is this a spoof site

http://public/avast.com

I ask this re this page and the associated .exe file link

http://www.technibble.com/forums/showthread.php?p=214105

I scanned the exe file and avast found no threat, but just wanted to make sure its a valid exe file avast actually do support.

cheers

do you mean the aswMBR.exe file ? if so yes it is made by avast and used all the time here

yes I did mean that file, I just wanted to check first before running it

cheers

user guide here http://public.avast.com/~gmerek/aswMBR.htm

http://imgur.com/5C2kt

I get this message when I pressed fix MBR

is there a good chance aswMBR.exe will mess up my partions and render my system disk completely useless?

Why are you running aswMBR ? Could you post the log that it produced as trying to fix a non-existant problem could actually create a problem

here is the output from running aswMBR

http://i.imgur.com/4Z1uZ.png

difficult to read…click save log and post here

here you are

I think those files are false positives could you upload them to Avast virus labs as a possible false positive

To do this open Avast
Go to the virus chest
Click ion the balnk space and select add
Navigate to the files noted and add them to the chest
Once there then right click the files within the chest and send them to the labs

Thanks for that info. I’ve done what you said and sent the files to the Avast Virus Lab for analysis.

My system does appear to be fine. So bearing in mind what you said about trying to fix an unbroken MBR, I will defer using aswMBR.exe.

Does avast automatically check the MBR at any time? Do you need to schedule a boot-time scan to do it? Is the functionality of aswMBR.exe built into the standard avast product?

A friend was using avast and her laptop pc sent out numerous unsolicted emails to people in her address list and other email addresses (about a week ago), she only realised this when some of the email addresses that these rogue emails were sent to, bounced back to her inbox having some mail error. I was under the impression that avast checks that the email client does not get to send out unsolicited emails, so I’m puzzled how this happened and avast did not alert her to a mail problem. When she performed a deep scan, avast found no virus. She resorted to going back to a system restore point about a week earlier than the rogue mail items were sent out, and also uninstalled avast and installed Windows Defender instead. Is avast not robust enough to spot these rogue mailer virii?

No security program have 100% detection…
Windows Defender is not a AV program… or do you mean Windows Security Essentials ?

Yep I have just run aswMBR on my system and it detected them as well I have also uploaded them as false postives

A friend was using avast and her laptop pc sent out numerous unsolicted emails to people in her address list and other email addresses (about a week ago), she only realised this when some of the email addresses that these rogue emails were sent to, bounced back to her inbox having some mail error. I was under the impression that avast checks that the email client does not get to send out unsolicited emails, so I'm puzzled how this happened and avast did not alert her to a mail problem. When she performed a deep scan, avast found no virus. She resorted to going back to a system restore point about a week earlier than the rogue mail items were sent out, and also uninstalled avast and installed Windows Defender instead. Is avast not robust enough to spot these rogue mailer virii?
If she uses a web based mail i.e. Yahoo, Hotmail etc.. There is a possibility that her account was hacked. Get her to change the password

my bad, it was not Windows Defender, but Windows Security Essentials, and she confirmed her email client is hotmail, and she changed her password as soon as she found out that the rogue emails had been sent out.

Regarding the question: Does avast automatically check the MBR at any time? Do you need to schedule a boot-time scan to do it? Is the functionality of aswMBR.exe built into the standard avast product?

could you let me know please.

I used to pay to use AVG Professional for a few years but was not so happy with its heavy resources and functionality and swapped to avast for the past few years and have been satisfied with it as I’ve never had a virus problem and it does occassionaly pick up some virus threat, and gets frequently updated automatically, which I like very much.

Found another FP with it but I also don’t get why it says my MBR is hidden and why it scanned the entire Windows and My Documants folders.

Change the drop down marked to no scan - otherwise it will invoke a quick scan with Avast as you have it resident

Does that file have a manufacturer under properties ? I feel it may be becoming a bit sensative with the heuristics

Do you have a dell or HP as the MBR is non standard due to the recovery partition, this is not evident under Vista/7 as a different recovery method is used

I have an HP but there is no recovery partition because I completely wiped the HD and installed XP Pro from another disk. I didn’t use the HP recovery disks. I did however install all of the HP drivers including HP Quick Play which makes a 1gb partition at the end of the drive for the files needed to boot into Quick Play without fully booting Windows. I can push the DVD or Quick Play buttons on my keyboard when the machine is completely shut down and play a DVD without, as I said, fully booting into Windows. Maybe this has caused the non standard MBR you mention.

The file does have ATI Technologies as the manufacturer and it’s described as - ATI Radeon WindowsNT Miniport Driver. It’s a file that’s present in all Radeon driver packages. When I navigate to the file and do a right click scan with Avast, it says it’s clean. That’s kind of strange , isn’t it?

Sounds like another FP - an update has just been released so I am re-scanning with aswMBR to see if it is present

HP Quick Play actually amends the MBR so that you do not need to boot to windows to use it

It still comes up as suspicious in aswMBR but the right click scan says it’s clean.