Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

pop-up windows appearing in browser web pages.


  • Please log in to reply
3 replies to this topic

#1 spon000

spon000

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 06 February 2013 - 04:04 PM

Hi,

I'm having the exact same symptoms as this user's post: http://www.bleepingcomputer.com/forums/topic476497.html. I have tried avast, MBAM, and some other malware detection apps. The malware is never detected and I can't figure out where it's coming from. I've looked at the hosts file and it's fine. I couldn't find where the user's problem was fixed.
Some kind of javascript script is getting inserted into many of the web pages I browse. Strangely, it doesn't happen in some pages like Yahoo or Google search. I disable javascript in the browser and it doesn't show up. It happens in both IE and Firefox. I don't use other browsers. Please help me.

Thanks,
Patrick

Edited by bloopie, 06 February 2013 - 06:24 PM.
Moved topic from Windows 7 to the more appropriate forum. ~bloopie


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:36 PM

Posted 06 February 2013 - 11:21 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    Posted Image

  • Check Loaded Modules and Detect TDLFS file system. Do not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    Posted Image

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    Posted Image

  • Click Reboot computer
  • Please post the contents of TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply

===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    Posted Image
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    Posted Image
  • Please post the contents of the log in your next reply.
NOTE: aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    Posted Image

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. Note: If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

Edited by narenxp, 07 February 2013 - 03:09 AM.


#3 spon000

spon000
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 11 February 2013 - 08:11 AM

Hi narenxp,

 

Thank you for pointing me to the tools I needed in order to find the problem. Nothing showed up until I used the ESET online scanner which showed I have the following virus: ScrInject.B.Gen. Apparently this is a backdoor virus and very hard to remove. I think at this point I'm going to reinstall my OS to be on the safe side unless you know of an easy and effective way to remove this intrusion.

 

Again, thanks for your help.

 

Have a great day,

Patrick


Edited by spon000, 11 February 2013 - 08:12 AM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:36 PM

Posted 11 February 2013 - 11:57 AM

Please post the logs :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users