How to check MBR for virus infection? (via MBRCheck)

Often, viruses are very tricky and infect your MBR (Master Boot Record). This is pretty annoying, so let’s find out how to check the MBR for virus infections and how to remove the MBR virus.


How to check MBR for Viruses

The master boot record contains the primary partition tables, which makes it a very important disk record. Code in the MBR (Master Boot Record) is executed automatically on boot up, that’s why the MBR is often the target of viruses. Some viruses will always return unless you don’t remove them from the MBR.

1. Repair Corrupt / Broken MBR

If your MBR is corrupt or broken, you can often easily fix it by running a few Windows commands. We have covered this in another article: How to repair MBR in Windows 7

2. Check MBR for viruses

Geekstogo.com provides a useful tool called MBRCheck, which will scan your MBR for any viruses. You should do this if you think your MBR might be infected.

Download MBRCheck.exe

After downloading MBRCheck.exe, stop all your security programs, run it and confirm all UAC prompts. You can run this while you are logged into Windows or if you can’t log in, do this either via safe-mode with command prompt or system repair tools (boot from Windows 7 DVD, repair, run command prompt).

Check MBR for Viruses

My MBR looks fine, it detected Windows 7 and Windows XP MBR code that are required to boot the operating system. If MBRCheck.exe finds a virus it will display it and you can proceed with removing the virus. However, if you need further advise, you can post the .log file that will be added to your desktop if MBRCheck.exe finds a virus.

5 of 5 0 (100%) 3 votes
- Cheers!


Written by:
Oliver is the founder and lead editor of this site. He is interested in finding new ways to break Windows, find common errors and help others to fix them. Aside from that, he loves to fully customize systems with Rainmeter and Dreamscene, find out more about ancient civilizations like the Chachapoya, sharpen his digital photography skills and create software with a small group of selected developers. If you would like to connect with him to discuss anything, send him a mail!

Learn More About.Me

Follow me on Twitter for daily updates: Twitter Follower

Contact The Author:
support@windows7themes.net Get Free Help.png

Connect With Our Site:

facebook google twitter


Need help? Ask a question at our QA site, click the red button to get started:

2 Responses to How to check MBR for virus infection? (via MBRCheck)

  1. Orange Community Approved Comment:
    Joey E said:

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows XP Professional
    Windows Information: Service Pack 3 (build 2600)
    Logical Drives Mask: 0x0000001d

