Results 1 to 10 of 10

Thread: MBR with PhysicalDrive0

  1. #1
    Junior Member vinholanda's Avatar
    Join Date
    Jul 2013
    Posts
    6

    Default MBR with PhysicalDrive0

    Hi tashi!
    I'm having the same problem that My3Angelz. I did a quick rootkit scan too and SD detected MBR: PhysicalDrive0. I've tried to fix this by myself only reading the posts. But I'm not a specialist and I didn't do a backup of my files, so, I'm afraid to do something wrong. Please could you assist me? Thanks a lot!
    These are my S&D logs of rootkit scan:

    Rootkit Quick Scan log:

    RootAlyzer Quick Scan Results

    Files in Windows folder
    ----------------------------------------
    114 files were tested.
    No hidden files detected.
    ========================================

    Files in System folder
    ----------------------------------------
    2424 files were tested.
    No hidden files detected.
    ========================================

    Global run entries
    ----------------------------------------

    No hidden entries detected.
    ========================================

    Winlogon entries
    ----------------------------------------

    No hidden entries detected.
    ========================================

    Invisible processes (from handles)
    ----------------------------------------
    0 handle process IDs for 120 processes.
    No hidden processes detected.
    ========================================

    Invisible processes (from threads)
    ----------------------------------------
    120 processes tested.
    No hidden processes detected.
    ========================================

    Master Boot Records
    ----------------------------------------
    1 MBRs checked.
    Unkown MBRs: PhysicalDrive0
    PhysicalDrive0
    ========================================

    ..............................................................................................................





    The Root Alyzer log:



    // info: Rootkit removal help file
    // copyright: (c) 2008-2013 Safer-Networking Ltd. All rights reserved.

