system
5
Aha!! aswMBR says:
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-09-19 21:51:25
21:51:25.812 OS Version: Windows 5.1.2600 Service Pack 3
21:51:25.812 Number of processors: 2 586 0xF0D
21:51:25.812 ComputerName: DR-6SYOQK06ZSJH UserName: dr
21:51:26.281 Initialize success
21:51:26.390 AVAST engine defs: 11091900
21:51:40.875 Disk 0 (boot) \Device\Harddisk0\DR0 → \Device\Ide\IdePort2
21:51:40.875 Disk 0 Vendor: WDC_WD1600AAJS-00PSA0 05.06H05 Size: 152626MB BusType: 3
21:51:40.890 Disk 1 \Device\Harddisk1\DR1 → \Device\Ide\IdeDeviceP3T0L0-19
21:51:40.890 Disk 1 Vendor: ST3120026AS 3.18 Size: 114473MB BusType: 3
21:51:40.890 Device \Device\Ide\IdeDeviceP2T0L0-6 → ??\IDE#DiskWDC_WD1600AAJS-00PSA0___________________05.06H05#5&2932390f&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} not found
21:51:40.890 Device \Driver\atapi → DriverStartIo 86823af1
21:51:42.906 Disk 0 MBR read successfully
21:51:42.906 Disk 0 MBR scan
21:51:42.968 Disk 0 Windows XP default MBR code
21:51:42.968 Disk 0 scanning sectors +312576705
21:51:43.062 Disk 0 scanning C:\WINDOWS\system32\drivers
21:51:58.093 File: C:\WINDOWS\system32\drivers\termdd.sys INFECTED Win32:Alureon-FZ
21:52:00.343 Service scanning
21:52:01.390 Modules scanning
21:52:20.781 Disk 0 trace - called modules:
21:52:20.812 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x86823ecc]<<
21:52:20.812 1 nt!IofCallDriver → \Device\Harddisk0\DR0[0x86ba5ab8]
21:52:20.812 3 CLASSPNP.SYS[f7677fd7] → nt!IofCallDriver → \Device\00000071[0x86b22f18]
21:52:20.828 5 ACPI.sys[f750e620] → nt!IofCallDriver → [0x86b17d98]
21:52:20.828 [0x868d3da0] → IRP_MJ_CREATE → 0x86823ecc
21:52:21.281 AVAST engine scan C:\WINDOWS
21:52:27.156 AVAST engine scan C:\WINDOWS\system32
21:53:45.281 AVAST engine scan C:\WINDOWS\system32\drivers
21:53:55.390 File: C:\WINDOWS\system32\drivers\termdd.sys INFECTED Win32:Alureon-FZ
21:53:57.390 AVAST engine scan C:\Documents and Settings\dr.DR-6SYOQK06ZSJH
21:54:57.000 Disk 0 MBR has been saved successfully to “C:\Documents and Settings\dr.DR-6SYOQK06ZSJH\Desktop\MBR.dat”
21:54:57.000 The log file has been saved successfully to “C:\Documents and Settings\dr.DR-6SYOQK06ZSJH\Desktop\aswMBR.txt”
These are seriously funkly tools! Shall I just Google Alureon-FZ or is there a preferred option? Many thanks