Author Topic: malware  (Read 5041 times)

0 Members and 1 Guest are viewing this topic.

patrickoscar

  • Guest
malware
« on: June 16, 2011, 11:43:40 PM »
am a newcomer, so first hello to all! now my question - running avast I detect a malware called whistler but cannot delete it. appreciate any advice on whether it is serious and on how to get rid of it.
patrickoscar

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 86495
  • No support PMs thanks
Re: malware
« Reply #1 on: June 16, 2011, 11:51:26 PM »
Whistler is if I recall an MBR Rootkit, so you will ned a specialist tool.

You can check if you have an MBR rootkit using this tool:
Quote from: essexboy
Download aswMBR.exe ( 568KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

 
On completion of the scan click save log, save it to your desktop and post in your next reply


Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.2.6003 (build 22.2.7013.717) UI 1.0.697/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

patrickoscar

  • Guest
Re: malware
« Reply #2 on: June 17, 2011, 08:00:39 AM »
thanka for this David.
It is indeed te rootkit whistler.mbr
I used this and attach logs of scan. what should I do to get rid of it?
Thx again,
PatrickOscar

Offline claudiuc

  • avast! Security Expert
  • Avast Reseller
  • Sr. Member
  • *
  • Posts: 282
  • www.avastantivirus.ro
    • www.avastantivirus.ro
Re: malware
« Reply #3 on: June 17, 2011, 09:22:29 AM »
You can use FixMBR button.
Claudiu C. - Easy Media
Avast & AVG Distributor Romania, Moldova, Hungary
https://www.avastantivirus.ro/

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 86495
  • No support PMs thanks
Re: malware
« Reply #4 on: June 17, 2011, 01:45:51 PM »
thanka for this David.
It is indeed te rootkit whistler.mbr
I used this and attach logs of scan. what should I do to get rid of it?
Thx again,
PatrickOscar

Strange as the aswMBR log you posted doesn't show any MBR rootkit.
Quote
07:18:40.156    Disk 0 MBR scan
07:18:40.171    Disk 0 Windows XP default MBR code
Plus no unknown elements and the avast scan of system32 and sub-folders also came up clean.

Quote
07:19:09.015    AVAST engine scan C:\WINDOWS\system32
07:22:57.390    Scan finished successfully
No sign of rootkit whistler.mbr in this scan either.

So was this a second scan after taking action (FixMBR and reboot) ?
« Last Edit: June 17, 2011, 01:49:04 PM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.2.6003 (build 22.2.7013.717) UI 1.0.697/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security