|Here is my communication with Webroot Support. If solution doesn't work, let me know and I can generate another ticket. I can't verify right now because I do not have access to PC running Webroot. Hope this helps!|
Talk to Webroot Support
Webroot Support (Dec 16, 2011 13:29)
RE:Malicious threat " $mbr.1 in c: "
Try to un-quarantine and restore the file that was quarantined by the Webroot SecureAnywhere software if you have not already done so. To restore the file:
1. Click the "PC Security" button on the left frame.
2. Click the "Quarantine" tab.
3. Click the "View Quarantine" button.
4. Click the check box next to the file name and then click the "Restore" button.
Now that this change is in effect, we request that you run another scan of your computer (click on "Scan My Computer" on the main overview window). If the same detection occurs, please let us know immediately.
Webroot Advanced Malware Removal Team
Your Message (Dec 15, 2011 18:36)
Malicious threat " $mbr.1 in c: "
Just checked and Webroot scan still detects $mbr.1 in c: as a malicious threat. Any updates on resolution to this false positive?
Webroot Support (Dec 13, 2011 20:45)
RE:Can't resolve infection found using Webroot Secure Anywhere AV Pro
The detection for "c:\$mbr.1" you have received is a false positive, and is not related to malware. We apologize for any inconvenience this has caused you, and assure you that we are working hard to resolve the issue. We expect to have rectified the issue within 24 hours. In the meantime, please ignore any detections related to "c:\$mbr.1".
Thank you for your patience,
The Webroot Advanced Malware Removal Team
Your Message (Dec 13, 2011 20:28)
Can't resolve infection found using Webroot Secure Anywhere AV Pro
Webroot scan reported " $mbr.1 in c: " as a malicious threat, but cannot remove it. During removal process, requests system restart, but no removal. Is this something to be concerned about, or is it maybe a false positive? Used Malwarebytes and IOBit Malware Fighter, and neither reported any viruses.