Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Mbr: whistler [Rtk]

  • Please log in to reply
1 reply to this topic

#1 wigless


  • Members
  • 1 posts
  • Local time:08:45 PM

Posted 02 September 2014 - 12:42 PM

Hello, Today my PC got infected. I've noticed a strange behavior of my firefox (new starting page yet i haven't changed it) what is more i can't use the internet properly (tried different browsers and each time I download a file i receive an error message and can't open it) Avast has found a MBR: whistler [RTK] after i had set up the scan... I am not any kind of a computer expert and crying for your help guys... please... Kind regards, Wigless.

BC AdBot (Login to Remove)


#2 xXToffeeXx


    Bleepin' Polar Bear

  • Malware Response Instructor
  • 6,086 posts
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:45 PM

Posted 02 September 2014 - 01:55 PM

Hi wigless,

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters
  • Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now
  • Click Start Scan and allow the scan process to run
  • If threats are detected select Skip or Cure (if available) for all of them unless otherwise instructed.
    ***Do NOT select Delete!
  • Click Continue
  • Click Reboot computer
  • Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply


~If I am helping you and you have not had a reply from me in two days, please send me a PM~


logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here


 ~Twitter~ | ~Malware Analyst at Emsisoft~

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users