    Kernel Drivers (total 93):
    0x804D7000 \WINDOWS\system32\ntoskrnl.exe
    0x806EF000 \WINDOWS\system32\hal.dll
    0xF8C76000 \WINDOWS\system32\KDCOM.DLL
    0xF8B86000 \WINDOWS\system32\BOOTVID.dll
    0xF8727000 ACPI.sys
    0xF8C78000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
    0xF8716000 pci.sys
    0xF8776000 isapnp.sys
    0xF8C7A000 intelide.sys
    0xF89F6000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
    0xF8786000 MountMgr.sys
    0xF86F7000 ftdisk.sys
    0xF8C7C000 dmload.sys
    0xF86D1000 dmio.sys
    0xF89FE000 PartMgr.sys
    0xF8796000 VolSnap.sys
    0xF86B9000 atapi.sys
    0xF87A6000 disk.sys
    0xF87B6000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
    0xF8699000 fltmgr.sys
    0xF8687000 sr.sys
    0xF8670000 KSecDD.sys
    0xF865D000 WudfPf.sys
    0xF85D0000 Ntfs.sys
    0xF85A3000 NDIS.sys
    0xF8589000 Mup.sys
    0xF87C6000 agp440.sys
    0xF87E6000 \SystemRoot\system32\DRIVERS\dc21x4.sys
    0xF8A26000 \SystemRoot\system32\DRIVERS\fdc.sys
    0xF87F6000 \SystemRoot\system32\DRIVERS\i8042prt.sys
    0xF8A36000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0xF8806000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0xF8816000 \SystemRoot\system32\DRIVERS\redbook.sys
    0xF850D000 \SystemRoot\system32\DRIVERS\ks.sys
    0xF8A4E000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0xF8826000 \SystemRoot\system32\DRIVERS\imapi.sys
    0xF8A5E000 \SystemRoot\system32\DRIVERS\usbuhci.sys
    0xF84E9000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0xF8836000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0xF8C1A000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0xF84D2000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0xF8846000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0xF8856000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0xF8A7E000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0xF84C1000 \SystemRoot\system32\DRIVERS\psched.sys
    0xF8866000 \SystemRoot\system32\DRIVERS\msgpc.sys
    0xF8A8E000 \SystemRoot\system32\DRIVERS\ptilink.sys
    0xF8A9E000 \SystemRoot\system32\DRIVERS\raspti.sys
    0xF8491000 \SystemRoot\system32\DRIVERS\rdpdr.sys
    0xF8876000 \SystemRoot\system32\DRIVERS\termdd.sys
    0xF8AAE000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0xF8C82000 \SystemRoot\system32\DRIVERS\swenum.sys
    0xF840B000 \SystemRoot\system32\DRIVERS\update.sys
    0xF8C3E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0xF8886000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0xF8896000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0xF8C86000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0xF8AC6000 \SystemRoot\system32\DRIVERS\flpydisk.sys
    0xF8C8A000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
    0xF8E0D000 \SystemRoot\System32\Drivers\Null.SYS
    0xF8C8E000 \SystemRoot\System32\Drivers\Beep.SYS
    0xF8ADE000 \SystemRoot\System32\drivers\vga.sys
    0xF83F7000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0xF8C92000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0xF8AEE000 \SystemRoot\System32\Drivers\Msfs.SYS
    0xF8AFE000 \SystemRoot\System32\Drivers\Npfs.SYS
    0xF8C72000 \SystemRoot\system32\DRIVERS\rasacd.sys
    0xF83C4000 \SystemRoot\system32\DRIVERS\ipsec.sys
    0xF836B000 \SystemRoot\system32\DRIVERS\tcpip.sys
    0xF831B000 \SystemRoot\system32\DRIVERS\netbt.sys
    0xF82F9000 \SystemRoot\System32\drivers\afd.sys
    0xF88B6000 \SystemRoot\system32\DRIVERS\netbios.sys
    0xF822E000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0xF81BE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0xF8530000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0xF88D6000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0xF8B1E000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0xF848D000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0xF88E6000 \SystemRoot\System32\Drivers\Cdfs.SYS
    0xF81A6000 \SystemRoot\System32\Drivers\dump_atapi.sys
    0xF8C98000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
    0xBF800000 \SystemRoot\System32\win32k.sys
    0xF846D000 \SystemRoot\System32\drivers\Dxapi.sys
    0xF8B46000 \SystemRoot\System32\watchdog.sys
    0xBF000000 \SystemRoot\System32\drivers\dxg.sys
    0xF8D4D000 \SystemRoot\System32\drivers\dxgthk.sys
    0xBFF50000 \SystemRoot\System32\framebuf.dll
    0xBF012000 \SystemRoot\System32\ATMFD.DLL
    0xF7645000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0xF6CDC000 \SystemRoot\system32\DRIVERS\srv.sys
    0xF62DF000 \SystemRoot\System32\Drivers\Fastfat.SYS
    0xF615E000 \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\axroiuog.sys
    0x7C900000 \WINDOWS\system32\ntdll.dll

    Processes (total 17):
    0 System Idle Process
    4 System
    392 C:\WINDOWS\system32\smss.exe
    440 csrss.exe
    464 C:\WINDOWS\system32\winlogon.exe
    508 C:\WINDOWS\system32\services.exe
    520 C:\WINDOWS\system32\lsass.exe
    680 C:\WINDOWS\system32\svchost.exe
    764 svchost.exe
    852 C:\WINDOWS\system32\svchost.exe
    908 svchost.exe
    1016 svchost.exe
    1420 C:\WINDOWS\explorer.exe
    1736 C:\WINDOWS\system32\ctfmon.exe
    2024 C:\Program Files\Mozilla Firefox\firefox.exe
    696 C:\Program Files\Mozilla Firefox\plugin-container.exe
    1504 C:\Documents and Settings\Administrator\My Documents\Downloads\MBRCheck.exe

    \\.\C: –> \\.\PhysicalDrive0 at offset 0×00000000`00007e00 (NTFS)

    PhysicalDrive0 Model Number: IC35L040AVER07-0, Rev: ER4OA46A

    Size Device Name MBR Status
    ——————————————–
    37 GB \\.\PhysicalDrive0 MBR Code Faked!
    SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A

    Found non-standard or infected MBR.
    Enter ‘Y’ and hit ENTER for more options, or ‘N’ to exit:

  2. Orange Community Approved Comment:
    Rodrigo said:

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows 7 Ultimate Edition
    Windows Information: Service Pack 1 (build 7601), 64-bit
    Base Board Manufacturer: POSITIVO
    BIOS Manufacturer: American Megatrends Inc.
    System Manufacturer: POSITIVO
    System Product Name: POSITIVO MOBILE
    Logical Drives Mask: 0x0000000c

