View Full Version : 1 MBR: PhysicalDrive0 detected, how do I remove?

2013-05-28, 22:55
Hi, I did a quick rootkit scan and SD detected MBR: PhysicalDrive0. I then did a deep scan and nothing came up. I'm at a loss on how to remove this from my laptop. Could you please assist me on how to do this?

Thank You

2013-05-28, 23:18
Hello My3Angelz,

Your attached text is not showing the results, is there more? :)

// info: Rootkit removal help file
// copyright: (c) 2008-2013 Safer-Networking Ltd. All rights reserved.

:: RootAlyzer Results

Best regards.

2013-05-28, 23:48
I'm so sorry, I don't think I fully understand how to use the Reports section in SpyBot SD.

2013-05-29, 02:52
Hello My3Angelz,

I then did a deep scan and nothing came up.

OK. :) How is the computer running, any issues you've noticed?

The RootAlyzer log is usually stored here: C:\ProgramData\Spybot - Search & Destroy\Logs

Best regards.

2013-05-29, 06:44
My computer runs slow, will freeze up, says "not responding", and will blue screen (kernel memory dump) maybe once every few weeks or so. I did clean out other unwanted items last week and have seen a bit of a speed up. I'm just concerned about the MBR thing that the rootkit scan found. I looked at the report and it still keeps saying the same info as the first report that I posted. Here's another one, hope it is something that will help.

2013-05-29, 11:08

I'm sorry, but that is not the RootAlyzer.log , that is the Checks.log.

Best regards
Team Spybot

2013-05-31, 16:47
I understand that was the check log. My RootAlyzer.log is showing exactly like the first one I posted. No matter how many times I run the scan and get the report, it's blank.

2013-05-31, 20:31
Hello My3Angelz,

For someone to take a look at the system please start a topic in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) and a volunteer analyst will advise when available. :)

First see that forum's FAQ which also includes instructions in post #2 on how to provide DDS and aswMBR logs, which are used in the preliminary analysis.

Best regards.