    :: RootAlyzer Results
    File:"Unknown ADS","D:\Backups\Imagens\Xurras e otras\MOV06223.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Cam Leilane\MOV04597.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Cam Leilane\MOV04674.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Cam Leilane\MOV04675.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Cam Leilane\MOV04689.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Cam Leilane\MOV04706.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Cam Leilane\MOV04707.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Acampamento\MOV06522.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Acampamento\MOV06523.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Acampamento\MOV06526.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Acampamento\MOV06537.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Acampamento\MOV06538.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Acampamento\MOV06544.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Acampamento\MOV06545.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\Acampamento\MOV06546.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\31-3-2008\MOV05754.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\31-3-2008\MOV05892.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\31-3-2008\MOV05893.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\31-3-2008\MOV05901.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\31-3-2008\MOV05902.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\21-10-2008(1)\MOV06370.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\21-10-2008(1)\MOV06372.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\21-10-2008\MOV05892.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\21-10-2008\MOV05902.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\21-10-2008\MOV06090.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\21-10-2008\MOV06223.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\21-10-2008\MOV06307.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\21-10-2008\MOV06309.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\21-10-2008\MOV06314.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\21-10-2008\MOV06315.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\21-10-2008\MOV06316.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\15-02-2009\MOV06522.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\15-02-2009\MOV06523.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\15-02-2009\MOV06526.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\15-02-2009\MOV06537.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\15-02-2009\MOV06538.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\15-02-2009\MOV06544.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\15-02-2009\MOV06545.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\15-02-2009\MOV06546.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Imagens\15-02-2009\MOV06586.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Xurras e otras\MOV06223.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Cam Leilane\MOV04597.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Cam Leilane\MOV04674.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Cam Leilane\MOV04675.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Cam Leilane\MOV04689.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Cam Leilane\MOV04706.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Cam Leilane\MOV04707.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Acampamento\MOV06522.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Acampamento\MOV06523.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Acampamento\MOV06526.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Acampamento\MOV06537.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Acampamento\MOV06538.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Acampamento\MOV06544.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Acampamento\MOV06545.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\Acampamento\MOV06546.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\31-3-2008\MOV05754.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\31-3-2008\MOV05892.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\31-3-2008\MOV05893.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\31-3-2008\MOV05901.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\31-3-2008\MOV05902.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\21-10-2008(1)\MOV06370.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\21-10-2008(1)\MOV06372.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\21-10-2008\MOV05892.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\21-10-2008\MOV05902.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\21-10-2008\MOV06090.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\21-10-2008\MOV06223.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\21-10-2008\MOV06307.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\21-10-2008\MOV06309.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\21-10-2008\MOV06314.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\21-10-2008\MOV06315.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\21-10-2008\MOV06316.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\15-02-2009\MOV06522.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\15-02-2009\MOV06523.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\15-02-2009\MOV06526.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\15-02-2009\MOV06537.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\15-02-2009\MOV06538.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\15-02-2009\MOV06544.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\15-02-2009\MOV06545.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\15-02-2009\MOV06546.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","D:\Backups\Documentos\Minhas imagens\15-02-2009\MOV06586.MPG:TOC.WMV:$DATA"
    File:"No admin in ACL","C:\Windows\SysWOW64\58D2E81569.sys"
    File:"No admin in ACL","C:\Windows\SysWOW64\KGyGaAvL.sys"
    File:"No admin in ACL","C:\Windows\System32\58D2E81569.sys"
    File:"No admin in ACL","C:\Windows\System32\KGyGaAvL.sys"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Xurras e otras\MOV06223.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Cam Leilane\MOV04597.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Cam Leilane\MOV04674.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Cam Leilane\MOV04675.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Cam Leilane\MOV04689.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Cam Leilane\MOV04706.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Cam Leilane\MOV04707.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Acampamento\MOV06522.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Acampamento\MOV06523.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Acampamento\MOV06526.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Acampamento\MOV06537.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Acampamento\MOV06538.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Acampamento\MOV06544.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Acampamento\MOV06545.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\Acampamento\MOV06546.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\31-3-2008\MOV05754.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\31-3-2008\MOV05892.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\31-3-2008\MOV05893.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\31-3-2008\MOV05901.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\31-3-2008\MOV05902.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\21-10-2008(1)\MOV06370.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\21-10-2008(1)\MOV06372.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\21-10-2008\MOV05892.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\21-10-2008\MOV05902.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\21-10-2008\MOV06090.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\21-10-2008\MOV06223.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\21-10-2008\MOV06307.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\21-10-2008\MOV06309.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\21-10-2008\MOV06314.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\21-10-2008\MOV06315.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\21-10-2008\MOV06316.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\15-02-2009\MOV06522.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\15-02-2009\MOV06523.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\15-02-2009\MOV06526.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\15-02-2009\MOV06537.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\15-02-2009\MOV06538.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\15-02-2009\MOV06544.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\15-02-2009\MOV06545.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\15-02-2009\MOV06546.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Pictures\15-02-2009\MOV06586.MPG:TOC.WMV:$DATA"
    File:"Unknown ADS","C:\Users\Vinícius\Favorites\Downloads\SkypeSetupFull.exe:ZONE.IDENTIFIER:$DATA"
    File:"No admin in ACL","C:\Users\Todos os Usuários\Real\setup\config.ini"
    File:"No admin in ACL","C:\Users\Todos os Usuários\LG Software\LG Smart Share\subtitles"
    File:"Unknown ADS","C:\Users\Todos os Usuários\AVG2013\Chjw\4c92873192871f18.dat:c5272721-b041-4f0e-9e56-f5041ed6a83a:$DATA"
    File:"Unknown ADS","C:\Users\Todos os Usuários\AVG2013\Chjw\8884366784365840.dat:17d90527-9dc9-4b5b-8812-404eac8d5010:$DATA"
    File:"Unknown ADS","C:\Users\Todos os Usuários\AVG2013\Chjw\8884366784365840.dat:7d939d40-d366-4046-9020-d11e1b36db63:$DATA"
    File:"Unknown ADS","C:\Users\Todos os Usuários\AVG2013\Chjw\acd88ad0d88a986a.dat:1e6db47c-5599-4448-8647-8a352de6e507:$DATA"
    File:"Unknown ADS","C:\Users\Todos os Usuários\AVG2013\Chjw\ea0c9fac0c9f71f5.dat:6648c82e-a3ee-402f-bc68-3066551bae17:$DATA"
    File:"Unknown ADS","C:\Users\Todos os Usuários\AVG2013\Chjw\ea0c9fac0c9f71f5.dat:6daf8e38-71e0-474c-b988-462a61232874:$DATA"
    File:"Unknown ADS","C:\Users\Todos os Usuários\AVG2013\Chjw\ea0c9fac0c9f71f5.dat:f51f0a77-20a7-4c33-99f8-592f8ef56277:$DATA"
    File:"No admin in ACL","C:\Users\All Users\Real\setup\config.ini"
    File:"No admin in ACL","C:\Users\All Users\LG Software\LG Smart Share\subtitles"
    File:"Unknown ADS","C:\Users\All Users\AVG2013\Chjw\4c92873192871f18.dat:c5272721-b041-4f0e-9e56-f5041ed6a83a:$DATA"
    File:"Unknown ADS","C:\Users\All Users\AVG2013\Chjw\8884366784365840.dat:17d90527-9dc9-4b5b-8812-404eac8d5010:$DATA"
    File:"Unknown ADS","C:\Users\All Users\AVG2013\Chjw\8884366784365840.dat:7d939d40-d366-4046-9020-d11e1b36db63:$DATA"
    File:"Unknown ADS","C:\Users\All Users\AVG2013\Chjw\acd88ad0d88a986a.dat:1e6db47c-5599-4448-8647-8a352de6e507:$DATA"
    File:"Unknown ADS","C:\Users\All Users\AVG2013\Chjw\ea0c9fac0c9f71f5.dat:6648c82e-a3ee-402f-bc68-3066551bae17:$DATA"
    File:"Unknown ADS","C:\Users\All Users\AVG2013\Chjw\ea0c9fac0c9f71f5.dat:6daf8e38-71e0-474c-b988-462a61232874:$DATA"
    File:"Unknown ADS","C:\Users\All Users\AVG2013\Chjw\ea0c9fac0c9f71f5.dat:f51f0a77-20a7-4c33-99f8-592f8ef56277:$DATA"
    File:"No admin in ACL","C:\ProgramData\Real\setup\config.ini"
    File:"No admin in ACL","C:\ProgramData\LG Software\LG Smart Share\subtitles"
    File:"Unknown ADS","C:\ProgramData\AVG2013\Chjw\4c92873192871f18.dat:c5272721-b041-4f0e-9e56-f5041ed6a83a:$DATA"
    File:"Unknown ADS","C:\ProgramData\AVG2013\Chjw\8884366784365840.dat:17d90527-9dc9-4b5b-8812-404eac8d5010:$DATA"
    File:"Unknown ADS","C:\ProgramData\AVG2013\Chjw\8884366784365840.dat:7d939d40-d366-4046-9020-d11e1b36db63:$DATA"
    File:"Unknown ADS","C:\ProgramData\AVG2013\Chjw\acd88ad0d88a986a.dat:1e6db47c-5599-4448-8647-8a352de6e507:$DATA"
    File:"Unknown ADS","C:\ProgramData\AVG2013\Chjw\ea0c9fac0c9f71f5.dat:6648c82e-a3ee-402f-bc68-3066551bae17:$DATA"
    File:"Unknown ADS","C:\ProgramData\AVG2013\Chjw\ea0c9fac0c9f71f5.dat:6daf8e38-71e0-474c-b988-462a61232874:$DATA"
    File:"Unknown ADS","C:\ProgramData\AVG2013\Chjw\ea0c9fac0c9f71f5.dat:f51f0a77-20a7-4c33-99f8-592f8ef56277:$DATA"
    RegyValue:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\","Flyout"
    RegyValue:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Wow6432Node\Microsoft\Security Center\","Svc"





