Hello.
My name is alexandros and here are the avast informations threat.
when i do the full scan it says:
file name :disk 0 Master Boot Record .
Severity: high
status : Threat:Whistler-B@mbr [Rtk]
and one time find:
file name MRB:\.\PHYSICALDRIVE0
saverity high
status threat:Rootkit:hidden boot-sector
my PC does not have (almost) any problem… exept some erros like that:
to window defender command line ulitity has a problem and need to get close
more informations szAppName:MpCmdRun.exe szAppVer:1.1.1593.0 szModName: ntdll.dll
SzModVer:5.1.2600.2180 offset:00018fea
morew informations c:\DOCUME~1/alekos\LOCALS~1\Temp\WER8088.dir00\MpCRun.exe.mdmp
C:\DOCUME~1/alekos\LOCALS~1\Temp\WER8088.dir00\appcpmpat.tx
but this erros my pc saws only 2-3 times!
the main problem is that , i conect my PC on the internet but
after a few minutes i am disconected! if i restart my PC i can be
conected to the internet again… but after a few minutes is disconected again.
how can fix it…? in a full scan i can not apply any action.
and in a boot time it just say that mbr 0 is infected.
can i fixed that without a format?
have XP windows. i really don’t have a lot of excepirience with PC because
i did not really need to do something like that again.
( i am new here. i use 3 years the avast and i did not even know that
this forum exist i hope that when some one respond i 'll be informed
via e-mail. PLEASE try to help my with as easy english as possible,
as you can see my english are not very good. you can also find me in fb as : alex antono .)
thanks for your time!
i did the boot scan , i scan with malwarebyte , and there was no result!
With the hijacks i dodn’t know what i must “fix” :S
i aslo try and tehe aswMBR . i scan my pc and the picture below shows
the results!
Geia sou file,o whistler einai ena bootkit mpwreis na matheis perissotera edw : http://blog.novirusthanks.org/2010/02/whistler-bootkit-a-new-powerful-windows-bootkit/
Efoson o essexboy einai edw min anisixeis ;D.
He is from greece so i gave him some info about whistler+that he doesn’t need to worry since essexboy has joined the topic.
Regards
[*]Download TDSSKiller and save it to your Desktop.
[*]Extract its contents to your desktop.
[*]Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
[*]If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
[*]If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of “TDSSKiller.[Version][Date][Time]_log.txt”. Please copy and paste the contents of that file here.
i download it and i did step step what you say… after the scan didn’t say about the rebut
it was a message which i include as the first picture with… i pick the “no” option
an then it saws the mesagge about rebut which is in the second picture! now i am going to
reboot! i don’t know what to expect! :S i am p…ssy
On your desktop will be a file called MBR.dat could you add that to the virus chest and then upload to the virus lab - for comments put in undetected MBR infection
To add to the virus chest :
Open Avast and select Maintenance > Virus chest
Right click in the white area to the right and select Add
Browse to MBR.dat and select
Once it is in the chest right click the file and select Send to Virus labs
after the last action wih was the tdds i did a full scan and there was no virus!
also there is no MBR.dat in the whole pc and in the virus chest there is no virus.
i am doing now an new scan with the avast an until now there is no infected files
:S what happend? i couldn’t delete or fix the infected file and there isn’t
either to the chest :S and avast didn’t find any infected file… is this good…
i suppose yes but… i will scan my pc in a boottime and i will inform you!
thanx for your time!
:S i don’t know why this is not… maybe there is no copy because when i run the tdds
i was already erase the aswMBR.exe . you have told me to download te aswMBR but because
i didn’t see any progress with hijacks , malwarebyte etc i erase the aswMBR.exe…
i really don’t want to have programms i don’t use and i thought that it is not usefull anymore :S
do you want to donwload it again and run it? it’s easy, do you want to copy paste the
results? but as you can see in the avaste image wich i have already cpoy paste
the avast did find an threat :S