MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows XP Professional Windows Information: Service Pack 3 (build 2600) Logical Drives Mask: 0x000001fc Kernel Drivers (total 139): 0x804D7000 \WINDOWS\system32\ntkrnlpa.exe 0x806D1000 \WINDOWS\system32\hal.dll 0xBA5A8000 \WINDOWS\system32\KDCOM.DLL 0xBA4B8000 \WINDOWS\system32\BOOTVID.dll 0xB9F79000 ACPI.sys 0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS 0xB9F68000 pci.sys 0xBA0A8000 isapnp.sys 0xBA0B8000 ohci1394.sys 0xBA0C8000 \WINDOWS\system32\DRIVERS\1394BUS.SYS 0xBA670000 pciide.sys 0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS 0xBA5AC000 viaide.sys 0xBA5AE000 intelide.sys 0xBA0D8000 MountMgr.sys 0xB9F49000 ftdisk.sys 0xBA5B0000 dmload.sys 0xB9F23000 dmio.sys 0xBA330000 PartMgr.sys 0xBA0E8000 VolSnap.sys 0xB9E4E000 iaStor.sys 0xB9E36000 atapi.sys 0xB9DF3000 ftsata2.sys 0xB9DDB000 \WINDOWS\system32\DRIVERS\SCSIPORT.SYS 0xBA0F8000 disk.sys 0xBA108000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS 0xB9DBB000 fltmgr.sys 0xB9D64000 SYMDS.SYS 0xB9D52000 sr.sys 0xB9C71000 SYMEFA.SYS 0xBA118000 bb-run.sys 0xBA128000 PxHelp20.sys 0xB9C5A000 KSecDD.sys 0xB9BCD000 Ntfs.sys 0xB9BA0000 NDIS.sys 0xB9B86000 Mup.sys 0xBA208000 \SystemRoot\system32\DRIVERS\AmdK8.sys 0xBA388000 \SystemRoot\system32\DRIVERS\aracpi.sys 0xB9171000 \SystemRoot\system32\DRIVERS\nv4_mini.sys 0xB915D000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS 0xBA398000 \SystemRoot\system32\DRIVERS\usbohci.sys 0xB9139000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0xBA3A0000 \SystemRoot\system32\DRIVERS\usbehci.sys 0xBA218000 \SystemRoot\system32\DRIVERS\imapi.sys 0xBA228000 \SystemRoot\system32\DRIVERS\cdrom.sys 0xBA238000 \SystemRoot\system32\DRIVERS\redbook.sys 0xB9116000 \SystemRoot\system32\DRIVERS\ks.sys 0xBA3A8000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys 0xB9090000 \SystemRoot\system32\DRIVERS\A3AB.sys 0xB904B000 \SystemRoot\system32\DRIVERS\HSXHWBS2.sys 0xB8F54000 \SystemRoot\system32\DRIVERS\HSX_DP.sys 0xB8E9E000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys 0xBA3B0000 \SystemRoot\System32\Drivers\Modem.SYS 0xB8E76000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0xBA59C000 \SystemRoot\system32\DRIVERS\nvnetbus.sys 0xB8E2B000 \SystemRoot\system32\DRIVERS\NVNRM.SYS 0xB8DF4000 \SystemRoot\system32\DRIVERS\NVSNPU.SYS 0xBA248000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0xBA3B8000 \SystemRoot\system32\DRIVERS\mouclass.sys 0xBA5E4000 \SystemRoot\system32\DRIVERS\armoucfltr.sys 0xBA3C0000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0xBA5E6000 \SystemRoot\system32\DRIVERS\arkbcfltr.sys 0xBA5A0000 \SystemRoot\system32\DRIVERS\arpolicy.sys 0xBA6CB000 \SystemRoot\system32\DRIVERS\audstub.sys 0xBA258000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0xBA5A4000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0xB8DB5000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0xBA268000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0xBA278000 \SystemRoot\system32\DRIVERS\raspptp.sys 0xBA3C8000 \SystemRoot\system32\DRIVERS\TDI.SYS 0xB8DA4000 \SystemRoot\system32\DRIVERS\psched.sys 0xBA288000 \SystemRoot\system32\DRIVERS\msgpc.sys 0xBA3D0000 \SystemRoot\system32\DRIVERS\ptilink.sys 