Author Topic: Another Whistler Rootkit Thread... (Read 2749 times)

Darkstrike · « **on:** February 25, 2011, 07:07:32 AM »

Hey all,

I've done some reading in the other threads on the site, but having a few problems. First step I took was to download and run aswMBR.exe.

Like in this thread (http://forum.avast.com/index.php?topic=71891.0), I did not have the fix option. I then dloaded TDSSKiller.exe and ran that, receiving this:

Trojan-Clicker.Win32.Wistler.a
Physical Drive
Name: \HardDisk0

The above was found on both of my hard drives, and the cure function failed, so I selected "Write Standard Boot Code."

Just restarted and running an Avast scan now. If Avast does not pick it up again, is there another way I can...double-check, per-se that the rootkit is gone?

Thanks!

essexboy · « **Reply #1 on:** February 25, 2011, 08:51:18 PM »

The lack of a fix option means there was no backup on your system. TDSSKiller will write a fresh MBR

So if there are no further alerts from Avast then it should be OK - but re-run ASWMbr again to be sure

Author Topic: Another Whistler Rootkit Thread... (Read 2749 times)

Darkstrike

Another Whistler Rootkit Thread...

essexboy

Re: Another Whistler Rootkit Thread...