MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows XP Professional Windows Information: Service Pack 3 (build 2600) Logical Drives Mask: 0x0000000c Kernel Drivers (total 138): 0x804D7000 \WINDOWS\system32\ntkrnlpa.exe 0x806E5000 \WINDOWS\system32\hal.dll 0xBA5A8000 \WINDOWS\system32\KDCOM.DLL 0xBA4B8000 \WINDOWS\system32\BOOTVID.dll 0xB9F79000 ACPI.sys 0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS 0xB9F68000 pci.sys 0xBA0A8000 isapnp.sys 0xBA0B8000 MountMgr.sys 0xB9F49000 ftdisk.sys 0xBA5AC000 dmload.sys 0xB9F23000 dmio.sys 0xBA328000 PartMgr.sys 0xBA0C8000 VolSnap.sys 0xB9E6C000 iaStor.sys 0xBA0D8000 disk.sys 0xBA0E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS 0xB9E4C000 fltmgr.sys 0xB9E3A000 sr.sys 0xB9E24000 DRVMCDB.SYS 0xBA0F8000 PxHelp20.sys 0xB9E0D000 KSecDD.sys 0xB9D80000 Ntfs.sys 0xB9D53000 NDIS.sys 0xB9D39000 Mup.sys 0xBA1C8000 \SystemRoot\system32\DRIVERS\intelppm.sys 0xB888A000 \SystemRoot\system32\DRIVERS\nv4_mini.sys 0xB8876000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS 0xB883D000 \SystemRoot\system32\DRIVERS\e1e5132.sys 0xBA3E0000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0xB8819000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0xBA3E8000 \SystemRoot\system32\DRIVERS\usbehci.sys 0xB87F1000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0xB87BD000 \SystemRoot\system32\DRIVERS\HSFHWBS2.sys 0xB879A000 \SystemRoot\system32\DRIVERS\ks.sys 0xB869B000 \SystemRoot\system32\DRIVERS\HSF_DP.sys 0xB85F4000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys 0xBA3F0000 \SystemRoot\System32\Drivers\Modem.SYS 0xBA1E8000 \SystemRoot\system32\DRIVERS\imapi.sys 0xBA5FA000 \SystemRoot\System32\Drivers\DLACDBHM.SYS 0xBA1F8000 \SystemRoot\system32\DRIVERS\cdrom.sys 0xBA208000 \SystemRoot\system32\DRIVERS\redbook.sys 0xBA3F8000 \SystemRoot\system32\DRIVERS\ELacpi.sys 0xBA732000 \SystemRoot\system32\DRIVERS\audstub.sys 0xBA218000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0xB8C01000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0xB85DD000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0xB9381000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0xB9371000 \SystemRoot\system32\DRIVERS\raspptp.sys 0xBA400000 \SystemRoot\system32\DRIVERS\TDI.SYS 0xB85CC000 \SystemRoot\system32\DRIVERS\psched.sys 0xB9361000 \SystemRoot\system32\DRIVERS\msgpc.sys 0xBA408000 \SystemRoot\system32\DRIVERS\ptilink.sys 0xBA410000 \SystemRoot\system32\DRIVERS\raspti.sys 0xB859C000 \SystemRoot\system32\DRIVERS\rdpdr.sys 0xB9351000 \SystemRoot\system32\DRIVERS\termdd.sys 0xBA418000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0xBA420000 \SystemRoot\system32\DRIVERS\mouclass.sys 0xBA5FC000 \SystemRoot\system32\DRIVERS\swenum.sys 0xB853E000 \SystemRoot\system32\DRIVERS\update.sys 0xBA58C000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0xBA590000 \SystemRoot\system32\drivers\MODEMCSA.sys 0xB393E000 \SystemRoot\System32\Drivers\NDProxy.SYS 0xB392E000 \SystemRoot\system32\DRIVERS\usbhub.sys 0xBA5F4000 \SystemRoot\system32\DRIVERS\USBD.SYS 0xB0C60000 \SystemRoot\system32\drivers\sthda.sys 0xB0C3C000 \SystemRoot\system32\drivers\portcls.sys 0xB391E000 \SystemRoot\system32\drivers\drmk.sys 0xB0AE8000 \SystemRoot\system32\drivers\monfilt.sys 0xB406F000 \SystemRoot\System32\Drivers\i2omgmt.SYS 0xB0AC1000 \SystemRoot\system32\DRIVERS\MpFilter.sys 0xB33DC000 \SystemRoot\system32\DRIVERS\hidusb.sys 0xB390E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0xB35B2000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0xBA600000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0xBA6F4000 \SystemRoot\System32\Drivers\Null.SYS 0xBA602000 \SystemRoot\System32\Drivers\Beep.SYS 0xB35A2000 \SystemRoot\System32\Drivers\DLARTL_N.SYS 0xB33D8000 \??