How to check MBR for virus infection? (via MBRCheck)

October 1st, 2015

Home
/
Guides For Windows
/
Security
/
How to check MBR...

Often, viruses are very tricky and infect your MBR (Master Boot Record). This is pretty annoying, so let’s find out how to check the MBR for virus infections and how to remove the MBR virus.

Click here to join Ultra.io - Rare NFTs and Play-to-Earn Games or Read my review first!

The master boot record contains the primary partition tables, which makes it a very important disk record. Code in the MBR (Master Boot Record) is executed automatically on boot up, that’s why the MBR is often the target of viruses. Some viruses will always return unless you don’t remove them from the MBR.

1. Repair Corrupt / Broken MBR

If your MBR is corrupt or broken, you can often easily fix it by running a few Windows commands. We have covered this in another article: How to repair MBR in Windows 7

2. Check MBR for viruses

Geekstogo.com provides a useful tool called MBRCheck, which will scan your MBR for any viruses. You should do this if you think your MBR might be infected.

Download MBRCheck.exe

After downloading MBRCheck.exe, stop all your security programs, run it and confirm all UAC prompts. You can run this while you are logged into Windows or if you can’t log in, do this either via safe-mode with command prompt or system repair tools (boot from Windows 7 DVD, repair, run command prompt).

My MBR looks fine, it detected Windows 7 and Windows XP MBR code that are required to boot the operating system. If MBRCheck.exe finds a virus it will display it and you can proceed with removing the virus. However, if you need further advise, you can post the .log file that will be added to your desktop if MBRCheck.exe finds a virus.

Oliver SK.

Oliver is the founder and lead editor of this site. He is interested in finding new ways to break Windows, find common errors and help others to fix them. Aside from that, he loves to fully customize systems with Rainmeter and Dreamscene, find out more about ancient civilizations like the Chachapoya, sharpen his digital photography skills and create software with a small group of selected developers. If you would like to connect with him to discuss anything, send him a mail!

Referral: Join Ultra.io For NFTs and Play-To-Earn

Posts created: 2000

There are 2 comments 2 comments

Joey E February 3, 2012 at 5:40 am

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001d

Kernel Drivers (total 93):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EF000 \WINDOWS\system32\hal.dll
0xF8C76000 \WINDOWS\system32\KDCOM.DLL
0xF8B86000 \WINDOWS\system32\BOOTVID.dll
0xF8727000 ACPI.sys
0xF8C78000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF8716000 pci.sys
0xF8776000 isapnp.sys
0xF8C7A000 intelide.sys
0xF89F6000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF8786000 MountMgr.sys
0xF86F7000 ftdisk.sys
0xF8C7C000 dmload.sys
0xF86D1000 dmio.sys
0xF89FE000 PartMgr.sys
0xF8796000 VolSnap.sys
0xF86B9000 atapi.sys
0xF87A6000 disk.sys
0xF87B6000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF8699000 fltmgr.sys
0xF8687000 sr.sys
0xF8670000 KSecDD.sys
0xF865D000 WudfPf.sys
0xF85D0000 Ntfs.sys
0xF85A3000 NDIS.sys
0xF8589000 Mup.sys
0xF87C6000 agp440.sys
0xF87E6000 \SystemRoot\system32\DRIVERS\dc21x4.sys
0xF8A26000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF87F6000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF8A36000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF8806000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF8816000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF850D000 \SystemRoot\system32\DRIVERS\ks.sys
0xF8A4E000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF8826000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF8A5E000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF84E9000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF8836000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF8C1A000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF84D2000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF8846000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF8856000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF8A7E000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF84C1000 \SystemRoot\system32\DRIVERS\psched.sys
0xF8866000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF8A8E000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF8A9E000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF8491000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF8876000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF8AAE000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF8C82000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF840B000 \SystemRoot\system32\DRIVERS\update.sys
0xF8C3E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF8886000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF8896000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF8C86000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF8AC6000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xF8C8A000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF8E0D000 \SystemRoot\System32\Drivers\Null.SYS
0xF8C8E000 \SystemRoot\System32\Drivers\Beep.SYS
0xF8ADE000 \SystemRoot\System32\drivers\vga.sys
0xF83F7000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0xF8C92000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF8AEE000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF8AFE000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF8C72000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xF83C4000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xF836B000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF831B000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF82F9000 \SystemRoot\System32\drivers\afd.sys
0xF88B6000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF822E000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF81BE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF8530000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF88D6000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF8B1E000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF848D000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xF88E6000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF81A6000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF8C98000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF846D000 \SystemRoot\System32\drivers\Dxapi.sys
0xF8B46000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF8D4D000 \SystemRoot\System32\drivers\dxgthk.sys
0xBFF50000 \SystemRoot\System32\framebuf.dll
0xBF012000 \SystemRoot\System32\ATMFD.DLL
0xF7645000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xF6CDC000 \SystemRoot\system32\DRIVERS\srv.sys
0xF62DF000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xF615E000 \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\axroiuog.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 17):
0 System Idle Process
4 System
392 C:\WINDOWS\system32\smss.exe
440 csrss.exe
464 C:\WINDOWS\system32\winlogon.exe
508 C:\WINDOWS\system32\services.exe
520 C:\WINDOWS\system32\lsass.exe
680 C:\WINDOWS\system32\svchost.exe
764 svchost.exe
852 C:\WINDOWS\system32\svchost.exe
908 svchost.exe
1016 svchost.exe
1420 C:\WINDOWS\explorer.exe
1736 C:\WINDOWS\system32\ctfmon.exe
2024 C:\Program Files\Mozilla Firefox\firefox.exe
696 C:\Program Files\Mozilla Firefox\plugin-container.exe
1504 C:\Documents and Settings\Administrator\My Documents\Downloads\MBRCheck.exe

