Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Audio advert virus? - Odd adverts play at random times


  • Please log in to reply
14 replies to this topic

#1 Danny15

Danny15

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 29 August 2012 - 10:32 AM

Hi there,


I'm having problems with adverts that start running randomly in the background for about 20-30 seconds

The other day the router suddenly went off for everyone in our house and when the connection re-established I got a virus through on my laptop (Windows 7). The only things being used at the time were Firefox and Spotify. The virus was one of the ones that claims there is some problem with the hard disk and starts 'scanning' it. It then removed all the items from my start menu and hid stuff away. (all the stuff was still physically there - you could find it using windows explorer - but all the links had disappeared. I found an .exe virus in C drive and deleted it

I then restored my computer using a restore point from a few days before. I downloaded super antispyware, malwarebytes and cc cleaner and ran them all along with Sophos. Only super antispyware picked anything up and they were deleted. I thought that had got rid of everything, but then then these adverts in the background start playing randomly. My internet has also become very slow, again at random times. I have also had the odd popup through which never happened before and I have adblocker installed on firefox (I don't use internet explorer)

I'd be very grateful for any advice on what to do.

Thanks,

Danny

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 AM

Posted 29 August 2012 - 10:33 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Danny15

Danny15
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 29 August 2012 - 10:47 AM

Hi there,

I've downloaded TDSSkiller, but when I run it it asks whether I want to run it due to security etc. However, when I tell it to run anyway nothing seems to happen

#4 Danny15

Danny15
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 30 August 2012 - 03:49 AM

I've tried saving TDSSKIller to desktop and naming random.com - still nothing

I then tried running in safe mode, running rkill and superantispyware and finally TDSSkiller. Still nothing

Is there anything else I can try?

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 AM

Posted 30 August 2012 - 05:37 AM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot ,click on REPAIR


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here


Download Listparts from here

For 32 bit

List parts 32

For 64 bit

List parts 64

Launch it,click on SCAN,post the log

#6 Danny15

Danny15
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 30 August 2012 - 07:11 AM

Hi there,

I'm having the same problem with the FIXTDSS - when I run the programme it asks whether I want to run it and when I click yes an egg timer appears for a few seconds and then nothing happens.

The only programme that I've managed to get to work so far is eset. Here's the log:

C:\Users\Helen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\1b2d675a-5809a1d0 Java/TrojanDownloader.Agent.NDR trojan deleted - quarantined
C:\Users\Helen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\721059f8-6bb90998 multiple threats deleted - quarantined
C:\Users\Helen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\212824c8-3df08a6c multiple threats deleted - quarantined

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 AM

Posted 30 August 2012 - 07:13 AM

Please post the LIST parts log

#8 Danny15

Danny15
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 30 August 2012 - 08:20 AM

ListParts by Farbar Version: 10-08-2012
Ran by Helen (administrator) on 30-08-2012 at 14:18:49
Windows 7 (X64)
Running From: C:\Users\Helen\Downloads
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 62%
Total physical RAM: 1915.98 MB
Available physical RAM: 716.03 MB
Total Pagefile: 3831.95 MB
Available Pagefile: 2490.65 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (WINDOWS) (Fixed) (Total:116.21 GB) (Free:76.28 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:116.27 GB) (Free:109.25 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 400 MB 1024 KB
Partition 2 Primary 116 GB 401 MB
Partition 3 Primary 116 GB 116 GB
Partition 4 Primary 10 MB 232 GB

======================================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 SYSTEM NTFS Partition 400 MB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C WINDOWS NTFS Partition 116 GB Healthy Boot

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D Data NTFS Partition 116 GB Healthy

======================================================================================================

Disk: 0
Partition 4
Type : 17 (Suspicious Type)
Hidden: Yes
Active: Yes

There is no volume associated with this partition.

======================================================================================================

****** End Of Log ******

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 AM

Posted 30 August 2012 - 08:22 AM

Restart the PC

Press F8 on bootup

Select REPAIR YOUR COMPUTER

Click on REPAIR

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Can you get to this screen?

#10 Danny15

Danny15
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 30 August 2012 - 09:41 AM

Hi there,

I've clicked on repair and it says that windows is loading files and a grey loading bar appears. After five minutes nothing seems to be happening. I'm guessing that means I can't get to that page?

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 AM

Posted 30 August 2012 - 09:43 AM

Do you have your windows 7 DVD? If yes ,insert it and try the previous instructions again

#12 Danny15

Danny15
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 30 August 2012 - 09:50 AM

Unfortunately I don't. Is that a major problem?

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 AM

Posted 30 August 2012 - 09:51 AM

No problem,we have other ways to do it.You have a rootkit partition which needs to be disabled offline.

Partition 4 Primary 10 MB 232 GB

We need advanced tools to remove this one

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#14 Danny15

Danny15
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 30 August 2012 - 10:07 AM

Thanks a lot!

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:17 AM

Posted 30 August 2012 - 10:08 AM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users