\C:\WINDOWS\System32\Drivers\Elhid.sys 0xB359A000 \SystemRoot\System32\drivers\vga.sys 0xBA604000 \SystemRoot\System32\Drivers\mnmdd.SYS 0xBA606000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0xB3592000 \SystemRoot\System32\Drivers\Msfs.SYS 0xB358A000 \SystemRoot\System32\Drivers\Npfs.SYS 0xB335E000 \SystemRoot\system32\DRIVERS\rasacd.sys 0xB0A8E000 \SystemRoot\system32\DRIVERS\ipsec.sys 0xB0A35000 \SystemRoot\system32\DRIVERS\tcpip.sys 0xB0A0D000 \SystemRoot\system32\DRIVERS\netbt.sys 0xB09EB000 \SystemRoot\System32\drivers\afd.sys 0xB371E000 \SystemRoot\system32\DRIVERS\netbios.sys 0xB09C0000 \SystemRoot\system32\DRIVERS\rdbss.sys 0xB0950000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0xB36FE000 \SystemRoot\System32\Drivers\Fips.SYS 0xB092A000 \SystemRoot\system32\DRIVERS\ipnat.sys 0xB36EE000 \SystemRoot\system32\DRIVERS\wanarp.sys 0xAA5DE000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0xAA432000 \SystemRoot\system32\DRIVERS\mouhid.sys 0xAB919000 \??\C:\WINDOWS\System32\Drivers\Elmou.sys 0xAA345000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0xAB917000 \??\C:\WINDOWS\System32\Drivers\Elkbd.sys 0xA905C000 \SystemRoot\system32\DRIVERS\lvuvc.sys 0xAAA3C000 \??\C:\WINDOWS\System32\Drivers\Elmon.sys 0xAA65E000 \SystemRoot\system32\drivers\usbaudio.sys 0xA9016000 \SystemRoot\system32\DRIVERS\lvrs.sys 0xAA63E000 \SystemRoot\System32\Drivers\Cdfs.SYS 0xA8F5F000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0xBF800000 \SystemRoot\System32\win32k.sys 0xA9ED7000 \SystemRoot\System32\drivers\Dxapi.sys 0xB3430000 \SystemRoot\System32\watchdog.sys 0xBF000000 \SystemRoot\System32\drivers\dxg.sys 0xB3874000 \SystemRoot\System32\drivers\dxgthk.sys 0xBF012000 \SystemRoot\System32\nv4_disp.dll 0xBF3CF000 \SystemRoot\System32\ATMFD.DLL 0xBA564000 \??\C:\WINDOWS\system32\drivers\mbam.sys 0xB34F6000 \SystemRoot\System32\Drivers\DRVNDDM.SYS 0xBA7BD000 \SystemRoot\System32\DLA\DLADResN.SYS 0xA87E8000 \SystemRoot\System32\DLA\DLAIFS_M.SYS 0xB9CC8000 \SystemRoot\System32\DLA\DLAOPIOM.SYS 0xAA0F0000 \SystemRoot\System32\DLA\DLAPoolM.SYS 0xBA478000 \SystemRoot\System32\DLA\DLABOIOM.SYS 0xA87D0000 \SystemRoot\System32\DLA\DLAUDFAM.SYS 0xA87BA000 \SystemRoot\System32\DLA\DLAUDF_M.SYS 0xB63E0000 \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys 0xB3632000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0xA7F2D000 \SystemRoot\system32\drivers\wdmaud.sys 0xA9C6E000 \SystemRoot\system32\drivers\sysaudio.sys 0xA7EB8000 \SystemRoot\system32\drivers\ctusfsyn.sys 0xA7E88000 \SystemRoot\system32\DRIVERS\ctoss2k.sys 0xA7E62000 \SystemRoot\system32\DRIVERS\ctsfm2k.sys 0xA79B6000 \SystemRoot\system32\DRIVERS\mrxdav.sys 0xAB927000 \SystemRoot\System32\Drivers\ASCTRM.SYS 0xA7885000 \SystemRoot\System32\Drivers\HTTP.sys 0xA7805000 \SystemRoot\system32\DRIVERS\srv.sys 0xA7875000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys 0xAB91D000 \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys 