Error Reading Mbr The Handle Is Invalid
thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. Create Account How it Works Javascript Disabled Detected You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality. False Positive or Real Issue? Started by N. Kaufman , Jun 13 2013 06:40 PM Page 1 of 2 1 2 Next Please log in to reply #1 N. Kaufman Posted 13 June 2013 - 06:40 PM N. Kaufman Member Member 48 posts I have my laptop running Win-7 64-bit. Just the other day, I downloaded mbr.exe from gmer.net and ran it using Admin. Got the following in log file: *********MBR.exe Log Begins********************************************** Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Windows 6.1.7601 device: opened successfully user: error reading MBR error: Read The handle is invalid. kernel: error reading MBR *********MBR.exe Log Ends ********************************************** Getting a bit concerned, I then downloaded aswMBR from gmer.net and ran it without virus scanning. Following are the results: ********* aswMBR.exe Log Begins ********************************************** aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-06-13 20:23:31 ----------------------------- 20:23:31.383 OS Version: Windows x64 6.1.7601 Service Pack 1 20:23:31.383 Number of processors: 2 586 0x170A 20:23:31.384 ComputerName: NK-PC UserName: Admin 20:23:32.283 Initialize success 20:23:32.558 AVAST engine defs: 13061301 20:23:39.692 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 20:23:39.696 Disk 0 Vendor: FUJITSU_MJA2250BH_G2 8919 Size: 238475MB BusType: 11 20:23:39.809 Disk 0 MBR read successfully 20:23:39.813 Disk 0 MBR scan 20:23:39.819 Disk 0 Windows 7 default MBR code 20:23:39.828 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 20:23:39.842 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 140374 MB offset 206848 20:23:39.870 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 97999 MB offset 287692800 20:23:40.161 Disk 0 scanning C:\Windows\system32\drivers 20:23:54.807 Service scanning 20:24:26.682 Modules scanning 20:24:26.689 Disk 0 trace - called mo
Topic: aswMBR (Read 10947 times) 0 Members and 1 Guest are viewing this topic. Nickocosmic Newbie Posts: 9 aswMBR « on: February 02, 2012, 09:38:50 AM » not sure of this topic goes here, so forgive me if i'm in the wrong. i ran this program using quick scan, and it detected an alureon-k [rtk] infection. i was following this guide:http://public.avast.com/~gmerek/aswMBR.htmat the very bottom, it says for alureon infections to use command aswmbr.exe -ap 1. i'm not sure how to do this. i've tried through the command prompt, but it just tells me that it can't find aswmbr.exe. i'm pretty new http://www.geekstogo.com/forum/topic/330910-false-positive-or-real-issue/ to this rootkit business, so i can post the log if need be. thanks in advance for any help. Logged True Indian Malware Hunter Advanced Poster Posts: 712 A Good Old Indian! Re: aswMBR « Reply #1 on: February 02, 2012, 09:41:25 AM » Welcome to the forums!!! Ensure that aswMBR is still on the desktop 1.Go start > Run.2.Copy/paste in the following command please: aswMBR.exe -ap 1 [Notice https://forum.avast.com/index.php?topic=92504.0 the spaces]3.Press enter.4.Once the programme has run then reboot immediately. « Last Edit: February 02, 2012, 10:01:55 AM by true indian » Logged True Indian Malware Hunter Advanced Poster Posts: 712 A Good Old Indian! Re: aswMBR « Reply #2 on: February 02, 2012, 09:44:09 AM » Once completed with the reboot process rerun aswMBR and copy/paste the contents of the log in next reply. « Last Edit: February 02, 2012, 09:48:59 AM by true indian » Logged Nickocosmic Newbie Posts: 9 Re: aswMBR « Reply #3 on: February 02, 2012, 10:08:07 AM » thanks for the welcome!i've tried running it that way through the command prompt as well as start>run, but it tells me windows can't find aswmbr.exe. i've made sure the program is on the desktop as well.also, here is the log from the initial scan:aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST SoftwareRun date: 2012-02-02 03:10:07-----------------------------03:10:07.756 OS Version: Windows x64 6.1.7601 Service Pack 103:10:07.756 Number of processors: 4 586 0x40203:10:07.757 ComputerName: SINGULARITY UserName: Nickocosmic03:10:08.843 Initialize success03:10:08.881 AVAST engine defs: 1202010103:11:06.412 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T1L0-603:11:06.414 Disk 0 Vendor: MAXTOR_STM3500320AS MX15 Size: 476940MB BusType: 303:11:06.428 Disk 0 MBR read successfully03:11:06.430 Disk 0 MBR scan03
be down. Please try the request again. Your cache administrator is webmaster. Generated Fri, 14 Oct 2016 15:52:56 GMT by s_ac15 (squid/3.5.20)