RootKit.MBR Removal...?

January 11, 2010 at 12:17:26
Specs: Windows XP SP2, 3.G
Hi, I'm running WindowsXP with SP2 and faithfully update all critical and security updates for Windows plus run AVG Internet Security. Currently my Dell Inspiron laptop is not functioning properly. It has been crashing.
When i try to run a scan on normal mode, the laptop freezes. I ran two malwarebytes, spybot & SuperAnti-Spyware scan on safe mode, with all definitions updated. Unfortunately for some reason i couldnt run a AVG Virus Scan on safe mode.

The first scan, malwarebytes picked up 5 RootKit.MBR and erased them successfully. Spybot & Super Anti-Spyware picked up a bunch of tracking cookies and removed them successfully.

The second scan, Malwarebytes picked up 1 RootKit.MBR and successfully removed it. Spybot and Super Anti-Spyware didnt pick up anything. However, when i restarted the laptop on normal mode and attempted to run a virus scan it continued to freeze up and crash. My suspicions is that it still has this Rootkit.MBR. I tried doing a search on this but couldnt find much information. Can you guys assist? Any help would be greatly appreciated.


Can only run in safe mode otherwise completely freezing up. All started on Dec.25th when suddenly AVG's firewall was being blocked as well as Windows Updates. Malwarebytes found Rootkit.MBR and eradicated it. Since then I've attempted Windows System Restore to no avail. Before i attempt to install my WindowsXP installation disk, I'd like to know if there's anything else I may be infected with. Even in safe mode, it seems i only have 10 or 15 min. online before my system freezes and i must reboot. I have never reinstalled my O/S either or done a reinstall of just my registry files from the disc so I'd appreciate some guidance in that respect too as a final solution.

thanks, in advance, for your help.

See More: RootKit.MBR Removal...?

Report •

January 11, 2010 at 19:37:55
Please download MBR.exe and save it to C:\

Then Navigate to C:\ and double click the MBR.exe executable file> click run.

It will produce a brief log, mbr.txt in the same directory as the program. Please copy/paste that
log here.

Report •
Related Solutions

Ask Question