0xBA3D8000 \SystemRoot\system32\DRIVERS\raspti.sys 0xB8D74000 \SystemRoot\system32\DRIVERS\rdpdr.sys 0xBA298000 \SystemRoot\system32\DRIVERS\termdd.sys 0xBA5E8000 \SystemRoot\system32\DRIVERS\swenum.sys 0xB8D16000 \SystemRoot\system32\DRIVERS\update.sys 0xB9B4A000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0xBA2A8000 \SystemRoot\System32\Drivers\NDProxy.SYS 0xBA2B8000 \SystemRoot\system32\DRIVERS\usbhub.sys 0xBA5EA000 \SystemRoot\system32\DRIVERS\USBD.SYS 0xBA2C8000 \SystemRoot\system32\DRIVERS\NVENETFD.sys 0xB6243000 \SystemRoot\system32\drivers\RtkHDAud.sys 0xB621F000 \SystemRoot\system32\drivers\portcls.sys 0xBA2F8000 \SystemRoot\system32\drivers\drmk.sys 0xB61D3000 \SystemRoot\system32\drivers\NIS\1302000.00A\ccSetx86.sys 0xB61AC000 \SystemRoot\system32\drivers\NIS\1302000.00A\Ironx86.SYS 0xBA5F4000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0xBA7A9000 \SystemRoot\System32\Drivers\Null.SYS 0xBA5F6000 \SystemRoot\System32\Drivers\Beep.SYS 0xBA410000 \SystemRoot\System32\drivers\vga.sys 0xBA5F8000 \SystemRoot\System32\Drivers\mnmdd.SYS 0xBA5FA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0xBA418000 \SystemRoot\System32\Drivers\Msfs.SYS 0xBA420000 \SystemRoot\System32\Drivers\Npfs.SYS 0xB8DE8000 \SystemRoot\system32\DRIVERS\rasacd.sys 0xB6179000 \SystemRoot\system32\DRIVERS\ipsec.sys 0xB6120000 \SystemRoot\system32\DRIVERS\tcpip.sys 0xB60C3000 \SystemRoot\System32\Drivers\NIS\1302000.00A\SYMTDI.SYS 0xB609D000 \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 0xB604F000 \SystemRoot\system32\DRIVERS\ipnat.sys 0xBA308000 \SystemRoot\system32\DRIVERS\wanarp.sys 0xB5FCC000 \SystemRoot\system32\DRIVERS\netbt.sys 0xB5FAA000 \SystemRoot\System32\drivers\afd.sys 0xBA318000 \SystemRoot\system32\DRIVERS\netbios.sys 0xBA168000 \SystemRoot\system32\drivers\NIS\1302000.00A\SRTSPX.SYS 0xB5F7F000 \SystemRoot\system32\DRIVERS\rdbss.sys 0xB5F0F000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0xBA178000 \SystemRoot\System32\Drivers\Fips.SYS 0xB5E11000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 0xB5DF3000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 0xB5D27000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111123.001\BHDrvx86.sys 0xB5CDB000 \SystemRoot\System32\Drivers\Fastfat.SYS 0xBA440000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS 0xB5CC3000 \SystemRoot\System32\Drivers\dump_atapi.sys 0xBA5FC000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS 0xBF800000 \SystemRoot\System32\win32k.sys 0xB8CBA000 \SystemRoot\System32\drivers\Dxapi.sys 0xBA448000 \SystemRoot\System32\watchdog.sys 0xBF000000 \SystemRoot\System32\drivers\dxg.sys 0xBA776000 \SystemRoot\System32\drivers\dxgthk.sys 0xBF012000 \SystemRoot\System32\nv4_disp.dll 0xBF3D8000 \SystemRoot\System32\ATMFD.DLL 0xB54BF000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0xB49EE000 \SystemRoot\system32\drivers\wdmaud.sys 0xB53BB000 \SystemRoot\system32\drivers\sysaudio.sys 0xB48AB000 \SystemRoot\system32\DRIVERS\mrxdav.sys 0xB477A000 \SystemRoot\System32\Drivers\HTTP.sys 0xB4632000 \SystemRoot\system32\DRIVERS\srv.sys 0xB476A000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys 0xB40CA000 \SystemRoot\System32\Drivers\Cdfs.SYS 0xB3D3A000 \SystemRoot\system32\DRIVERS\psi_mf.sys 0xB2DF9000 \SystemRoot\System32\Drivers\NIS\1302000.00A\SRTSP.SYS 0xB1D24000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111210.001\IDSxpx86.sys 0xB1706000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111213.002\NAVEX15.SYS 0xB16F2000 \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111213.002\NAVENG.SYS 0xB16C7000 \SystemRoot\system32\drivers\kmixer.sys 0x7C900000 \WINDOWS\system32\ntdll.dll Processes (total 63): 0 System Idle Process 4 System 676 C:\WINDOWS\system32\smss.exe 740 csrss.exe 764 C:\WINDOWS\system32\winlogon.exe 808 C:\WINDOWS\system32\services.exe 820 C:\WINDOWS\system32\lsass.exe 980 C:\WINDOWS\system32\svchost.exe 1040 svchost.exe 1184 C:\WINDOWS\system32\svchost.exe 1332 svchost.exe 1492 svchost.exe 1620 C:\WINDOWS\explorer.exe 1860 C:\WINDOWS\system32\spoolsv.exe 528 svchost.exe 560 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 588 C:\WINDOWS\arservice.exe 648 C:\Program Files\Bonjour\mDNSResponder.exe 1444 C:\WINDOWS\ehome\ehrecvr.exe 1480 C:\WINDOWS\ehome\ehSched.exe 1692 C:\Program Files\Java\jre6\bin\jqs.exe 1792 C:\Program Files\Common Files\LightScribe\LSSrvc.exe 192 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 732 C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe 1108 C:\WINDOWS\system32\nvsvc32.exe 1152 C:\Program Files\Secunia\PSI\psia.exe 784 C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe 1980 svchost.exe 2060 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe 2212 C:\WINDOWS\system32\searchindexer.exe 2316 mcrdsvc.exe 2616 C:\WINDOWS\system32\dllhost.exe 3132 alg.exe 4064 C:\WINDOWS\system32\svchost.exe 1552 C:\WINDOWS\ehome\ehtray.exe 468 C:\WINDOWS\arpwrmsg.exe 144 C:\Program Files\DISC\DISCover.exe 824 C:\WINDOWS\ehome\ehmsas.exe 1076 C:\Program Files\DISC\DISCUpdMgr.exe 1348 C:\WINDOWS\RTHDCPL.EXE 2104 wmiprvse.exe 2192 C:\Program Files\Common Files\Java\Java Update\jusched.exe 1704 C:\Program Files\iTunes\iTunesHelper.exe 2820 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe 2836 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe 2852 C:\WINDOWS\system32\ctfmon.exe 2708 C:\Program Files\Messenger\msmsgs.exe 3028 C:\Program Files\Secunia\PSI\psi_tray.exe 3036 C:\Program Files\Windows Desktop Search\WindowsSearch.exe 3360 C:\Program Files\iPod\bin\iPodService.exe 3904 C:\Program Files\DISC\DiscStreamHub.exe 1564 C:\Program Files\Secunia\PSI\sua.exe 3536 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe 4016 C:\WINDOWS\system\hpsysdrv.exe 1956 wmiprvse.exe 3068 C:\Program Files\Internet Explorer\iexplore.exe 2728 C:\Program Files\Internet Explorer\iexplore.exe 5684 C:\Program Files\Internet Explorer\iexplore.exe 436 C:\WINDOWS\system32\searchprotocolhost.exe 5148 searchfilterhost.exe 3116 C:\Program Files\Internet Explorer\iexplore.exe 5736 C:\WINDOWS\system32\searchprotocolhost.exe 3652 C:\Documents and Settings\Compaq_Administrator\Desktop\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000019`e3e41e00 (FAT32) PhysicalDrive0 Model Number: ST3120213AS, Rev: 3.AHH Size Device Name MBR Status -------------------------------------------- 111 GB \\.\PhysicalDrive0 Legit MBR code detected SHA1: F75A10171F7488C11BA9A98CEC3D186D7A8D3972 Done!