Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

tmp96A7.tmp.bat?


  • Please log in to reply
12 replies to this topic

#1 MML

MML

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:44 AM

Posted 20 August 2015 - 08:38 PM

While I wait to get my other (non-viral) issue cleared up elseforum, I noticed the following file existent on my computer through Kaspersky Application Activity.  Is it a normal leftover temp file or something else I should be concerned about?



BC AdBot (Login to Remove)

 


m

#2 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:10:44 AM

Posted 21 August 2015 - 03:33 AM

Hello MML,

 

In which folder you are found it? Did Kaspersky detect it as a threat?

 

You can submit suspicious files for analysis to more than one online service:

§  Jotti's virusscan

§  VirusTotal

§  VirSCAN

§  ThreatExpert

§  Metascan Online <- allows large file submissions

§  Anubis - Malware Analysis

§  Malwr Analysis Service

§  Payload Security Hybrid Analysis

§  Comodo

 

You can post analysis results here.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#3 MML

MML
  • Topic Starter

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:44 AM

Posted 23 August 2015 - 02:41 AM

I found it via looking through my Applications Activity section; it won't give me a file path name when I ask it to open, so I can't upload the file.  Is there a way to figure out the file path without using Kaspersky?



#4 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:10:44 AM

Posted 23 August 2015 - 03:17 AM

Can you take a screenshot of that window where you can see that file?


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#5 MML

MML
  • Topic Starter

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:44 AM

Posted 05 September 2015 - 04:33 AM

Oop, can attach as soon as I learn how to attach images; is there a FAQ I can look at to familiarize myself and learn how to do it?


#6 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:10:44 AM

Posted 05 September 2015 - 04:35 AM

You have to upload image to sendspace.com or to imgur.com


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#7 MML

MML
  • Topic Starter

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:44 AM

Posted 06 September 2015 - 10:51 PM

Oop, OK - here!

 

http://i.imgur.com/IyThHZH.png

 

I also have an incidence of OpenCandy on here.


Edited by MML, 06 September 2015 - 10:52 PM.


#8 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:10:44 AM

Posted 07 September 2015 - 02:46 AM

Ok, we will do some checks.

 

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

 

§  Double-click mbam-setup-2.x.x.xxxx.exe and follow the prompts to install the program.

§  At the end, be sure a checkmark is placed next to the following:
 

o    Launch Malwarebytes Anti-Malware

o    A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

 

§  Click Finish.

§  On the Dashboard, click the 'Update Now >>' link

§  After the update completes, on Settings tab, set under Detection and Protection next options: 

1. 'Scan for rootkits'

2. Non-Malware Protection, for 'PUP detections', check, 'Threat detections as malware' option.

§  Return to Dashboard, click the 'Scan Now >>' button.

§  A Threat Scan will begin.

§  When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

§  In most cases, a restart will be required.

§  Wait for the prompt to restart the computer to appear, than click on Yes.


If you already have MBAM 2.0 installed:
 

§  On the Dashboard, click the 'Update Now >>' link.

§  After the update completes, on Settings tab, set under Detection and Protection next options: 

1. 'Scan for rootkits'

2. Non-Malware Protection, for 'PUP detections', check, 'Threat detections as malware' option.

§  Return to Dashboard, click the Scan Now >> button.

§  A Threat Scan will begin.

§  When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

§  In most cases, a restart will be required.

§  Wait for the prompt to restart the computer to appear, than click on Yes.

§  After the restart once you are back at your desktop, open MBAM once more.

§  Click on the History tab > Application Logs.

§  Double click on the Scan Log which shows the Date and time of the scan just performed.

§  Click 'Export'.

§  Click 'Copy to Clipboard'

Paste the contents of the clipboard into your reply.

------

 

Please download AdwCleaner by Xplode onto your desktop.

§  Close all open programs and internet browsers.

§  Double click on adwcleaner.exe to run the tool.

§  In EULA window click I agree.

§  In Options uncheck Reset Winsock settings.

§  Click on Scan button.

§  When the scan has finished click on Cleaning button.

§  Your computer will be rebooted automatically. A text file will open after the restart.

§  Please post the contents of that logfile with your next reply.

§  You can find the logfile at C:\AdwCleaner[C1].txt as well.

--------

 

Please download Junkware Removal Tool to your desktop.

§  Shut down your protection software now to avoid potential conflicts.

§  Run the tool by double-clicking it. If you are using Windows Vista, 7, 8 or 10; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

§  The tool will open and start scanning your system.

§  Please be patient as this can take a while to complete depending on your system's specifications.

§  On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

§  Post the contents of JRT.txt into your next message.

--------


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#9 MML

MML
  • Topic Starter

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:44 AM

Posted 24 September 2015 - 07:30 AM

Logs!  Couldn't get JTR to run:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/15/2015
Scan Time: 9:56 PM
Logfile: 
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.09.16.01
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Owner
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356051
Time Elapsed: 52 min, 4 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
# AdwCleaner v4.111 - Logfile created 23/09/2015 at 20:05:07
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Local]
# Operating system : Windows 8.1  (x64)
# Username : Owner - HPLAPTOP
# Running from : C:\Users\Owner\Desktop\adwcleaner_4.111.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Google Chrome v45.0.2454.99
 
*************************
 
AdwCleaner[R0].txt - [3085 bytes] - [08/03/2015 05:07:53]
AdwCleaner[R10].txt - [1701 bytes] - [23/09/2015 07:30:30]
AdwCleaner[R11].txt - [706 bytes] - [23/09/2015 20:05:07]
AdwCleaner[R1].txt - [2092 bytes] - [05/06/2015 13:22:00]
AdwCleaner[R2].txt - [2151 bytes] - [05/06/2015 14:29:56]
AdwCleaner[R3].txt - [1083 bytes] - [09/06/2015 13:29:38]
AdwCleaner[R4].txt - [1142 bytes] - [11/06/2015 16:16:49]
AdwCleaner[R5].txt - [1080 bytes] - [19/07/2015 17:16:30]
AdwCleaner[R6].txt - [1139 bytes] - [21/07/2015 21:08:45]
AdwCleaner[R7].txt - [1258 bytes] - [08/08/2015 11:28:37]
AdwCleaner[R8].txt - [1844 bytes] - [08/08/2015 12:24:33]
AdwCleaner[R9].txt - [1376 bytes] - [20/08/2015 21:33:07]
AdwCleaner[S0].txt - [2251 bytes] - [05/06/2015 14:48:25]
AdwCleaner[S1].txt - [1206 bytes] - [21/07/2015 21:18:09]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R11].txt - [1414 bytes] ##########
 


#10 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:10:44 AM

Posted 24 September 2015 - 01:45 PM

Do you have problems with opencandy now?


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#11 MML

MML
  • Topic Starter

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:44 AM

Posted 28 September 2015 - 03:32 AM

I'm still getting audio delays (and occasional gaps in said audio), especially on youtube videos.



#12 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:10:44 AM

Posted 28 September 2015 - 12:11 PM

I'm still getting audio delays (and occasional gaps in said audio), especially on youtube videos.

 

Delays only in browser? Or when you are using other players for music and video? 


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#13 MML

MML
  • Topic Starter

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:44 AM

Posted 05 May 2016 - 10:36 PM

I just realized I never replied to this - audio delays got fixed after my browser upgrade!  Thank you for helping me all that time ago!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users