Consumer Products > Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier)
Unknown MBR code
DavidR:
OK, this will probably take more analysis as you are on a 64bit OS version so care has to be taken not to try fixing the MBR or you could have an expensive paper weight.
Other than the unknown MBR code, which is likely to be because you have an HP system, is that correct ?
If so it has a recovery partition and a recovery console, in order to access them HP is likely to have a custom MBR code, hence the unknown MBR code line. So you don't want to touch that or you would no longer have access to this recovery partition or recovery console.
So other than your case of paranoia mentioned in your first post are you experiencing any symptoms (strange occurrences, etc.) ?
If you can open the avast chest (avastUI, Maintenance, Virus Chest) and right click on the file that was detected as MBR:Alureon [Rtk] and select Properties. What was the original file name and the location where it was found ?
Pony_Girl:
Well, I have today read elsewhere that the "unknown MBR code" thing is fairly common with both Dell and HP computers (I'm HP, don't like Dell). But I just wanted to know for sure and seek advice from people more knowledgeable on this stuff than myself due to the problems I was having before I made this thread.
No, didn't try the "Fix MBR" option on the aswMBR scan. Myself and the member here who helped me (you know who you are, thank you thank you again :) ) both decided that we should try other things and see how it went first - and it went pretty well I think (no symptoms or any trouble, nothing odd, not that I've noticed anyway) so we left it at that without doing the "Fix MBR" thing. I made this thread here at the suggestion of the member I already mentioned.
Original file name: MBR.dat
Original folder: C:\Users\Admin\Documents
Size of file: 512
Category: Infected files
Virus description: MBR:Alureon [Rtk]
File ID: 10
DavidR:
Well I would say you have nothing to worry about as what is being detected is the data file created by the aswMBR.exe scan, it produces the mbr.dat file (which is effectively a copy of the MBR) and when you save the scan the aswMBR.txt file.
So because the mbr.dat is a copy of the MBR and in this case since it is a non-standard MBR avast is having a bit of a fit on it.
Now that it is in the chest it shouldn't be an issue, though having recently run aswMBR.exe again there would be another copy of the mbr.dat file, so be aware of that. Now that we have determined why it is an unknown mbr code you can actually delete any mbr.dat file on your desktop or C:\Users\Admin\Documents, etc.
@@@@
Looking back on your log and the location this was found, C:\Users\Admin\Documents it means you ran the aswMBR.exe as Admin.
So do you always use the Admin account for routine computer use ?
Pony_Girl:
Yay! :D Thank you everybody who has taken the time to respond to this thread and help me out here, it is really appreciated. :)
No, I don't tend to use the Admin user account for routine/general computer use (aside from regular updating of AV's/scanners which Admin privileges are needed for - MBAM wouldn't seem to update otherwise).
There are 3 user accounts on this computer: my mum's, my brother's, mine and an Admin user account set up after a friend of my sister suggested it.
Only my mother and I have access to the Admin account - my mum's happy to let me have access to it as I use common sense and am the most knowledgeable person in our house when it comes to computers (done a few courses, have real life friends who are fully qualified in this kinda thing who teach me all sorts - I'm lucky to be friends with them, they're great people :) ).
I'm by no means an expert, but I draw on knowledge I already have, use common sense and take care of general maintenance and stuff like keeping it all up to date. If I spot a problem and I KNOW FOR CERTAIN that I can fix it and won't break anything/f*ck it up, I get on with it - if I don't know what to do/what I'm doing I know people I can go to, have reliable sources and know where to look for help and advice (my brother on the other hand thinks he knows everything and jumps to conclusions - I like to first identify if there is a problem then what the problem is, then I fix it if I can, if I can't I do homework on it and seek advice).
DavidR:
You're welcome.
Avast shouldn't need the Admin account to update as the avast.setup that does the update runs as a System user, see image.
I have MBAM Pro and that doesn't Need 'the admin' account either, whilst I use an account which has admin privileges (but not 'the admin' account, there is a difference) and that is just fine.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version