Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

i got a box on my PC to get an update for a flash player....


  • Please log in to reply
3 replies to this topic

#1 sidhardtha

sidhardtha

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:02 PM

Posted 01 March 2013 - 09:18 AM

....it was flash player pro. i downloaded it and installed it. i opted out of getting it's tool bar and other softwares.  it installed them

 

any way. i uninstalled them thru programs. it still remained. it is on my firefox. every time that i open a tab, link or firefox, it

 

opens another tab with an advert. i am on windows 7. i have run my avira anti-virus. it found nothing.

 

thanks in advance.


Edited by sidhardtha, 01 March 2013 - 09:19 AM.

lenova, I5 PROCESSOR, quad core, 8 GB DDR4, 1 TB HD, INTEL HD 530 GRAPHICS CARD, WINDOWS 10 HOME PREMIUM 64-BIT, FIREFOX 64 BIT, BITDEFENDER TOTAL SECURITY, ZEMANA AND 'EMSISOFT EMERGENCY KIT' SCANNER.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:02 PM

Posted 01 March 2013 - 10:48 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 sidhardtha

sidhardtha
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:02 PM

Posted 01 March 2013 - 11:40 AM

i did the 1st part. it found nothing. i will try the 2nd application.

 

11:20:51.0395 6152  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:20:53.0408 6152  ============================================================
11:20:53.0408 6152  Current date / time: 2013/03/01 11:20:53.0408
11:20:53.0408 6152  SystemInfo:
11:20:53.0408 6152  
11:20:53.0408 6152  OS Version: 6.1.7601 ServicePack: 1.0
11:20:53.0408 6152  Product type: Workstation
11:20:53.0408 6152  ComputerName: ME-HP
11:20:53.0408 6152  UserName: me
11:20:53.0408 6152  Windows directory: C:\Windows
11:20:53.0408 6152  System windows directory: C:\Windows
11:20:53.0408 6152  Running under WOW64
11:20:53.0408 6152  Processor architecture: Intel x64
11:20:53.0408 6152  Number of processors: 4
11:20:53.0408 6152  Page size: 0x1000
11:20:53.0408 6152  Boot type: Normal boot
11:20:53.0408 6152  ============================================================
11:20:59.0133 6152  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:20:59.0149 6152  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:20:59.0149 6152  Drive \Device\Harddisk2\DR2 - Size: 0x7470C05A00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:20:59.0164 6152  ============================================================
11:20:59.0164 6152  \Device\Harddisk0\DR0:
11:20:59.0164 6152  MBR partitions:
11:20:59.0164 6152  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
11:20:59.0164 6152  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x38530800
11:20:59.0164 6152  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38594800, BlocksNum 0x1DBD800
11:20:59.0164 6152  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
11:20:59.0164 6152  \Device\Harddisk1\DR1:
11:20:59.0164 6152  GPT partitions:
11:20:59.0164 6152  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1D9BDD25-0A8D-4E55-A8F5-44750D6F2038}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
11:20:59.0164 6152  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {CAE2A5E9-165C-486C-8E0E-DF0EB46DB9AD}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x3A345800
11:20:59.0164 6152  MBR partitions:
11:20:59.0164 6152  \Device\Harddisk2\DR2:
11:20:59.0164 6152  MBR partitions:
11:20:59.0164 6152  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
11:20:59.0180 6152  ============================================================
11:20:59.0258 6152  C: <-> \Device\Harddisk0\DR0\Partition2
11:20:59.0398 6152  D: <-> \Device\Harddisk0\DR0\Partition3
11:20:59.0429 6152  G: <-> \Device\Harddisk2\DR2\Partition1
11:20:59.0445 6152  H: <-> \Device\Harddisk0\DR0\Partition4
11:20:59.0461 6152  F: <-> \Device\Harddisk1\DR1\Partition2
11:20:59.0461 6152  ============================================================
11:20:59.0461 6152  Initialize success
11:20:59.0461 6152  ============================================================
11:22:40.0923 6600  Deinitialize success
 


lenova, I5 PROCESSOR, quad core, 8 GB DDR4, 1 TB HD, INTEL HD 530 GRAPHICS CARD, WINDOWS 10 HOME PREMIUM 64-BIT, FIREFOX 64 BIT, BITDEFENDER TOTAL SECURITY, ZEMANA AND 'EMSISOFT EMERGENCY KIT' SCANNER.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:02 PM

Posted 06 March 2013 - 05:55 AM

Other logs?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users