aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-05-20 17:52:45 ----------------------------- 17:52:45.318 OS Version: Windows 6.0.6002 Service Pack 2 17:52:45.318 Number of processors: 2 586 0x4303 17:52:45.318 ComputerName: ______ UserName: ______ 17:52:58.984 Initialize success 17:55:50.163 AVAST engine defs: 12052001 17:56:01.535 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 17:56:01.535 Disk 0 Vendor: ST3320620AS 3.AAE Size: 305245MB BusType: 3 17:56:01.535 Disk 0 MBR read successfully 17:56:01.551 Disk 0 MBR scan 17:56:01.551 Disk 0 Windows VISTA default MBR code 17:56:01.582 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 256000 MB offset 2048 17:56:01.597 Disk 0 Partition 2 00 0C FAT32 LBA MSDOS5.0 32768 MB offset 524290048 17:56:01.644 Disk 0 scanning sectors +591398912 17:56:01.691 Disk 0 scanning C:\Windows\system32\drivers 17:56:05.217 File: C:\Windows\system32\drivers\afd.sys **INFECTED** Win32:Sirefef-WL [Rtk] 17:56:16.714 Disk 0 trace - called modules: 17:56:16.807 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x85e1dfd0]<< 17:56:16.823 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85651490] 17:56:16.823 3 CLASSPNP.SYS[887a48b3] -> nt!IofCallDriver -> [0x85d87340] 17:56:16.839 \Driver\00001592[0x85d87478] -> IRP_MJ_CREATE -> 0x85e1dfd0 17:56:17.681 AVAST engine scan C:\Windows 17:56:21.706 AVAST engine scan C:\Windows\system32 17:56:22.361 File: C:\Windows\system32\acedrv05.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:56:23.001 File: C:\Windows\system32\adsexpb.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:56:23.640 File: C:\Windows\system32\alertservice.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:56:27.556 File: C:\Windows\system32\avg7core.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:56:28.585 File: C:\Windows\system32\bcm4sbxp.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:56:31.393 File: C:\Windows\system32\ccproxy.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:56:33.375 File: C:\Windows\system32\cicsclient.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:56:38.460 File: C:\Windows\system32\ctprxy2k.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:56:44.903 File: C:\Windows\system32\DgiVecp.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:56:52.563 File: C:\Windows\system32\entech.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:56:52.656 File: C:\Windows\system32\epson_pm_rpcv4_01.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:56:53.218 File: C:\Windows\system32\EU3_USB.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:56:53.857 File: C:\Windows\system32\ezplay.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:05.557 File: C:\Windows\system32\incdsrv.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:07.383 File: C:\Windows\system32\ipssvc.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:08.599 File: C:\Windows\system32\iwebmsg.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:09.052 File: C:\Windows\system32\JRAID.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:13.607 File: C:\Windows\system32\L8042mou.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:15.276 File: C:\Windows\system32\lvpr2mon.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:33.247 File: C:\Windows\system32\netbt.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:35.946 File: C:\Windows\system32\ni_nic.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:45.509 File: C:\Windows\system32\nsm1mdfl.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:50.111 File: C:\Windows\system32\oracleorahomeclientcache.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:51.078 File: C:\Windows\system32\Pcatip.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:51.281 File: C:\Windows\system32\pccsmcfd.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:52.857 File: C:\Windows\system32\pinger.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:57:58.878 File: C:\Windows\system32\QWAVEDRV.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:02.685 File: C:\Windows\system32\rismxdp.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:04.650 File: C:\Windows\system32\s117obex.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:04.775 File: C:\Windows\system32\s616bus.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:05.118 File: C:\Windows\system32\sansaservice.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:06.865 File: C:\Windows\system32\SE2Emdfl.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:06.975 File: C:\Windows\system32\se45mdfl.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:10.407 File: C:\Windows\system32\slssvc.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:11.826 File: C:\Windows\system32\speakerphone.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:12.419 File: C:\Windows\system32\sptisrv.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:14.291 File: C:\Windows\system32\SRTSPL.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:15.321 File: C:\Windows\system32\STV672.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:15.976 File: C:\Windows\system32\symdns.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:21.405 File: C:\Windows\system32\transcode360.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:22.200 File: C:\Windows\system32\tunnelguardservice.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:25.305 File: C:\Windows\system32\usbio.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:25.507 File: C:\Windows\system32\USB_RNDIS_XP.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:25.757 File: C:\Windows\system32\useraccess7.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:26.085 File: C:\Windows\system32\usnjsvc.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:28.503 File: C:\Windows\system32\vpnva.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:28.737 File: C:\Windows\system32\vsapint.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:44.711 File: C:\Windows\system32\xnacc.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:45.756 File: C:\Windows\system32\ZD1211BU(ZyDAS).dll **INFECTED** Win32:Sirefef-SM [Trj] 17:58:45.912 File: C:\Windows\system32\zebrmdfl.dll **INFECTED** Win32:Sirefef-SM [Trj] 17:59:25.864 AVAST engine scan C:\Windows\system32\drivers 17:59:29.389 File: C:\Windows\system32\drivers\afd.sys **INFECTED** Win32:Sirefef-WL [Rtk] 17:59:46.737 AVAST engine scan C:\Users\Yegor 18:43:51.925 AVAST engine scan C:\ProgramData 18:48:03.959 Scan finished successfully 19:28:19.759 Disk 0 MBR has been saved successfully to "C:\Users\Yegor\Desktop\MBR.dat" 19:28:19.759 The log file has been saved successfully to "C:\Users\Yegor\Desktop\aswMBR.txt"