Author Topic: aswMBR Rootkit Removal tool  (Read 20117 times)

Offline ragweed

  • Jr. Member
  • **
  • Posts: 35
    • Personal Message (Offline)
aswMBR Rootkit Removal tool
« on: November 22, 2011, 03:44:23 PM »
I downloaded the tool from here aswMBR public.Avast.com~gmerek/aswMBR.html .. My question is this an official download site? Thanks!

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21689
  • Gender: Male
    • Personal Message (Offline)
Re: aswMBR Rootkit Removal tool
« Reply #1 on: November 22, 2011, 03:58:42 PM »
That`s where we dowload it   ;)

-http://public.avast.com/~gmerek/aswMBR.htm
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69210
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: aswMBR Rootkit Removal tool
« Reply #2 on: November 22, 2011, 04:13:16 PM »
It is being downloaded from the avast site, that is the public space for the designer of the GMER anti-rootkit, who works for avast now and is the developer/designer of aswMBR.exe. So the -http://public.avast.com/~gmerek/aswMBR.exe is the correct download location.

I have answered your question, now I have one, what was your reason to download aswMBR.exe ?

It isn't the sort of tool you should be running as a routine measure but for a reason and generally only when it is suggested as part of a malware analysis/removal process.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Offline ragweed

  • Jr. Member
  • **
  • Posts: 35
    • Personal Message (Offline)
Re: aswMBR Rootkit Removal tool
« Reply #3 on: November 22, 2011, 04:20:50 PM »
This might sound crazy but, I just wanted to try it out to see if it found anything! It only found disk 0 unknown MBR code.I didn't fix it though.

Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69210
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: aswMBR Rootkit Removal tool
« Reply #4 on: November 22, 2011, 05:07:07 PM »
This is general advice and not specifically for you:
That is why it shouldn't be used unless recommended and then only under advice from someone experienced in its use and the information it produces.

It could seriously impact on your system should you chose options were you don't know what the impact might be.

The unknown MBR could mean more than one thing and not always malicious. It could be an indication that malware has modified the MBR code, but you would likely be experiencing other symptoms. Perhaps more commonly this could be because of the system that you have, Dell, Acer, etc. where they have got a manufacturers recovery console and recovery partition.

To achieve that they have to customise the MBR record, if anyone chose Fix in this instance they would be wiping that custom MBR code and would lose access to that recovery console.

So care has to be exercised when using tools such as these as that may return information which could be incorrectly acted on.
« Last Edit: November 22, 2011, 05:08:56 PM by DavidR »
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now