0xA7315000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys 0xB3D88000 \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{774839C1-F82B-47D8-8DB4-F91ED8AAD1C5}\MpKsl544c1fdb.sys 0x7C900000 \WINDOWS\system32\ntdll.dll Processes (total 64): 0 System Idle Process 4 System 652 C:\WINDOWS\system32\smss.exe 704 csrss.exe 728 C:\WINDOWS\system32\winlogon.exe 772 C:\WINDOWS\system32\services.exe 784 C:\WINDOWS\system32\lsass.exe 980 C:\WINDOWS\system32\svchost.exe 1048 svchost.exe 1144 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe 1180 C:\WINDOWS\system32\svchost.exe 1248 svchost.exe 1384 svchost.exe 1600 C:\WINDOWS\system32\brsvc01a.exe 1616 C:\WINDOWS\system32\brss01a.exe 1624 C:\WINDOWS\system32\spoolsv.exe 1692 C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe 1868 C:\WINDOWS\explorer.exe 1980 C:\WINDOWS\ehome\ehtray.exe 2008 C:\WINDOWS\stsystra.exe 2016 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 2024 C:\Program Files\Dell\Media Experience\DMXLauncher.exe 2032 C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe 2040 C:\WINDOWS\system32\rundll32.exe 244 C:\Program Files\Creative\VoiceCenter\AndreaVC.exe 248 C:\WINDOWS\system32\DLA\DLACTRLW.EXE 280 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe 292 C:\DOCUME~1\TERRIW~1\LOCALS~1\temp\clclean.0001 364 C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe 388 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe 484 C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe 504 C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe 520 C:\Program Files\Microsoft Security Client\msseces.exe 580 C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe 584 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe 176 C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe 1088 C:\Program Files\Dell Support\DSAgnt.exe 1264 C:\WINDOWS\system32\ctfmon.exe 1364 C:\Program Files\Digital Line Detect\DLG.exe 1496 svchost.exe 496 C:\WINDOWS\system32\Brmfrmps.exe 1680 C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe 832 C:\WINDOWS\system32\CTSVCCDA.EXE 1084 C:\WINDOWS\ehome\ehrecvr.exe 1108 C:\WINDOWS\ehome\ehSched.exe 1256 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe 1224 C:\Program Files\Java\jre6\bin\jqs.exe 1504 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 2236 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 2264 C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe 2300 C:\WINDOWS\system32\nvsvc32.exe 2328 C:\Program Files\Microsoft\BingBar\SeaPort.EXE 2812 svchost.exe 2868 C:\WINDOWS\system32\svchost.exe 2984 mcrdsvc.exe 3112 C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\ELService.exe 3312 C:\Program Files\Canon\CAL\CALMAIN.exe 3696 C:\WINDOWS\system32\dllhost.exe 3996 alg.exe 2676 C:\WINDOWS\ehome\ehmsas.exe 3852 C:\WINDOWS\system32\svchost.exe 2100 C:\Program Files\Mozilla Firefox\firefox.exe 2704 C:\Program Files\Mozilla Firefox\plugin-container.exe 1724 C:\Documents and Settings\Terri Ward\Desktop\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`036e8e00 (NTFS) PhysicalDrive0 Model Number: ST3250824AS, Rev: 3.ADJ Size Device Name MBR Status -------------------------------------------- 232 GB \\.\PhysicalDrive0 Unknown MBR code SHA1: BF118E4CFC2D7C7489A85AC7AD11D2A979F74824 Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Done!