Essentially the it hasn’t found an MBR Rootkit only an unknown MBR, which in its own right doesn’t mean you have an MBR rootkit.
Can happen if you have an OEM system like a Dell or HP, etc. (?) where they may have a custom/unique MBR to cater for their use of a recovery partition.
Okay, I know it is clean. What do you mean by they? I have an HP w/ 64 bit Win7 with a recovery partition. And why did I run a rootkit scan? It can’t hurt, right? My question was more about what the result mean specifically…
HP may have a unique MBR so that you can boot into the recovery partition so that you can do a factory restore. That is one reason why it might be considered an unknown MBR code.
Personally I would never want my system restored to factory defaults, as it came out of HP, everything that you installed after getting the PC, windows updates, settings, etc. would be lost and that would be a right royal pain in the rear.
Using drive imaging software provides a better solution, you can run it weekly, etc. and it makes an exact copy of your drive/partition at the time.
Personally I see no purpose in running the aswMBR scan it isn’t a general anti-rootkit scanner but more a specific tool to look for MBR rootkits. Avast does a standard anti-rootkit scan 8 minutes after boot and a limited rootkit scan as part of the Quick or Full System Scans.
So there shouldn’t be any need to run the aswMBR.exe tool unless there is a suspicion of there being an MBR rootkit, usually this would be on the suggestion of one of the helpers in the forum.
Thanks. It is strange that there are three replys from today because the was from May 19th ;D. I am not using a Dell, it looks like there is some confusion because I am talking about an HP in this instance and yes it is an OEM-type system. I think it was in one of the earlier posts. I did not think this was an infection, I just wanted to know what it meant. Thank you for your help.