    Kernel Drivers (total 180):
    0x02A4B000 \SystemRoot\system32\ntoskrnl.exe
    0x02A02000 \SystemRoot\system32\hal.dll
    0x00BAB000 \SystemRoot\system32\kdcom.dll
    0x00C48000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
    0x00C97000 \SystemRoot\system32\PSHED.dll
    0x00CAB000 \SystemRoot\system32\CLFS.SYS
    0x00D09000 \SystemRoot\system32\CI.dll
    0x00E79000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x00F1D000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x00F2C000 \SystemRoot\system32\drivers\ACPI.sys
    0x00F83000 \SystemRoot\system32\drivers\WMILIB.SYS
    0x00F8C000 \SystemRoot\system32\drivers\msisadrv.sys
    0x00F96000 \SystemRoot\system32\drivers\pci.sys
    0x00FC9000 \SystemRoot\system32\drivers\vdrvroot.sys
    0x00FD6000 \SystemRoot\System32\drivers\partmgr.sys
    0x00FEB000 \SystemRoot\system32\DRIVERS\compbatt.sys
    0x00FF4000 \SystemRoot\system32\DRIVERS\BATTC.SYS
    0x00E00000 \SystemRoot\system32\drivers\volmgr.sys
    0x00E15000 \SystemRoot\System32\drivers\volmgrx.sys
    0x00E71000 \SystemRoot\system32\drivers\pciide.sys
    0x00DC9000 \SystemRoot\system32\drivers\PCIIDEX.SYS
    0x00DD9000 \SystemRoot\System32\drivers\mountmgr.sys
    0x00DF3000 \SystemRoot\system32\drivers\atapi.sys
    0x00C00000 \SystemRoot\system32\drivers\ataport.SYS
    0x00C2A000 \SystemRoot\system32\drivers\amdxata.sys
    0×01035000 \SystemRoot\system32\drivers\fltmgr.sys
    0×01081000 \SystemRoot\system32\drivers\fileinfo.sys
    0×01095000 \SystemRoot\system32\DRIVERS\MpFilter.sys
    0×01259000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x010CA000 \SystemRoot\System32\Drivers\msrpc.sys
    0×01200000 \SystemRoot\System32\Drivers\ksecdd.sys
    0×01128000 \SystemRoot\System32\Drivers\cng.sys
    0x0121B000 \SystemRoot\System32\drivers\pcw.sys
    0x0122C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
    0x014E0000 \SystemRoot\system32\drivers\ndis.sys
    0×01400000 \SystemRoot\system32\drivers\NETIO.SYS
    0×01460000 \SystemRoot\System32\Drivers\ksecpkg.sys
    0x016F4000 \SystemRoot\System32\drivers\tcpip.sys
    0x018F7000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0×01941000 \SystemRoot\system32\drivers\vmstorfl.sys
    0×01951000 \SystemRoot\system32\drivers\volsnap.sys
    0x0199D000 \SystemRoot\System32\Drivers\spldr.sys
    0x019A5000 \SystemRoot\System32\drivers\rdyboost.sys
    0x019DF000 \SystemRoot\System32\Drivers\mup.sys
    0x019F1000 \SystemRoot\System32\drivers\hwpolicy.sys
    0×01600000 \SystemRoot\System32\DRIVERS\fvevol.sys
    0x0163A000 \SystemRoot\system32\drivers\disk.sys
    0×01650000 \SystemRoot\system32\drivers\CLASSPNP.SYS
    0x016B6000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x016E0000 \SystemRoot\System32\Drivers\Null.SYS
    0x016E9000 \SystemRoot\System32\Drivers\Beep.SYS
    0x0148B000 \SystemRoot\System32\drivers\vga.sys
    0×01499000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x014BE000 \SystemRoot\System32\drivers\watchdog.sys
    0x014CE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x014D7000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x015D3000 \SystemRoot\system32\drivers\rdprefmp.sys
    0x015DC000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x015E7000 \SystemRoot\System32\Drivers\Npfs.SYS
    0×01236000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x0119A000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x03A4A000 \SystemRoot\system32\drivers\afd.sys
    0x03AD3000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x03B18000 \SystemRoot\system32\DRIVERS\wfplwf.sys
    0x03B21000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x03B47000 \SystemRoot\system32\DRIVERS\vwififlt.sys
    0x03B5D000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x03B6C000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x03B87000 \SystemRoot\system32\DRIVERS\termdd.sys
    0x03B9B000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x03BEC000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x03A00000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0x03A0B000 \SystemRoot\System32\drivers\discache.sys
    0x03CDD000 \SystemRoot\system32\drivers\csc.sys
    0x03D60000 \SystemRoot\System32\Drivers\dfsc.sys
    0x03D7E000 \SystemRoot\system32\DRIVERS\blbdrive.sys
    0x03D8F000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x03DB5000 \SystemRoot\system32\DRIVERS\intelppm.sys
    0x0400B000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
    0x02C83000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x02D77000 \SystemRoot\System32\drivers\dxgmms1.sys
    0x02DBD000 \SystemRoot\system32\DRIVERS\usbuhci.sys
    0x02C00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x02C56000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x02DCA000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0x04A0C000 \SystemRoot\system32\DRIVERS\rtl8192se.sys
