Jump to content
Posted 31 May 2015 - 12:46 AM
Posted 31 May 2015 - 05:15 AM
Posted 31 May 2015 - 12:48 PM
Thank you for the help!
Was the external drive plugged into other computers at one point?
Yes at school and my other computer. I can scan the other computer, but it will be a bit of work as it died (I just have to swap it's hard drive and scan from rescue CD).
Which antivirus are you using?
I used Bitdefender Rescue CD.
I also scanned the computer with a (fully updated) free version of Avast from the Windows OS (in normal mode). Both scans came up clean, but I could definitely do more scans with different software.
Again, thank you!
Edited by Lxno78, 31 May 2015 - 12:49 PM.
Posted 31 May 2015 - 01:04 PM
Edited by Alexstrasza, 31 May 2015 - 01:04 PM.
Posted 01 June 2015 - 04:08 PM
I ran more scans. I was hoping to know how confident I should feel about the results.
I scanned both the external hard drive and my old computer, making sure the programs were all updated in both program version and definition.
I used the following programs within the Windows OS:
Avast, Malwarebytes, Emsisoft Emergency Kit, and AdwCleaner.
All scans came up clean for both the external hard drive and the computer. (Only one anti-malware program was running at a time to avoid conflicts.)
Then, I used 2 rescue CDs:
AVG rescue CD and Kaspersky Rescue Disk.
All scans came up clean for both the external hard drive and the computer.
I understand there still could be some hidden malware, but I should be pretty confident both external hard drive and computer are clean, right?
Edited by Lxno78, 02 June 2015 - 02:08 AM.
Posted 01 June 2015 - 04:14 PM
Posted 01 June 2015 - 10:23 PM
I finished the ESET scan here was the result:
Win32/Bundled.Toolbar.Google.D is a kind of malicious Trojan horse infection that can harm all versions of the Windows operating system.
Google toolbar installer that was bundled with adobe shockwave 12 on my system
I would probably agree with that. I don't think it's as bad as some of the websites make out, but I would say it's unwanted. Unfortunately, with my limited knowledge I don't certainly know about it. I did re-scan the file as to allow ESET to quarantine it.
- Second, I don't know how this result occurred:
C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
There is no Adobe folder in C:\Windows\System32. I have hidden files and folders visible and protected system folders visible at the moment. Even typing in the directory directly into windows explorer produces a Windows can't find... error.
Could this be in part to the malicious intent of Win32/Bundled.Toolbar.Google.D? Just an artifact/quirk of the ESET scan? Or, just a lack of understanding on my part?
As well, the log makes it appear as if ESET has done nothing with C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe, but that is indeed the file that is in the quarantine. The other result (C:\Windows\System32\Adobe\Shockwave 12\gt.exe) doesn't appear in the quarantine, but that directory doesn't even exist on my computer.
- Lastly, what do you make of the result? Should I assume I'm clean for the most part? Or is there still trouble?
Also, I can't thank you enough! It's usually very difficult to find quality help online. I know my posts are a bit long, so I'm extra grateful that some helped me out.
Edited by Lxno78, 02 June 2015 - 02:12 AM.
Posted 02 June 2015 - 02:03 AM
You are correct in the assessment of those websites - this post explains their real nature. It is terribly difficult to find good information with all the SEO poisoning to bring scam sites to the top of search engine ranking list.
I don't find the Win32/Bundled.Toolbar.Google.D as suspicious as I do the website describing it. Almost all the websites that describe Win32/Bundled.Toolbar.Google.D use nearly the exact same article. All those websites have really "spammy" looking layouts and "spammy" looking URLs. On top of that, ESET only describes Win32/Bundled.Toolbar.Google.D as a potentially unsafe application however, the article lists it as a trojan. That seems strange to me.
Posted 02 June 2015 - 05:25 AM
0 members, 0 guests, 0 anonymous users