So, I’m not the smartest guy when it comes to anti-virus but I did a scan on my computer today and found a Whistler@mbr virus. I don’t know how long I’ve had it. but so far, the computer is fine. Yet, I don’t feel safe leaving my computer the way it is. Can anyone help me out? Thanks in advance.
Follow this guide from our expert malware remover Essexboy
http://forum.avast.com/index.php?topic=53253.0
(post the logs here in this topic and not in the guide)
To avoid using multiple post with copy and paste you have to attach the log`s
Lower left corner: Additional Options > Attach ( OTL.Txt. / Extras.Txt / Malwarebytes scan log )
Essexboy will be notified when the logs are posted…
Okay, thanks Pondus. The three logs are attached. 
Essexboy is notified, he is usually in here from 8:00pm to 11:59pm UK time on week days
In weekend he arrives when he is out of bed and get his Tea…unless there is Cricket on TV ;D
Haha, okay then. Is it safe to turn off my computer?
Have no idea ???
Rebooting will have no effect at this stage, due to the evolving nature of this programme I would like you to run two programmes
[*]Run MBRCheck.exe
[*]Wait until you see the following line: Enter ‘Y’ and hit ENTER for more options, or ‘N’ to exit:
[*]Please push the ‘Y’ key and then press Enter
[*]When program ask you Enter your choice: enter 2 and press the Enter key
[*]Now the program will ask you “Enter the physical disk number to fix (0-99, -1 to cancel):”
[*]Enter 0 and press the Enter key.
[*]The program will show Available MBR codes:, followed by a list of operating systems. Please enter [ 1] Windows XP, and then press Enter.
[*]The program will prompt for confirmation. Type YES and press Enter (Must type the full word, YES). You will be informed if successfully wrote a new MBR code!
[]A text file will be saved to your desktop
[]Paste that report into your next post
[*]Restart your PC.
.
THEN
Download ComboFix from one of these locations:
* IMPORTANT !!! Save ComboFix.exe to your Desktop
[*]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
[*]Double click on ComboFix.exe & follow the prompts.
[*]As part of it’s process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it’s strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
[*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it’s malware removal procedures.
http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
http://img.photobucket.com/albums/v706/ried7/whatnext.png
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Thanks essexboy.
Looks like MBRexe killed that one ;D
What are your current problems ?
What do you mean by problems? Like PC problems? From what I can see, none.
But whenever I run a scan, it still says I have a whistler@mbr infection.
i suggest a boot scan might do the trick here sens it sounds avast is detecting he malware but is unable to do anything about it?
http://www.schmahl.net/avastbootscan.php
then a scan with malwarebytes might be good.
http://filehippo.com/download_malwarebytes_anti_malware/
what i can think off if essexbox doesn’t have outer program up his sleeves 
good luck
Could you re-run MBRCheck please - just the first analysis part
As both programmes seem to indicate that whistler has gone
Here you go.
Could you re-run the fix on drive 0 please
Yep, done.
Lets try the new tool
Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
http://i1224.photobucket.com/albums/ee362/Essexboy3/aswMBR1.png
Click the “Scan” button to start scan
http://i1224.photobucket.com/albums/ee362/Essexboy3/aswMBR2.png
Click the “Fix” in case of infection
http://i1224.photobucket.com/albums/ee362/Essexboy3/aswMBR3.png
Save the aswMBR.log to the desktop. Then post the log here
http://i1224.photobucket.com/albums/ee362/Essexboy3/aswMBR4.png
Okay, I did the scan, but I couldn’t fix because it showed the scan as if there was nothing to fix.
And yet Avast is still alerting on it ?
I will be playing with a new tool so I may not have the next part of the fix for a few hours
Yep, still showing up as an whistler@mbr[Rtk].
Yep, take your time, whenever you’re ready.
Whilst I am testing the testdisc to ensure I get it right - lets try a left field tool for this infection
Please read carefully and follow these steps.
[*]Download TDSSKiller and save it to your Desktop.
[*]Extract its contents to your desktop.
[*]Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
http://i466.photobucket.com/albums/rr21/JSntgRvr/TDSSKillermain.png
[*]If an infected file is detected, the default action will be Cure, click on Continue.
http://i466.photobucket.com/albums/rr21/JSntgRvr/TDSSKillerMal-1.png
[*]If a suspicious file is detected, the default action will be Skip, click on Continue.
http://i466.photobucket.com/albums/rr21/JSntgRvr/TDSSKillerSuspicious.png
[*]It may ask you to reboot the computer to complete the process. Click on Reboot Now.
http://i466.photobucket.com/albums/rr21/JSntgRvr/TDSSKillerCompleted.png
[*]If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
[*]If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of “TDSSKiller.[Version][Date][Time]_log.txt”. Please copy and paste the contents of that file here.