    0x04B36000 \SystemRoot\system32\DRIVERS\vwifibus.sys
    0x04B43000 \SystemRoot\system32\DRIVERS\sdbus.sys
    0x04B63000 \SystemRoot\system32\DRIVERS\i8042prt.sys
    0x04B81000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x04B90000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x04B9F000 \SystemRoot\system32\DRIVERS\CmBatt.sys
    0x04BA4000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
    0x04BAD000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
    0x04BBD000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
    0x04BD3000 \SystemRoot\system32\DRIVERS\rdpbus.sys
    0x04BDE000 \SystemRoot\system32\DRIVERS\swenum.sys
    0x03C00000 \SystemRoot\system32\DRIVERS\ks.sys
    0x04BE0000 \SystemRoot\system32\DRIVERS\umbus.sys
    0x03C43000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x02C67000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x0564F000 \SystemRoot\system32\drivers\HdAudio.sys
    0x056AB000 \SystemRoot\system32\drivers\portcls.sys
    0x056E8000 \SystemRoot\system32\drivers\drmk.sys
    0x0570A000 \SystemRoot\system32\drivers\ksthunk.sys
    0x000C0000 \SystemRoot\System32\win32k.sys
    0×05710000 \SystemRoot\System32\drivers\Dxapi.sys
    0x0571C000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x0572A000 \SystemRoot\System32\Drivers\dump_dumpata.sys
    0×05736000 \SystemRoot\System32\Drivers\dump_atapi.sys
    0x0573F000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
    0×05752000 \SystemRoot\system32\DRIVERS\monitor.sys
    0×00520000 \SystemRoot\System32\TSDDD.dll
    0×00710000 \SystemRoot\System32\cdd.dll
    0×05760000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x0577D000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x057AD000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0x057BB000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0x057D4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0x057DD000 \SystemRoot\system32\DRIVERS\kbdhid.sys
    0x057EB000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0×05600000 \SystemRoot\system32\drivers\luafv.sys
    0×05623000 \SystemRoot\system32\drivers\WudfPf.sys
    0x045DF000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0x011A7000 \SystemRoot\system32\DRIVERS\nwifi.sys
    0x03C9D000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0x03CB0000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0x0285F000 \SystemRoot\system32\drivers\HTTP.sys
    0×02928000 \SystemRoot\system32\DRIVERS\bowser.sys
    0×02946000 \SystemRoot\System32\drivers\mpsdrv.sys
    0x0295E000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0x0298B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0x029D9000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0x02AA9000 \SystemRoot\system32\drivers\peauth.sys
    0x02B4F000 \SystemRoot\System32\Drivers\secdrv.SYS
    0x02B5A000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0x02B8B000 \SystemRoot\System32\drivers\tcpipreg.sys
    0x02A00000 \SystemRoot\System32\DRIVERS\srv2.sys
    0×04602000 \SystemRoot\System32\DRIVERS\srv.sys
    0x0469A000 \SystemRoot\system32\drivers\spsys.sys
    0×77550000 \Windows\System32\ntdll.dll
    0×47840000 \Windows\System32\smss.exe
    0xFF870000 \Windows\System32\apisetschema.dll
    0xFF0D0000 \Windows\System32\autochk.exe
    0xFEAD0000 \Windows\System32\shell32.dll
    0xFEAB0000 \Windows\System32\sechost.dll
    0x773F0000 \Windows\System32\wininet.dll
    0xFEA10000 \Windows\System32\clbcatq.dll
    0xFE8E0000 \Windows\System32\rpcrt4.dll
    0x772D0000 \Windows\System32\kernel32.dll
    0xFE890000 \Windows\System32\ws2_32.dll
    0xFE7F0000 \Windows\System32\msvcrt.dll
    0xFE5E0000 \Windows\System32\ole32.dll
    0x770C0000 \Windows\System32\iertutil.dll
    0xFE5C0000 \Windows\System32\imagehlp.dll
    0xFE5B0000 \Windows\System32\nsi.dll
    0xFE530000 \Windows\System32\shlwapi.dll
    0×77720000 \Windows\System32\normaliz.dll
    0xFE520000 \Windows\System32\lpk.dll
    0xFE4F0000 \Windows\System32\imm32.dll
    0xFE470000 \Windows\System32\difxapi.dll
    0xFE290000 \Windows\System32\setupapi.dll
    0x76FC0000 \Windows\System32\user32.dll
    0xFE220000 \Windows\System32\gdi32.dll
    0xFE140000 \Windows\System32\advapi32.dll
    0xFE060000 \Windows\System32\oleaut32.dll
    0x76E70000 \Windows\System32\urlmon.dll
    0xFDF50000 \Windows\System32\msctf.dll
    0xFDEF0000 \Windows\System32\Wldap32.dll
    0xFDE50000 \Windows\System32\comdlg32.dll
    0×77710000 \Windows\System32\psapi.dll
    0xFDD80000 \Windows\System32\usp10.dll
    0xFDD10000 \Windows\System32\KernelBase.dll
    0xFDCD0000 \Windows\System32\cfgmgr32.dll
    0xFDC90000 \Windows\System32\wintrust.dll
    0xFDBF0000 \Windows\System32\comctl32.dll
    0xFDBD0000 \Windows\System32\devobj.dll
    0xFDA60000 \Windows\System32\crypt32.dll
    0xFDA50000 \Windows\System32\msasn1.dll
    0×75380000 \Windows\SysWOW64\normaliz.dll