\\.\C: –> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: IC35L040AVER07-0, Rev: ER4OA46A

Size Device Name MBR Status
——————————————–
37 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A

Found non-standard or infected MBR.
Enter ‘Y’ and hit ENTER for more options, or ‘N’ to exit:
Rodrigo June 27, 2012 at 12:46 am

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: POSITIVO
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: POSITIVO
System Product Name: POSITIVO MOBILE
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 180):
0x02A4B000 \SystemRoot\system32\ntoskrnl.exe
0x02A02000 \SystemRoot\system32\hal.dll
0x00BAB000 \SystemRoot\system32\kdcom.dll
0x00C48000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C97000 \SystemRoot\system32\PSHED.dll
0x00CAB000 \SystemRoot\system32\CLFS.SYS
0x00D09000 \SystemRoot\system32\CI.dll
0x00E79000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F1D000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F2C000 \SystemRoot\system32\drivers\ACPI.sys
0x00F83000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F8C000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F96000 \SystemRoot\system32\drivers\pci.sys
0x00FC9000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00FD6000 \SystemRoot\System32\drivers\partmgr.sys
0x00FEB000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00FF4000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00E00000 \SystemRoot\system32\drivers\volmgr.sys
0x00E15000 \SystemRoot\System32\drivers\volmgrx.sys
0x00E71000 \SystemRoot\system32\drivers\pciide.sys
0x00DC9000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00DD9000 \SystemRoot\System32\drivers\mountmgr.sys
0x00DF3000 \SystemRoot\system32\drivers\atapi.sys
0x00C00000 \SystemRoot\system32\drivers\ataport.SYS
0x00C2A000 \SystemRoot\system32\drivers\amdxata.sys
0x01035000 \SystemRoot\system32\drivers\fltmgr.sys
0x01081000 \SystemRoot\system32\drivers\fileinfo.sys
0x01095000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x01259000 \SystemRoot\System32\Drivers\Ntfs.sys
0x010CA000 \SystemRoot\System32\Drivers\msrpc.sys
0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01128000 \SystemRoot\System32\Drivers\cng.sys
0x0121B000 \SystemRoot\System32\drivers\pcw.sys
0x0122C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x014E0000 \SystemRoot\system32\drivers\ndis.sys
0x01400000 \SystemRoot\system32\drivers\NETIO.SYS
0x01460000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x016F4000 \SystemRoot\System32\drivers\tcpip.sys
0x018F7000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01941000 \SystemRoot\system32\drivers\vmstorfl.sys
0x01951000 \SystemRoot\system32\drivers\volsnap.sys
0x0199D000 \SystemRoot\System32\Drivers\spldr.sys
0x019A5000 \SystemRoot\System32\drivers\rdyboost.sys
0x019DF000 \SystemRoot\System32\Drivers\mup.sys
0x019F1000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01600000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0163A000 \SystemRoot\system32\drivers\disk.sys
0x01650000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x016B6000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x016E0000 \SystemRoot\System32\Drivers\Null.SYS
0x016E9000 \SystemRoot\System32\Drivers\Beep.SYS
0x0148B000 \SystemRoot\System32\drivers\vga.sys
0x01499000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x014BE000 \SystemRoot\System32\drivers\watchdog.sys
0x014CE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x014D7000 \SystemRoot\system32\drivers\rdpencdd.sys
0x015D3000 \SystemRoot\system32\drivers\rdprefmp.sys
0x015DC000 \SystemRoot\System32\Drivers\Msfs.SYS
0x015E7000 \SystemRoot\System32\Drivers\Npfs.SYS
0x01236000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0119A000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03A4A000 \SystemRoot\system32\drivers\afd.sys
0x03AD3000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03B18000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x03B21000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03B47000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x03B5D000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03B6C000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03B87000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03B9B000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03BEC000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03A00000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03A0B000 \SystemRoot\System32\drivers\discache.sys
0x03CDD000 \SystemRoot\system32\drivers\csc.sys
0x03D60000 \SystemRoot\System32\Drivers\dfsc.sys
0x03D7E000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x03D8F000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x03DB5000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0400B000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x02C83000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x02D77000 \SystemRoot\System32\drivers\dxgmms1.sys
0x02DBD000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x02C00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x02C56000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x02DCA000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04A0C000 \SystemRoot\system32\DRIVERS\rtl8192se.sys
0x04B36000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04B43000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x04B63000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x04B81000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x04B90000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x04B9F000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x04BA4000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x04BAD000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x04BBD000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04BD3000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x04BDE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x03C00000 \SystemRoot\system32\DRIVERS\ks.sys
0x04BE0000 \SystemRoot\system32\DRIVERS\umbus.sys
0x03C43000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x02C67000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0564F000 \SystemRoot\system32\drivers\HdAudio.sys
0x056AB000 \SystemRoot\system32\drivers\portcls.sys
0x056E8000 \SystemRoot\system32\drivers\drmk.sys
0x0570A000 \SystemRoot\system32\drivers\ksthunk.sys
0x000C0000 \SystemRoot\System32\win32k.sys
0x05710000 \SystemRoot\System32\drivers\Dxapi.sys
0x0571C000 \SystemRoot\System32\Drivers\crashdmp.sys
0x0572A000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x05736000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x0573F000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x05752000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00520000 \SystemRoot\System32\TSDDD.dll
0x00710000 \SystemRoot\System32\cdd.dll
0x05760000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0577D000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x057AD000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x057BB000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x057D4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x057DD000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x057EB000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x05600000 \SystemRoot\system32\drivers\luafv.sys
0x05623000 \SystemRoot\system32\drivers\WudfPf.sys
0x045DF000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x011A7000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x03C9D000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x03CB0000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0285F000 \SystemRoot\system32\drivers\HTTP.sys
0x02928000 \SystemRoot\system32\DRIVERS\bowser.sys
0x02946000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0295E000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0298B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x029D9000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x02AA9000 \SystemRoot\system32\drivers\peauth.sys
0x02B4F000 \SystemRoot\System32\Drivers\secdrv.SYS
0x02B5A000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x02B8B000 \SystemRoot\System32\drivers\tcpipreg.sys
0x02A00000 \SystemRoot\System32\DRIVERS\srv2.sys
0x04602000 \SystemRoot\System32\DRIVERS\srv.sys
0x0469A000 \SystemRoot\system32\drivers\spsys.sys
0x77550000 \Windows\System32\ntdll.dll
0x47840000 \Windows\System32\smss.exe
0xFF870000 \Windows\System32\apisetschema.dll
0xFF0D0000 \Windows\System32\autochk.exe
0xFEAD0000 \Windows\System32\shell32.dll
0xFEAB0000 \Windows\System32\sechost.dll
0x773F0000 \Windows\System32\wininet.dll
0xFEA10000 \Windows\System32\clbcatq.dll
0xFE8E0000 \Windows\System32\rpcrt4.dll
0x772D0000 \Windows\System32\kernel32.dll
0xFE890000 \Windows\System32\ws2_32.dll
0xFE7F0000 \Windows\System32\msvcrt.dll
0xFE5E0000 \Windows\System32\ole32.dll
0x770C0000 \Windows\System32\iertutil.dll
0xFE5C0000 \Windows\System32\imagehlp.dll
0xFE5B0000 \Windows\System32\nsi.dll
0xFE530000 \Windows\System32\shlwapi.dll
0x77720000 \Windows\System32\normaliz.dll
0xFE520000 \Windows\System32\lpk.dll
0xFE4F0000 \Windows\System32\imm32.dll
0xFE470000 \Windows\System32\difxapi.dll
0xFE290000 \Windows\System32\setupapi.dll
0x76FC0000 \Windows\System32\user32.dll
0xFE220000 \Windows\System32\gdi32.dll
0xFE140000 \Windows\System32\advapi32.dll
0xFE060000 \Windows\System32\oleaut32.dll
0x76E70000 \Windows\System32\urlmon.dll
0xFDF50000 \Windows\System32\msctf.dll
0xFDEF0000 \Windows\System32\Wldap32.dll
0xFDE50000 \Windows\System32\comdlg32.dll
0x77710000 \Windows\System32\psapi.dll
0xFDD80000 \Windows\System32\usp10.dll
0xFDD10000 \Windows\System32\KernelBase.dll
0xFDCD0000 \Windows\System32\cfgmgr32.dll
0xFDC90000 \Windows\System32\wintrust.dll
0xFDBF0000 \Windows\System32\comctl32.dll
0xFDBD0000 \Windows\System32\devobj.dll
0xFDA60000 \Windows\System32\crypt32.dll
0xFDA50000 \Windows\System32\msasn1.dll
0x75380000 \Windows\SysWOW64\normaliz.dll

Processes (total 47):
0 System Idle Process
4 System
268 C:\Windows\System32\smss.exe
348 csrss.exe
388 C:\Windows\System32\wininit.exe
400 csrss.exe
444 C:\Windows\System32\services.exe
460 C:\Windows\System32\lsass.exe
468 C:\Windows\System32\lsm.exe
532 C:\Windows\System32\winlogon.exe
624 C:\Windows\System32\svchost.exe
680 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
740 C:\Windows\System32\svchost.exe
784 C:\Program Files\Microsoft Security Client\MsMpEng.exe
900 C:\Windows\System32\svchost.exe
944 C:\Windows\System32\svchost.exe
1004 C:\Windows\System32\svchost.exe
612 C:\Windows\System32\svchost.exe
1048 C:\Windows\System32\svchost.exe
1180 C:\Windows\System32\spoolsv.exe
1208 C:\Windows\System32\svchost.exe
1348 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
1476 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
1836 C:\Windows\System32\taskhost.exe
2024 C:\Windows\System32\dwm.exe
1036 C:\Windows\explorer.exe
1672 C:\Program Files\Microsoft Security Client\msseces.exe
1740 C:\Program Files\Windows Sidebar\sidebar.exe
208 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
992 C:\Windows\System32\svchost.exe
1800 C:\Windows\System32\SearchIndexer.exe
2472 C:\Program Files\Windows Media Player\wmpnetwk.exe
2600 C:\Windows\System32\svchost.exe
2940 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
3004 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
3036 C:\Windows\System32\sppsvc.exe
652 C:\Windows\System32\svchost.exe
2704 C:\Program Files (x86)\Internet Explorer\iexplore.exe
2648 C:\Program Files (x86)\Internet Explorer\iexplore.exe
3064 C:\Program Files (x86)\Internet Explorer\iexplore.exe
2000 C:\Windows\System32\SearchFilterHost.exe
768 C:\Windows\System32\taskeng.exe
1244 MpCmdRun.exe
984 C:\Windows\System32\SearchProtocolHost.exe
2396 C:\Users\Positivo\Downloads\MBRCheck.exe
2860 C:\Windows\System32\conhost.exe
1560 C:\Windows\System32\dllhost.exe

\\.\C: –> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)

PhysicalDrive0 Model Number: TOSHIBAMK5059GSXP, Rev: GN001U

Size Device Name MBR Status
——————————————–
465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

Done!

How to check MBR for virus infection? (via MBRCheck)

1. Repair Corrupt / Broken MBR

2. Check MBR for viruses

Oliver SK.

User Complaints About Windows 7 Incompatibility, Recording Sound And More

Advantages/Disadvantages of Claymation Studio (Stop Motion Video Creator)

Replace explorer.exe in Windows 8 via registry

Privacy in 2014: Adware Tracking Cookies – What They Are and What They Do

Locking your PC: How to disable the Lock Screen in Windows 8?

Tip: How to apply Windows 7 themes from command prompt