Jump to content

Recommended Posts

I was troubleshooting a system ans recently an user got a BSOD error mentioning mbr.sys..

I had used catchme.exe before he got that error, to see if there are any infections.. I booted his system in safemode and ran GMER rootkit revealer.. It showed the file c:\documents and settings\padmanabhan2\local settings\temp running but I went to the location I couldn't see the file..

The problem is resolved now but I am wondering what is mbr.sys is? Some websites say that it is malicious while others say that it is a part of GMER rootkit revealer itself.. Anyone has any idea?

Link to post
Share on other sites

I was troubleshooting a system ans recently an user got a BSOD error mentioning mbr.sys..

I had used catchme.exe before he got that error, to see if there are any infections.. I booted his system in safemode and ran GMER rootkit revealer.. It showed the file c:\documents and settings\padmanabhan2\local settings\temp running but I went to the location I couldn't see the file..

The problem is resolved now but I am wondering what is mbr.sys is? Some websites say that it is malicious while others say that it is a part of GMER rootkit revealer itself.. Anyone has any idea?

I'm no true expert but when you search for something like that on Google or whatever and you get two results one being good and one being bad it usually depends on where the file is located. So if you know that information it could help.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.