    Processes (total 47):
    0 System Idle Process
    4 System
    268 C:\Windows\System32\smss.exe
    348 csrss.exe
    388 C:\Windows\System32\wininit.exe
    400 csrss.exe
    444 C:\Windows\System32\services.exe
    460 C:\Windows\System32\lsass.exe
    468 C:\Windows\System32\lsm.exe
    532 C:\Windows\System32\winlogon.exe
    624 C:\Windows\System32\svchost.exe
    680 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
    740 C:\Windows\System32\svchost.exe
    784 C:\Program Files\Microsoft Security Client\MsMpEng.exe
    900 C:\Windows\System32\svchost.exe
    944 C:\Windows\System32\svchost.exe
    1004 C:\Windows\System32\svchost.exe
    612 C:\Windows\System32\svchost.exe
    1048 C:\Windows\System32\svchost.exe
    1180 C:\Windows\System32\spoolsv.exe
    1208 C:\Windows\System32\svchost.exe
    1348 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    1476 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    1836 C:\Windows\System32\taskhost.exe
    2024 C:\Windows\System32\dwm.exe
    1036 C:\Windows\explorer.exe
    1672 C:\Program Files\Microsoft Security Client\msseces.exe
    1740 C:\Program Files\Windows Sidebar\sidebar.exe
    208 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
    992 C:\Windows\System32\svchost.exe
    1800 C:\Windows\System32\SearchIndexer.exe
    2472 C:\Program Files\Windows Media Player\wmpnetwk.exe
    2600 C:\Windows\System32\svchost.exe
    2940 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    3004 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    3036 C:\Windows\System32\sppsvc.exe
    652 C:\Windows\System32\svchost.exe
    2704 C:\Program Files (x86)\Internet Explorer\iexplore.exe
    2648 C:\Program Files (x86)\Internet Explorer\iexplore.exe
    3064 C:\Program Files (x86)\Internet Explorer\iexplore.exe
    2000 C:\Windows\System32\SearchFilterHost.exe
    768 C:\Windows\System32\taskeng.exe
    1244 MpCmdRun.exe
    984 C:\Windows\System32\SearchProtocolHost.exe
    2396 C:\Users\Positivo\Downloads\MBRCheck.exe
    2860 C:\Windows\System32\conhost.exe
    1560 C:\Windows\System32\dllhost.exe

    \\.\C: –> \\.\PhysicalDrive0 at offset 0×00000000`06500000 (NTFS)

    PhysicalDrive0 Model Number: TOSHIBAMK5059GSXP, Rev: GN001U

    Size Device Name MBR Status
    ——————————————–
    465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
    SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

    Done!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Current day month ye@r *