    I've ran aswMBR and it found a unknown mbr code! Here's the log:

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-07-10 03:41:43
    -----------------------------
    03:41:43.600 OS Version: Windows x64 6.1.7601 Service Pack 1
    03:41:43.600 Number of processors: 4 586 0x3A09
    03:41:43.601 ComputerName: VINÍCIUS-PC UserName: Vinícius
    03:41:43.744 Initialze error 1
    03:41:56.179 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    03:41:56.182 Disk 0 Vendor: TOSHIBA_ AX00 Size: 476940MB BusType: 3
    03:41:56.217 Disk 0 MBR read successfully
    03:41:56.220 Disk 0 MBR scan
    03:41:56.224 Disk 0 unknown MBR code
    03:41:56.238 Disk 0 Partition 1 00 EE GPT 476940 MB offset 1
    03:41:56.243 Disk 0 scanning C:\Windows\system32\drivers
    03:41:56.247 Service scanning
    03:41:56.811 Modules scanning
    03:41:56.816 Disk 0 trace - called modules:
    03:41:56.822 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
    03:41:56.827 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80065b3790]
    03:41:56.833 3 CLASSPNP.SYS[fffff88001cec43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80065b2050]
    03:41:56.838 Scan finished successfully
    03:54:57.524 Disk 0 MBR has been saved successfully to "C:\Users\Vinícius\Desktop\MBR.dat"
    03:54:57.531 The log file has been saved successfully to "C:\Users\Vinícius\Desktop\aswMBR.txt"

  2. #2
    Junior Member vinholanda's Avatar
    Join Date
    Jul 2013
    Posts
    6

    Default My trouble

    My trouble is that the start up is very slow, taking about two minutes to get into windows, and more time to load desktop. AVG and Avira didn't found anything, just Microsoft Security Essentials found Adware:Win32/OpenCandy that now is fixed, but the S&D keeps finding MBR: PhysicalDrive0

    Thanks
    Last edited by tashi; 2013-07-10 at 20:25. Reason: Split off to own topic

  3. #3
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,460

    Default

    Hello vinholanda,

    Quote Originally Posted by vinholanda View Post
    but the S&D keeps finding MBR: PhysicalDrive0
    Quote Originally Posted by Yodama View Post
    Hello the "unknown" MBR above is not necessarily malicious. In fact it is most likely not malicious. An unknown MBR just means that RootAlyzer does not know this pattern, this can have various reasons, for instance usage of a bootloader.
    In general all items found by the RootAlyzer are not necessarily malicious. The RootAlyzer shows items which it believes to be out of the ordinary and may give a hint for an infection.
    The RootAlyzer is an analyst tool, it is not a scan and fix tool like the System or File Scan.
    From: http://forums.spybot.info/showthread...l=1#post442397

    Quote Originally Posted by vinholanda View Post
    My trouble is that the start up is very slow, taking about two minutes to get into windows, and more time to load desktop. AVG and Avira didn't found anything, just Microsoft Security Essentials found Adware:Win32/OpenCandy that now is fixed,
    You mention three anti virus programs, do you have all three installed on the computer?

