 10:59:22 603136 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:14:02 7168 ----a-w- c:\windows\system32\xpsp4res.dll
.
============= FINISH: 21:55:32.01 ===============
+++++++++++++++++++++++++++++++++++
NOTE: zipped file of attach.txt (per dds.scr) is attached
------------------------------------------------
+++++++++++++++++++++++++++++
aswMBR.txt
-------------------------------------
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-27 21:57:04
-----------------------------
21:57:04.953 OS Version: Windows 5.1.2600 Service Pack 3
21:57:04.953 Number of processors: 2 586 0xE0C
21:57:04.953 ComputerName: HGTLAPTOP UserName: hgt
21:57:05.390 Initialize success
21:57:09.093 AVAST engine defs: 13112701
21:58:59.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:58:59.984 Disk 0 Vendor: Hitachi_HTS541612J9SA00 SBDOC70P Size: 114473MB BusType: 3
21:59:00.078 Disk 0 MBR read successfully
21:59:00.078 Disk 0 MBR scan
21:59:00.093 Disk 0 Windows XP default MBR code
21:59:00.093 Disk 0 Partition 1 00 1B Hidd FAT32 MSWIN4.1 1906 MB offset 63
21:59:00.109 Disk 0 Partition 2 80 (A) 0C FAT32 LBA MSWIN4.1 46877 MB offset 3903795
21:59:00.125 Disk 0 Partition - 00 0F Extended LBA 65687 MB offset 99908235
21:59:00.156 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 65687 MB offset 99908298
21:59:00.171 Disk 0 scanning sectors +234436545
21:59:00.218 Disk 0 scanning C:\WINDOWS\system32\drivers
21:59:09.609 Service scanning
21:59:22.671 Modules scanning
21:59:28.484 Disk 0 trace - called modules:
21:59:28.531 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:59:28.546 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a5a4ab8]
21:59:28.562 3 CLASSPNP.SYS -> nt!IofCallDriver -> \Device\0000006f[0x8a5aa800]
21:59:28.578 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a575410]
21:59:29.046 AVAST engine scan C:\WINDOWS
21:59:38.546 AVAST engine scan C:\WINDOWS\system32
22:01:30.703 AVAST engine scan C:\WINDOWS\system32\drivers
22:01:44.750 AVAST engine scan C:\Documents and Settings\hgt
22:02:43.015 AVAST engine scan C:\Documents and Settings\All Users
22:03:14.781 Scan finished successfully
22:03:57.734 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\hgt\Desktop\spybotsd_query_data\scan_data_and_other_reports\MBR.dat"
22:03:57.765 The log file has been saved successfully to "C:\Documents and Settings\hgt\Desktop\spybotsd_query_data\scan_data_and_other_reports\aswMBR.txt"
[B]+++ end of scans +++++++++++++++++++
-------------------
PC running Windows XP Professional with 2GB RAM.
Installed are: Spybot-SD v2.2; Avast! Antivirus (free version); and Spyblaster v5.
Symptoms
-------------------
Slow program initial-loads; slow internet browse. Spybot-SD (free version) scan revealed about 58 issues of which 55 fixed but 3 issues resisted Spybot-SD fixing. Subsequents scans reveal a varying number of issues ranging from 3 to 14 which when fixed by SpybotSD reduces to 3.
I also have Avast! Antivirus (free version) and Spyblaster installed.
I ran ERUNT as advised to save a backup copy of my registry.
