RogueKiller detects Root.MBR

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Wizzlbang, Sep 8, 2012.

  1. Wizzlbang

    Wizzlbang Private E-2

    So Roguekiller is consistently alerting me about a Root.MBR infection, but TDSSKiller and HitmanPro can't seem to find anything.

    TDSSKiller found two threads and removed them (Which Norton deemed a threat blocked only after they were quarantined, some help you are norton) But after a reboot it found no further infections. Stupidly, I didn't save the log here. However roguekiller is still alerting me to this infection. When I try to Fix MBR on RogueKiller, it just says 'Unable to fix MBR: 0x1

    So yeah, TDSSKiller says everything is fine, and HitmanPro is only finding tracking cookies. What's the deal here? Is there anything I can do?

    I'm attaching the logs here.
     

    Attached Files:

  2. thisisu

    thisisu Malware Consultant

    Welcome to MajorGeeks, Wizzlbang !

    RogueKiller could be reporting an issue that doesn't exist. What actual malware problems are you experiencing?

    Can you attach the rest of your logs from the Read and Run Me First?
     
  3. Wizzlbang

    Wizzlbang Private E-2

    My computer's been slowing lately, and there's a soft rattly sound coming from my hard drive, but I've chalked these up to run-of-the-mill impending hard drive failure. And I've also been getting a lot more infections than usual, which I read is something Rootkits tend to do.

    Unfortunately I've also just restored this computer to factory settings after reading that it's the only way to get rid of an MBR Rootkit, so I don't have the original reports, but after reinstalling roguekiller I got the same results.

    Here's a more recent roguekiller report and a recent malwarebytes scan. anything else you need to assess whether or not this is an actual problem? Seems like I've had nothing but problems with this laptop since I got it.
     

    Attached Files:

  4. thisisu

    thisisu Malware Consultant

    Yeah.. false detection. It happens... RogueKiller's MBR scanner is kind of a bonus / experimental feature.

    TDSSKiller and HitmanPro are both better suited for MBR infections but I don't think you had one.

    [​IMG] Please download aswMBR to your desktop.
    • Double-click aswMBR.exe to run (Vista/7 right-click and select Run as Administrator)
    • Select Yes when asked "Would you like to download latest Avast! virus definitions?"
    • Click the [Scan] button.
    • On completion of the scan click [Save log], save it to your desktop. Then zip up and and attach the log and MBR.dat to your next message. (How to attach)
     
  5. Wizzlbang

    Wizzlbang Private E-2

    ok, here it is. Thanks for your time.:)
     

    Attached Files:

    • MBR.zip
      File size:
      1.6 KB
      Views:
      11
  6. thisisu

    thisisu Malware Consultant

    I don't think you have anything to worry about malware wise. The computer's slowness could be caused by a hardware problem as you already suspect.
     
  7. Wizzlbang

    Wizzlbang Private E-2

    That's a load off my mind. Thank you for your time!
     
  8. thisisu

    thisisu Malware Consultant

    No problem. Be safe :)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds