Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus from ad, Windows 7


  • Please log in to reply
11 replies to this topic

#1 RKRP

RKRP

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 30 August 2012 - 11:32 PM

Hey, and thanks for reading this.

I was visiting a usually trustworthy site, but ended up getting virus warnings for trojans. It turned out the site had some sort of malicious code embeded in it's advertisements which I'm now trying to get rid of.

I'm running Windows 7 and have all the recent patch updates for my programs, currently I've got Malware Bytes, AVG, and rkill downloaded. The virus doesn't seem to be doing anything at the moment, and I've removed a lot of it seems. I'd just like to make sure there isn't anything lingering that might end up stealing passwords, etc.

Edited by RKRP, 31 August 2012 - 07:20 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:48 PM

Posted 30 August 2012 - 11:33 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 RKRP

RKRP
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 30 August 2012 - 11:49 PM

It says my post is too long when I try to post the logs, do you want me to separate it into two different posts?

Or just attach the text file.

Edited by RKRP, 30 August 2012 - 11:50 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:48 PM

Posted 30 August 2012 - 11:51 PM

If TDSSkiller is clean,ignore TDSSkiller log and post the other two logs

If tdsskiller has found infection,post the last few lines alone

#5 RKRP

RKRP
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 31 August 2012 - 01:37 AM

aswMBR

Spoiler

Edited by RKRP, 31 August 2012 - 07:21 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:48 PM

Posted 31 August 2012 - 08:12 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

post the generated log

#7 RKRP

RKRP
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 31 August 2012 - 03:05 PM

MiniToolbox

Spoiler


FSS

Spoiler

Edited by RKRP, 31 August 2012 - 07:21 PM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:48 PM

Posted 31 August 2012 - 06:21 PM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Any current issues?

#9 RKRP

RKRP
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 31 August 2012 - 06:47 PM

Rkill Log

Spoiler

Edited by RKRP, 31 August 2012 - 07:21 PM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:48 PM

Posted 31 August 2012 - 06:56 PM

That code indeed is suspicious

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 RKRP

RKRP
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:48 PM

Posted 31 August 2012 - 07:56 PM

Thanks for the help, naren.

You should include a donation button in your signature like a lot of the other assistants. I'm sure some of us like to help you in some way considering how much you've helped us.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:48 PM

Posted 31 August 2012 - 09:17 PM

Thankyou for your feedback.Will think of it.

safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users