My computer has physical drive 0, consisting of E (system root drive) and F, and USB physical drive 1, logical drive H, which sometimes is connected to my computer and sometimes not.
Gmer’s mbr log keeps insisting that the MBR file on “Harddisk2\DR5” is corrupt and it has limited ability to read it.
Malabyte anti-Malware won’t install, but the computer boots up just fine. The MBR in drive 0 exists.
If the USB drive is NOT connected, aswMBR reports,
17:11:25.671 Modules scanning
17:11:33.984 Disk 0 trace - called modules:
17:11:34.000 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
17:11:34.000 1 nt!IofCallDriver → \Device\Harddisk0\DR0[0x8a56eab8]
17:11:34.000 3 CLASSPNP.SYS[b80e8fd7] → nt!IofCallDriver → \Device\0000006e[0x8a596f18]
17:11:34.000 5 ACPI.sys[b7f7f620] → nt!IofCallDriver → \Device\Ide\IdeDeviceP0T0L0-3[0x8a585d98]
17:11:34.234 AVAST engine scan E:
17:43:20.156 Scan finished successfully
If the USB drive IS hooked up aswMBR reportrs,
18:10:05.390 AVAST engine defs: 12011601
18:10:16.125 Disk 0 \Device\Harddisk0\DR0 → \Device\Ide\IdeDeviceP0T0L0-3
18:10:16.125 Disk 0 Vendor: WDC_WD3200AAKS-00V1A0 05.01D05 Size: 305245MB BusType: 3
18:10:16.125 Device \Driver\usbstor → DriverStartIo USBSTOR.SYS b83d1f26
18:10:16.140 Disk 2 MBR read successfully
18:10:16.140 Disk 2 MBR scan
18:10:16.171 Disk 2 Windows XP default MBR code
18:10:16.171 Disk 2 MBR hidden
18:10:16.171 Disk 2 Partition 1 80 (A) 07 HPFS/NTFS NTFS 39997 MB offset 63
18:10:16.171 Disk 2 Partition - 00 0F Extended LBA 265237 MB offset 81915435
18:10:16.171 Disk 2 Partition 2 00 07 HPFS/NTFS NTFS 265237 MB offset 81915498
18:10:16.250 Disk 2 scanning E:\WINDOWS\system32\drivers
18:10:42.828 Service scanning
18:10:43.609 Modules scanning
18:11:12.359 Disk 2 trace - called modules:
What is even up with “Disk2”? Now, Disk 0, drive E is 39997 mb. That’s partition 1. Partition 2 is 265237 mb. Disk 01, drive H, is 74 gb.
WDC_WD3200AAKS is the model number of Disk 0.
What am I to make of this?
Also, GMER mbr refers to Harddisk2/DR5, which at one oint (but not now) it claimed had rootkit-like code on it. No scan has specifically found it, but it appears that the MBR on the usb drive may or may not be Windows xpcode. I’d not expect it to be windows xp code.
Dora