aswMBR version 0.9.8.977 Copyright(c) 2011 AVAST Software
Run date: 2011-07-28 02:52:15
02:52:15.742 OS Version: Windows 6.1.7601 Service Pack 1
02:52:15.742 Number of processors: 2 586 0x170A
02:52:15.744 ComputerName: TOIMOI-PC UserName: ToiMoi
02:52:27.677 Initialize success
02:52:28.886 AVAST engine defs: 11072701
02:52:47.486 Disk 0 (boot) \Device\Harddisk0\DR0 → \Device\Ide\IdeDeviceP0T0L0-0
02:52:47.487 Disk 0 Vendor: WDC_WD6400AAKS-65A7B0 01.03B01 Size: 610480MB BusType: 3
02:52:47.510 Disk 0 MBR read successfully
02:52:47.512 Disk 0 MBR scan
02:52:47.514 Disk 0 Windows 7 default MBR code
02:52:47.519 Disk 0 scanning sectors +1250260992
02:52:47.601 Disk 0 scanning C:\Windows\system32\drivers
02:53:03.087 Service scanning
02:53:04.162 Service sptd C:\Windows\System32\Drivers\sptd.sys LOCKED 32
02:53:04.816 Modules scanning
02:53:12.999 Disk 0 trace - called modules:
02:53:13.016 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x84e651f8]<<
02:53:13.019 1 nt!IofCallDriver → \Device\Harddisk0\DR0[0x85c6e030]
02:53:13.022 3 CLASSPNP.SYS[8937a59e] → nt!IofCallDriver → [0x85b9c348]
02:53:13.026 5 ACPI.sys[88e173d4] → nt!IofCallDriver → \Device\Ide\IdeDeviceP0T0L0-0[0x84ead908]
02:53:13.030 \Driver\atapi[0x85b7cf38] → IRP_MJ_CREATE → 0x84e651f8
02:53:14.034 AVAST engine scan C:\Windows
02:53:16.534 AVAST engine scan C:\Windows\system32
02:54:33.705 AVAST engine scan C:\Windows\system32\drivers
02:54:43.089 AVAST engine scan C:\Users\ToiMoi
02:55:53.319 AVAST engine scan C:\ProgramData
02:56:47.615 Scan finished successfully
02:57:33.246 Disk 0 MBR has been saved successfully to “C:\Users\ToiMoi\Desktop\MBR.dat”
02:57:33.252 The log file has been saved successfully to “C:\Users\ToiMoi\Desktop\aswMBR.txt”
Any idea what it is? 02:53:13.016 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x84e651f8]<<
Tnx for ur time.
wekcome to the forum. i would suggest you do a svan with malwarebytes antimalware as afirst step.
http://www.filehippo.com/download_malwarebytes_anti_malware/
download install and do a scan, don’t forget to remove what it finds, and a sysytem reboot might be necessary.
second upload that file aswMBr flagging to virustotal.com and post the rsult here.
http://www.virustotal.com/
good luck and let us know one the progress.
Basically if you use system imaging tools or you have a recovery sector this may be why you see it
The file halmacpi.dll has been developed to function under UMR Desktop System Preparation (Sysprep) Tool and Sysprep Hardware Abstraction Layers. These dual Syspreps are central in building the image of a system.
The file halmacpi.dll is related to the usage of the Microsoft Developer Network (MSDN) Library with Operating Systems. The MSDN Library is the de jure resource for developers that use Microsoft products, tools and technologies. It contains full developer support in the form of programming information, including sample codes, documentation, technical articles, dictionary tables, and chart guides.
A part of the module halmacpi.dll’s filename is derived from the acronym HAL standing for Hardware Abstraction Layer. HAL also works as a software project that allows desktop applications on an operating system to readily access hardware information. With this function, hardware can be located and used regardless of the bus or device type. To optimize the performance of the file halmacpi.dll, this file should be registered first into the computer system. This can be done through the use of programs geared to perform the said task or through keying in the proper commands in the run or command window.
Advanced Configuration and Power Interface (ACPI) establishes industry-standard interfaces that enable OS-directed configuration, power management, and thermal management of mobile, desktop, and server platforms. The said parts are required to perform computer generated system deployment that utilizes an ACPI Multiprocessor PC integrated with aforementioned ACPI and HAL. This triggered the need and creation of the file halmacpi.dll.
Malware bytes antimalware full scan 1.51.1.1800.—>pc clear
Avast 6.0.1203 boot scan with full rootkit scan ---->pc clear
Hitman pro 3.5 127—>pc clear
Comodo cleaning essensials full scan with mbr enabled scan—>pc clear
Superantispyware full scan 4.55.1000----> pc clear
Spybot search and destroy 1.6.2 full scan—>pc clear
tdss killer—> only sptd driver from alcohol 120%
The only imaging tool i have is Alcohol 120%.
Or a leftover from returnil.
Are you experiencing any problems ?
No just for curiosity. Because i Havent see this again.
Btu thnx for the information u gave to me.
I can see no apparent malware there and a lack of symptoms would indicate you are OK