DDS & aswMBR sca logs are pasted or attached below; as requested:
+++++++++++++++++++++++++++++++++++
dds.txt (per dds.scr)
----------------------------------------------
DDS (Ver_2012-11-20.01) - FAT32_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.45.2
Run by hgt at 21:54:52 on 2013-11-27
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1919.1346 [GMT 0:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SMSERIAL] c:\windows\sm56hlpr.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [ATKMEDIA] c:\program files\asus\atk media\DMEDIA.EXE
mRun: [ACMON] c:\program files\asus\splendid\ACMON.exe
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AvastUI.exe] "c:\program files\alwil software\avast5\AvastUI.exe" /nogui
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRun: [20131121] c:\program files\alwil software\avast5\setup\emupdate\c50108c9-60e3-44be-9c25-24e35766ab11.exe /check
StartupFolder: c:\docume~1\hgt\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: SDWinLogon - SDWinLogon.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\hgt\application data\mozilla\firefox\profiles\so5lu1l5.default-1360493369218\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_152.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-14 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-14 178304]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2010-5-29 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-4-23 403440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-4-23 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-3-14 70384]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-4-23 50344]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-11-20 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-11-20 1042272]
R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [2013-1-18 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [2013-1-18 7808]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-11-20 171416]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-11-19 00:02:10 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-19 00:02:10 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-19 00:02:10 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-19 00:02:10 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-11-19 00:02:08 43152 ----a-w- c:\windows\avastSS.scr
2013-10-13 07:25:38 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:25:08 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-13 07:25:02 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:24:18 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:58:00 385024 ----a-w- c:\windows\system32\html.iec
2013-10-12 15:56:20 278528 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-08 07:50:42 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-08 07:29:36 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-07 10:59:22 603136 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:14:02 7168 ----a-w- c:\windows\system32\xpsp4res.dll
.
============= FINISH: 21:55:32.01 ===============
+++++++++++++++++++++++++++++++++++
NOTE: zipped file of attach.txt (per dds.scr) is attached
------------------------------------------------
+++++++++++++++++++++++++++++
aswMBR.txt
-------------------------------------
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-27 21:57:04
-----------------------------
21:57:04.953 OS Version: Windows 5.1.2600 Service Pack 3
21:57:04.953 Number of processors: 2 586 0xE0C
21:57:04.953 ComputerName: HGTLAPTOP UserName: hgt
21:57:05.390 Initialize success
21:57:09.093 AVAST engine defs: 13112701
21:58:59.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:58:59.984 Disk 0 Vendor: Hitachi_HTS541612J9SA00 SBDOC70P Size: 114473MB BusType: 3
21:59:00.078 Disk 0 MBR read successfully
21:59:00.078 Disk 0 MBR scan
21:59:00.093 Disk 0 Windows XP default MBR code
21:59:00.093 Disk 0 Partition 1 00 1B Hidd FAT32 MSWIN4.1 1906 MB offset 63
21:59:00.109 Disk 0 Partition 2 80 (A) 0C FAT32 LBA MSWIN4.1 46877 MB offset 3903795
21:59:00.125 Disk 0 Partition - 00 0F Extended LBA 65687 MB offset 99908235
21:59:00.156 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 65687 MB offset 99908298
21:59:00.171 Disk 0 scanning sectors +234436545
21:59:00.218 Disk 0 scanning C:\WINDOWS\system32\drivers
21:59:09.609 Service scanning
21:59:22.671 Modules scanning
21:59:28.484 Disk 0 trace - called modules:
21:59:28.531 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:59:28.546 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a5a4ab8]
21:59:28.562 3 CLASSPNP.SYS -> nt!IofCallDriver -> \Device\0000006f[0x8a5aa800]
21:59:28.578 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a575410]
21:59:29.046 AVAST engine scan C:\WINDOWS
21:59:38.546 AVAST engine scan C:\WINDOWS\system32
22:01:30.703 AVAST engine scan C:\WINDOWS\system32\drivers
22:01:44.750 AVAST engine scan C:\Documents and Settings\hgt
22:02:43.015 AVAST engine scan C:\Documents and Settings\All Users
22:03:14.781 Scan finished successfully
22:03:57.734 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\hgt\Desktop\spybotsd_query_data\scan_data_and_other_reports\MBR.dat"
22:03:57.765 The log file has been saved successfully to "C:\Documents and Settings\hgt\Desktop\spybotsd_query_data\scan_data_and_other_reports\aswMBR.txt"
[B]+++ end of scans +++++++++++++++++++