Jump to content

Malwarebytes and Win7 system image

Xtreme Gamer
By Xtreme Gamer
in Troubleshooting
 Share
Posted

I did a virus scan on a win7 laptop with malwarebytes. It found 2 rootkits in the mbr on sector 0. Question is, is if it removes the rootkits from the installed os mbr. Can it also remove anything from the system image?

Thanks for any help!!!!

I7-6700k, Asus Maximus VIII Formula, 2 x 8GB Corsair Dominator Plantinum ram, ASUS GTX 960 STRIX, sound blaster zx, 1TB boot drive ssd, 128GB/256GB storage ssd, 1TB storage HDD, 4TB of storage (backup),Windows 10 Pro,1000w psu

Link to comment
https://linustechtips.com/topic/145639-malwarebytes-and-win7-system-image/
Share on other sites
Link to post
Share on other sites
Posted

The pro version does enable scans of the image, not sure about the free version, it didnt mess with system images last time i used the free version but that was some time ago, might have changed especially with the recent overhaul of it.

cpu: intel i5 4670k @ 4.5ghz Ram: G skill ares 2x4gb 2166mhz cl10 Gpu: GTX 680 liquid cooled cpu cooler: Raijintek ereboss Mobo: gigabyte z87x ud5h psu: cm gx650 bronze Case: Zalman Z9 plus


Listen if you care.

Cpu: intel i7 4770k @ 4.2ghz Ram: G skill  ripjaws 2x4gb Gpu: nvidia gtx 970 cpu cooler: akasa venom voodoo Mobo: G1.Sniper Z6 Psu: XFX proseries 650w Case: Zalman H1

Link to post
Share on other sites
Posted
  • Author

The pro version does enable scans of the image, not sure about the free version, it didnt mess with system images last time i used the free version but that was some time ago, might have changed especially with the recent overhaul of it.

 

I ask because my friend uses the premium malwarebytes. I ran a scan on her computer, found rootkits, rebooted, damaged the mbr now all thats left aft data recovery is the image. So if I try to restore the image, does that mean the image's mbr is also damaged?

I7-6700k, Asus Maximus VIII Formula, 2 x 8GB Corsair Dominator Plantinum ram, ASUS GTX 960 STRIX, sound blaster zx, 1TB boot drive ssd, 128GB/256GB storage ssd, 1TB storage HDD, 4TB of storage (backup),Windows 10 Pro,1000w psu

Link to post
Share on other sites
Posted
  • Author

The pro version does enable scans of the image, not sure about the free version, it didnt mess with system images last time i used the free version but that was some time ago, might have changed especially with the recent overhaul of it.

 

OK, if no one can answer the question. Then how about this, If I move the hdd that has the damaged win7 mbr on it to my desktop and use aomei to rebuild/repair the mbr. Would that make it bootable again 100%?

I7-6700k, Asus Maximus VIII Formula, 2 x 8GB Corsair Dominator Plantinum ram, ASUS GTX 960 STRIX, sound blaster zx, 1TB boot drive ssd, 128GB/256GB storage ssd, 1TB storage HDD, 4TB of storage (backup),Windows 10 Pro,1000w psu

Link to post
Share on other sites
Posted
  • Author

I had the same thing happen with Malwarebytes. If it is asking to remove something that most likely means that it will not do any harm to your computer

Well in my case, it did harm the computer. Only because the rootkit took either the whole mbr with it to quarantine/deletion or it took part of it. So can I recover anything from it? Or can I put it into another computer and use aomei to rebuild the mbr. Also is the mbr recoverable if 50-100% of it is gone? Not saying that much is. It's just incase.

I7-6700k, Asus Maximus VIII Formula, 2 x 8GB Corsair Dominator Plantinum ram, ASUS GTX 960 STRIX, sound blaster zx, 1TB boot drive ssd, 128GB/256GB storage ssd, 1TB storage HDD, 4TB of storage (backup),Windows 10 Pro,1000w psu

Link to post
Share on other sites
Posted

I believe you could recover everything from it but dont quote me on it. I have never had this problem but I dont see why you could not recover everything.

 

Well in my case, it did harm the computer. Only because the rootkit took either the whole mbr with it to quarantine/deletion or it took part of it. So can I recover anything from it? Or can I put it into another computer and use aomei to rebuild the mbr. Also is the mbr recoverable if 50-100% of it is gone? Not saying that much is. It's just incase.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Troubleshooting

×