aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software Run date: 2013-01-27 07:46:19 ----------------------------- 07:46:19.562 OS Version: Windows 5.1.2600 Dodatek Service Pack 3 07:46:19.562 Number of processors: 2 586 0xF0D 07:46:19.562 ComputerName: QWER UserName: 07:46:19.984 Initialize success 07:53:20.984 AVAST engine defs: 13013100 08:12:22.671 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 08:12:22.671 Disk 0 Vendor: ST3250310AS 3.AAC Size: 238474MB BusType: 3 08:12:22.687 Disk 0 MBR read successfully 08:12:22.687 Disk 0 MBR scan 08:12:22.812 Disk 0 Windows XP default MBR code 08:12:22.812 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 80372 MB offset 63 08:12:22.812 Disk 0 Partition - 00 0F Extended LBA 158100 MB offset 164601990 08:12:22.828 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 158100 MB offset 164602053 08:12:22.828 Disk 0 scanning sectors +488392065 08:12:22.968 Disk 0 scanning C:\WINDOWS\system32\drivers 08:12:37.234 Service scanning 08:12:51.609 Modules scanning 08:12:55.765 Module: C:\WINDOWS\System32\drivers\dxgthk.sys **SUSPICIOUS** 08:12:56.578 Module: C:\WINDOWS\system32\ntdll.dll **SUSPICIOUS** 08:12:56.578 Disk 0 trace - called modules: 08:12:56.593 ntkrnlpa.exe CLASSPNP.SYS disk.sys xfilt.sys ACPI.sys hal.dll >>UNKNOWN [0x867c65c8]<< 08:12:56.593 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x866d9030] 08:12:56.593 3 CLASSPNP.SYS[f762bfd7] -> nt!IofCallDriver -> [0x867219a0] 08:12:56.593 5 xfilt.sys[f763c026] -> nt!IofCallDriver -> \Device\0000006d[0x86779f18] 08:12:56.593 7 ACPI.sys[f74b1620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86745940] 08:12:56.593 \Driver\atapi[0x866e8460] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0x867c65c8 08:12:57.890 AVAST engine scan C:\WINDOWS 08:13:02.687 AVAST engine scan C:\WINDOWS\system32 08:16:02.281 AVAST engine scan C:\WINDOWS\system32\drivers 08:16:16.000 AVAST engine scan C:\Documents and Settings\Tomek 08:18:49.562 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Tomek\Pulpit\MBR.dat" 08:18:49.593 The log file has been saved successfully to "C:\Documents and Settings\Tomek\Pulpit\aswMBR.txt"