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  4. #4
    Junior Member vinholanda's Avatar
    Join Date
    Jul 2013
    Posts
    6

    Default

    Hi tashi!

    No more now.. just AVG and Microsoft Security Essentials.

  5. #5
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,460

    Default

    Hi vinholanda,
    Quote Originally Posted by vinholanda View Post
    No more now.. just AVG and Microsoft Security Essentials.
    Usually anti virus software will either warn a user when they try to install a second AV or prevent the installation.

    Rule of thumb is one anti virus program resident to avoid conflicts, loss of program efficiency and system lock up due to both software products attempting to access the same file at the same time.

    Having more than one resident can cause system performance problems and a serious system slowdown.

    Quote Originally Posted by vinholanda View Post
    My trouble is that the start up is very slow, taking about two minutes to get into windows, and more time to load desktop.


    Hope that helps.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  6. #6
    Junior Member vinholanda's Avatar
    Join Date
    Jul 2013
    Posts
    6

    Default

    Quote Originally Posted by tashi View Post
    Hi vinholanda,


    Usually anti virus software will either warn a user when they try to install a second AV or prevent the installation.

    Rule of thumb is one anti virus program resident to avoid conflicts, loss of program efficiency and system lock up due to both software products attempting to access the same file at the same time.

    Having more than one resident can cause system performance problems and a serious system slowdown.



    Hope that helps.
    Hi atashi,

    that's not may case, cause I've just installed Microsoft Security Essentials after my troubles! I usually use just AVG, and suddenly my laptop began to take a long time to starting up, and after this, the desktop freezes for a while and just then my icons appears. My laptop is new, with Windowns 7 Home Premium, and anyone of many antivírus that I've used have fixed this problem that didn't exists one day before! Please help me with this!

  7. #7
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,460

    Default

    Hello vinholanda,
    Quote Originally Posted by vinholanda View Post
    that's not may case, cause I've just installed Microsoft Security Essentials after my troubles! I usually use just AVG, and suddenly my laptop began to take a long time to starting up, and after this, the desktop freezes for a while and just then my icons appears. My laptop is new, with Windowns 7 Home Premium, and anyone of many antivírus that I've used have fixed this problem that didn't exists one day before!
    Quote Originally Posted by vinholanda View Post
    My trouble is that the start up is very slow, taking about two minutes to get into windows, and more time to load desktop. AVG and Avira didn't found anything, just Microsoft Security Essentials
    Quote Originally Posted by vinholanda View Post
    No more now.. just AVG and Microsoft Security Essentials.
    How many anti virus programs are installed?

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  8. #8
    Junior Member vinholanda's Avatar
    Join Date
    Jul 2013
    Posts
    6

    Default

    Quote Originally Posted by tashi View Post
    Hello vinholanda,

    Quote Originally Posted by vinholanda View Post
    that's not may case, cause I've just installed Microsoft Security Essentials after my troubles! I usually use just AVG, and suddenly my laptop began to take a long time to starting up, and after this, the desktop freezes for a while and just then my icons appears. My laptop is new, with Windowns 7 Home Premium, and anyone of many antivírus that I've used have fixed this problem that didn't exists one day before!
    Quote Originally Posted by vinholanda View Post
    My trouble is that the start up is very slow, taking about two minutes to get into windows, and more time to load desktop. AVG and Avira didn't found anything, just Microsoft Security Essentials
    Quote Originally Posted by vinholanda View Post
    No more now.. just AVG and Microsoft Security Essentials.

    How many anti virus programs are installed?

    Best regards.
    Only AVG!

  9. #9
    Junior Member vinholanda's Avatar
    Join Date
    Jul 2013
    Posts
    6

    Default

    Quote Originally Posted by vinholanda View Post
    Only AVG!
    Please tashi, help me to fix this problem? :(

    It's getting worse, and an eternity to start my laptop.. I don't know what to do..

    Thank you

  10. #10
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,460

    Default

    Hello vinholanda,

    For someone to take a look at the system please start a topic in the Malware Removal Forum and a volunteer analyst will advise when available.

    First see that forum's FAQ which also includes instructions in post #2 on how to provide DDS and aswMBR logs, which are used in the preliminary analysis.
    http://forums.spybot.info/showthread.php?t=288

    Also provide a link to this topic.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •