locked
Windows 7 MBR code detected Using Windows 8 Enterprise Evaluation RRS feed

  • Question

  • Please help with this I had a security issue, and ran MBR, this is what came up

    Windows 7 MBR code detected
                SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

    need help resoulving this issue as well as checking for

    spywares/hack/loggers/open ports/

    Security is an Issue Here.... 

    This is on a Windows 8 Enterprise evaluation 

    MBRCheck, version 1.2.3

    (c) 2010, AD

    Command-line:

    Windows Version:
    Windows Information: (build 9200), 64-bit
    Base Board Manufacturer: Acer
    BIOS Manufacturer: American Megatrends Inc.
    System Manufacturer: Acer
    System Product Name: Aspire X1935
    Logical Drives Mask: 0x004000fc

    Kernel Drivers (total 158):
      0x3A619000 \SystemRoot\system32\ntoskrnl.exe
      0x3AD61000 \SystemRoot\system32\hal.dll
      0x3A42B000 \SystemRoot\system32\kdcom.dll
      0x00C66000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
      0x00CC5000 \SystemRoot\System32\drivers\CLFS.SYS
      0x00D21000 \SystemRoot\System32\drivers\tm.sys
      0x00D44000 \SystemRoot\system32\PSHED.dll
      0x00D59000 \SystemRoot\system32\BOOTVID.dll
      0x00D63000 \SystemRoot\system32\CI.dll
      0x010CA000 \SystemRoot\System32\drivers\msrpc.sys
      0x0112D000 \SystemRoot\system32\drivers\Wdf01000.sys
      0x011EF000 \SystemRoot\system32\drivers\WDFLDR.SYS
      0x01000000 \SystemRoot\System32\Drivers\acpiex.sys
      0x01017000 \SystemRoot\System32\Drivers\WppRecorder.sys
      0x01022000 \SystemRoot\System32\drivers\ACPI.sys
      0x0108F000 \SystemRoot\System32\drivers\WMILIB.SYS
      0x01099000 \SystemRoot\System32\drivers\msisadrv.sys
      0x00C00000 \SystemRoot\System32\drivers\pci.sys
      0x00E7E000 \SystemRoot\System32\Drivers\cng.sys
      0x00F0A000 \SystemRoot\system32\drivers\tpm.sys
      0x00F3D000 \SystemRoot\System32\drivers\vdrvroot.sys
      0x00F4A000 \SystemRoot\system32\drivers\pdc.sys
      0x00F61000 \SystemRoot\System32\drivers\partmgr.sys
      0x00F7B000 \SystemRoot\System32\drivers\spaceport.sys
      0x00FC4000 \SystemRoot\System32\drivers\volmgr.sys
      0x00E00000 \SystemRoot\System32\drivers\volmgrx.sys
      0x00E60000 \SystemRoot\System32\drivers\mountmgr.sys
      0x00FDC000 \SystemRoot\System32\drivers\storahci.sys
      0x00A9F000 \SystemRoot\System32\drivers\storport.sys
      0x00B0E000 \SystemRoot\system32\drivers\fltmgr.sys
      0x00B6E000 \SystemRoot\System32\drivers\fileinfo.sys
      0x00B82000 \SystemRoot\system32\drivers\WdFilter.sys
      0x016C6000 \SystemRoot\System32\Drivers\Ntfs.sys
      0x018A9000 \SystemRoot\System32\Drivers\ksecdd.sys
      0x018C4000 \SystemRoot\System32\drivers\pcw.sys
      0x018D5000 \SystemRoot\System32\Drivers\Fs_Rec.sys
      0x018DF000 \SystemRoot\system32\drivers\ndis.sys
      0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
      0x0166F000 \SystemRoot\System32\Drivers\ksecpkg.sys
      0x01A7F000 \SystemRoot\System32\drivers\tcpip.sys
      0x01CB6000 \SystemRoot\System32\drivers\fwpkclnt.sys
      0x01D1E000 \SystemRoot\system32\DRIVERS\wfplwfs.sys
      0x01D39000 \SystemRoot\System32\DRIVERS\fvevol.sys
      0x01A00000 \SystemRoot\System32\drivers\volsnap.sys
      0x01DAF000 \SystemRoot\System32\drivers\rdyboost.sys
      0x01A55000 \SystemRoot\System32\Drivers\mup.sys
      0x0169E000 \SystemRoot\System32\drivers\disk.sys
      0x00A00000 \SystemRoot\System32\drivers\CLASSPNP.SYS
      0x01DEA000 \SystemRoot\System32\Drivers\crashdmp.sys
      0x01A6C000 \SystemRoot\System32\drivers\BasicDisplay.sys
      0x019DA000 \SystemRoot\System32\drivers\watchdog.sys
      0x0360F000 \SystemRoot\System32\drivers\dxgkrnl.sys
      0x03776000 \SystemRoot\System32\drivers\cdrom.sys
      0x037A7000 \SystemRoot\System32\drivers\dxgmms1.sys
      0x037F5000 \SystemRoot\System32\Drivers\Null.SYS
      0x03600000 \SystemRoot\system32\DRIVERS\ndistapi.sys
      0x019F8000 \SystemRoot\System32\Drivers\Beep.SYS
      0x00BC4000 \SystemRoot\system32\DRIVERS\ndiswan.sys
      0x00BF3000 \SystemRoot\System32\drivers\BasicRender.sys
      0x00A80000 \SystemRoot\system32\DRIVERS\rassstp.sys
      0x010A3000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
      0x0323D000 \SystemRoot\system32\DRIVERS\tunnel.sys
      0x03269000 \SystemRoot\System32\drivers\CompositeBus.sys
      0x03278000 \SystemRoot\system32\DRIVERS\kdnic.sys
      0x03283000 \SystemRoot\System32\drivers\umbus.sys
      0x0381E000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
      0x03D3A000 \SystemRoot\System32\drivers\USBXHCI.SYS
      0x03D91000 \SystemRoot\System32\drivers\ucx01000.sys
      0x03DC9000 \SystemRoot\System32\drivers\HECIx64.sys
      0x03295000 \SystemRoot\system32\DRIVERS\e1i63x64.sys
      0x03DDC000 \SystemRoot\System32\drivers\usbehci.sys
      0x032EB000 \SystemRoot\System32\drivers\USBPORT.SYS
      0x03800000 \SystemRoot\System32\drivers\HDAudBus.sys
      0x03366000 \SystemRoot\System32\drivers\intelppm.sys
      0x03DF2000 \SystemRoot\System32\drivers\wmiacpi.sys
      0x03382000 \SystemRoot\system32\DRIVERS\raspptp.sys
      0x033D9000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
      0x03200000 \SystemRoot\system32\DRIVERS\raspppoe.sys
      0x0321A000 \SystemRoot\System32\drivers\mssmbios.sys
      0x03DFC000 \SystemRoot\System32\drivers\swenum.sys
      0x03E62000 \SystemRoot\System32\drivers\ks.sys
      0x03EB1000 \SystemRoot\System32\drivers\rdpbus.sys
      0x03EBC000 \SystemRoot\System32\Drivers\NDProxy.SYS
      0x03ED0000 \SystemRoot\System32\drivers\usbhub.sys
      0x03F4E000 \SystemRoot\System32\drivers\USBD.SYS
      0x03F59000 \SystemRoot\System32\drivers\UsbHub3.sys
      0x03E00000 \SystemRoot\system32\drivers\HdAudio.sys
      0x04412000 \SystemRoot\system32\drivers\portcls.sys
      0x0445D000 \SystemRoot\system32\drivers\drmk.sys
      0x0447F000 \SystemRoot\system32\drivers\ksthunk.sys
      0x04485000 \SystemRoot\System32\Drivers\Npfs.SYS
      0x04497000 \SystemRoot\System32\Drivers\Msfs.SYS
      0x044A3000 \SystemRoot\system32\DRIVERS\tdx.sys
      0x044C5000 \SystemRoot\system32\DRIVERS\TDI.SYS
      0x044D3000 \SystemRoot\System32\DRIVERS\netbt.sys
      0x0452B000 \SystemRoot\system32\drivers\afd.sys
      0x045BD000 \SystemRoot\system32\DRIVERS\pacer.sys
      0x045E7000 \SystemRoot\system32\DRIVERS\vwififlt.sys
      0x04640000 \SystemRoot\system32\DRIVERS\RTL8192su.sys
      0x04703000 \SystemRoot\System32\drivers\vwifibus.sys
      0x04710000 \SystemRoot\system32\DRIVERS\netbios.sys
      0x04720000 \SystemRoot\system32\DRIVERS\rdbss.sys
      0x04856000 \SystemRoot\system32\drivers\csc.sys
      0x048E7000 \SystemRoot\system32\DRIVERS\wanarp.sys
      0x04901000 \SystemRoot\system32\drivers\nsiproxy.sys
      0x0490F000 \SystemRoot\System32\drivers\npsvctrig.sys
      0x0491B000 \SystemRoot\System32\drivers\discache.sys
      0x0492C000 \SystemRoot\System32\Drivers\dfsc.sys
      0x0495F000 \SystemRoot\System32\drivers\usbccgp.sys
      0x04982000 \SystemRoot\System32\drivers\dc3d.sys
      0x04994000 \SystemRoot\System32\drivers\HIDPARSE.SYS
      0x0499C000 \SystemRoot\System32\Drivers\usbvideo.sys
      0x049D0000 \SystemRoot\system32\drivers\usbaudio.sys
      0x049EE000 \SystemRoot\System32\drivers\hidusb.sys
      0x04800000 \SystemRoot\System32\drivers\HIDCLASS.SYS
      0x0481B000 \SystemRoot\System32\drivers\kbdhid.sys
      0x04828000 \SystemRoot\System32\drivers\kbdclass.sys
      0x04837000 \SystemRoot\System32\drivers\mouhid.sys
      0x04843000 \SystemRoot\System32\drivers\mouclass.sys
      0x04792000 \SystemRoot\System32\drivers\USBSTOR.SYS
      0x04625000 \SystemRoot\System32\Drivers\dump_diskdump.sys
      0x0460B000 \SystemRoot\System32\Drivers\dump_storahci.sys
      0x03FCC000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
      0x001E3000 \SystemRoot\System32\win32k.sys
      0x04632000 \SystemRoot\system32\DRIVERS\monitor.sys
      0x00602000 \SystemRoot\System32\TSDDD.dll
      0x0095A000 \SystemRoot\System32\cdd.dll
      0x033A3000 \SystemRoot\system32\drivers\luafv.sys
      0x03FE0000 \SystemRoot\system32\DRIVERS\lltdio.sys
      0x15660000 \SystemRoot\system32\DRIVERS\nwifi.sys
      0x156CE000 \SystemRoot\system32\DRIVERS\ndisuio.sys
      0x156E2000 \SystemRoot\system32\DRIVERS\rspndr.sys
      0x156FA000 \SystemRoot\system32\drivers\HTTP.sys
      0x157D6000 \SystemRoot\system32\DRIVERS\bowser.sys
      0x15600000 \SystemRoot\System32\drivers\mpsdrv.sys
      0x15A21000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
      0x15A83000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
      0x15ACE000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
      0x15B08000 \SystemRoot\system32\drivers\Ndu.sys
      0x15B24000 \SystemRoot\system32\drivers\peauth.sys
      0x15BEF000 \SystemRoot\System32\Drivers\secdrv.SYS
      0x15617000 \SystemRoot\System32\DRIVERS\srvnet.sys
      0x15A00000 \SystemRoot\System32\drivers\tcpipreg.sys
      0x16000000 \SystemRoot\System32\DRIVERS\srv2.sys
      0x1609F000 \SystemRoot\System32\DRIVERS\srv.sys
      0x1612C000 \SystemRoot\system32\drivers\WudfPf.sys
      0x16145000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
      0x1617B000 \SystemRoot\System32\drivers\rdpvideominiport.sys
      0x16186000 \SystemRoot\System32\drivers\rdpdr.sys
      0x161B7000 \SystemRoot\system32\drivers\tsusbhub.sys
      0x161DA000 \SystemRoot\System32\drivers\condrv.sys
      0x00AAE000 \SystemRoot\System32\ATMFD.DLL
      0x161E7000 \SystemRoot\System32\drivers\usbscan.sys
      0x15A12000 \SystemRoot\System32\drivers\usbprint.sys
      0x0494D000 \SystemRoot\system32\DRIVERS\dot4usb.sys
      0x047B1000 \SystemRoot\system32\DRIVERS\Dot4.sys
      0x047D9000 \SystemRoot\System32\drivers\Dot4Prt.sys
      0x04600000 \SystemRoot\System32\drivers\WpdUpFltr.sys

    Processes (total 71):
           0 System Idle Process
           4 System
         336 C:\Windows\System32\smss.exe
         412 csrss.exe
         464 csrss.exe
         472 C:\Windows\System32\wininit.exe
         528 C:\Windows\System32\winlogon.exe
         572 C:\Windows\System32\services.exe
         580 C:\Windows\System32\lsass.exe
         684 C:\Windows\System32\svchost.exe
         736 C:\Windows\System32\svchost.exe
         828 C:\Windows\System32\svchost.exe
         856 C:\Windows\System32\svchost.exe
         896 C:\Windows\System32\svchost.exe
         932 dwm.exe
         132 C:\Windows\System32\svchost.exe
         980 C:\Windows\System32\svchost.exe
        1208 C:\Windows\System32\svchost.exe
        1356 C:\Windows\SysWOW64\svchost.exe
        1380 C:\Windows\System32\svchost.exe
        1436 C:\Windows\System32\svchost.exe
        1456 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
        1576 C:\Windows\System32\svchost.exe
        1604 C:\Program Files\Windows Defender\MsMpEng.exe
        1644 dasHost.exe
        1756 C:\Windows\System32\wlms\wlms.exe
        2084 C:\Windows\System32\svchost.exe
        2252 C:\Windows\System32\svchost.exe
        2272 C:\Windows\System32\svchost.exe
        2592 WUDFHost.exe
        1672 C:\Windows\System32\taskhostex.exe
        3100 C:\Windows\explorer.exe
        3764 C:\Windows\System32\igfxtray.exe
        3812 C:\Windows\System32\hkcmd.exe
        3848 C:\Windows\System32\igfxpers.exe
        3928 F:\TMRBLog\welch.david.cia.gov\AppData\Roaming\Spotify\spotify.exe
        3940 C:\Program Files (x86)\Fighters\PASSWORDfighter\stpass.exe
        3964 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
        2220 C:\Program Files (x86)\EMET\EMET_notifier.exe
        3092 C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
        2960 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
        1788 C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
        3548 C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
        3752 C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
        3516 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
        3464 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
        1880 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
        2224 C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe
        2824 C:\Windows\splwow64.exe
        2696 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        1660 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        2240 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        2488 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        3756 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        4808 C:\Program Files (x86)\Adobe Download Assistant\Adobe Download Assistant.exe
        4152 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        5096 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
        4672 C:\Windows\System32\SearchIndexer.exe
         876 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
        4964 C:\Windows\System32\audiodg.exe
        1192 C:\Windows\System32\spoolsv.exe
        5928 WUDFHost.exe
        1412 C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
        4124 C:\Windows\System32\WWAHost.exe
        2520 C:\Windows\System32\RuntimeBroker.exe
        5220 C:\Windows\WinStore\WSHost.exe
        4900 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
         764 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        5616 C:\Users\Superman 1\Desktop\MBRCheck\MBRCheck.exe
        5104 C:\Windows\System32\conhost.exe
        3636 C:\Windows\System32\dllhost.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x000000bb`7fe07000  (NTFS)
    \\.\E: --> \\.\PhysicalDrive0 at offset 0x0000003e`80497600  (NTFS)
    \\.\F: --> \\.\PhysicalDrive0 at offset 0x0000007d`0014ec00  (NTFS)
    \\.\W: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000  (NTFS)

    PhysicalDrive0 Model Number: ST1000DM003-9YN162, Rev: CC4B    

          Size  Device Name          MBR Status
      --------------------------------------------
        931 GB  \\.\PhysicalDrive0   Windows 7 MBR code detected
                SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


    Done!



    Tuesday, March 12, 2013 11:38 PM

Answers

  • MBRCheck doesn't support Windows 8 so showing Windows 7 MBR code detected is probably not an issue.

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ” How to ask a question that is fixable.

    Wednesday, March 13, 2013 5:07 PM

All replies

  • What is your actual question?


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ” How to ask a question that is fixable.

    Wednesday, March 13, 2013 2:48 PM
  • Sorry, this is what i have may be nothing, but it is on of many things, but one at a time.

    Windows 7 MBR code detected
                SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

    What is it an how do I resolve it?  Thank You

    Wednesday, March 13, 2013 3:16 PM
  • MBRCheck doesn't support Windows 8 so showing Windows 7 MBR code detected is probably not an issue.

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ” How to ask a question that is fixable.

    Wednesday, March 13, 2013 5:07 PM
  • this is true and that I know, but i still want it erased somehow, and i have tried a few things even software for the driver, cant seem  to clear it, i will post the next question that i have later today.... thank you for your help, as you look at the report above do you spot anything that should not really be there?????
    Wednesday, March 13, 2013 8:24 PM