Jump to content
Sign in to follow this  
mattyang

UNDETECTABLE ADWARE

Recommended Posts

I know for certain there is a adware lurking within my system but yet MalwareBytes and Trend doesn't seems to be able to pick it up after scanning. Each time I run my mouse over certain words which appeared underlined a certain advertisement will pop up.

 

I am very particular about uninvited programs as I know the potential damage they can do but unfortunately I believe my wife had downloaded some softwares which this adware in it.

 

How can I go about first detecting it and then eradicating it permanently?

Share this post


Link to post
Share on other sites

I had this happen as well.

 

Turns out it was a cookie installed by a company called "Textserve"

I got rid of it by disabling the addon it had installed and also running CCleaner to clean up the cookies. Hope this helps.

Share this post


Link to post
Share on other sites

Hello mattboy

 

SuperAntiSpyware is very good at detecting and removing cookies - particularly tracking cookies which can sometimes be quite persistant.

  • SuperAntiSpyware

  • Download SuperAntiSpyware by clicking here and save the file (called superantispyware.exe) to your desktop.
  • Once the download is complete, close all windows and double click on the superantispyware.exe icon to start the installation.
  • Follow any prompts you receive (do not make any changes to the default settings provided).
  • Click on "Finish" to complete the installation.
  • SuperAntiSpyware will automatically open. Select your preferred language and click on "OK".
  • You will now be prompted to update the SuperAntiSpyware definitions. Please press the "Yes" button to allow the program to download and install the latest updates so that it can properly detect and remove the latest malware.
  • Follow the prompts and click on the "Finish" button.
  • The main menu will now appear.
  • Click on the "Scan your computer" button and choose "Complete scan" then click on "Next" to begin the scan.
  • If SuperAntiSpyware detects any Malware, allow the program to quarantine what it finds.
  • To obtain the log of the scan you have just performed, start SuperAntiSpyware, and click on the "Preferences" button.
  • Now click on the "Statistics/Logs" tab and then double click on the log with the most recent time and date.
  • Copy and paste the log into your next reply.
  • For more detailed instructions on running SuperAntiSpyware click here.

Share this post


Link to post
Share on other sites

Hi JonTom, had d/l Superantispyware and did a scan and found the following as per log:

 

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 12/24/2012 at 02:36 PM

 

Application Version : 5.6.1014

 

Core Rules Database Version : 9784

Trace Rules Database Version: 7596

 

Scan type : Complete Scan

Total Scan Time : 00:36:50

 

Operating System Information

Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)

Administrator

 

Memory items scanned : 421

Memory threats detected : 0

Registry items scanned : 36823

Registry threats detected : 0

File items scanned : 33671

File threats detected : 4

 

Trojan.Agent/Gen-Nullo[short]

D:SYSTEM VOLUME INFORMATION_RESTORE{B4DBDBDB-658C-4228-B504-6C5E04896B1A}RP143A0035414.EXE

C:SYSTEM VOLUME INFORMATION_RESTORE{B4DBDBDB-658C-4228-B504-6C5E04896B1A}RP143A0035413.EXE

 

Trojan.Agent/Gen-Koobface

C:DOCUMENTS AND SETTINGSACERMY DOCUMENTSDOWNLOADSREALPLAYER.EXE

 

PUP.BundleInstaller

C:DOCUMENTS AND SETTINGSACERMY DOCUMENTSDOWNLOADSVIPBOXSPORTSAPP_SETUP(8).EXE

 

However, it seems the ad popup which was runned by Coupondropdown is still in my Firefox browser. Tried looking for the addon in Managed Add Option but didn't find any. Also checked and IE is not affected by this popup.

 

I had deleted the last few latest software that was downloaded prior to the appearance of the ad popups but it doesn't seems to be bundled together with them.

 

Appreciate your advice on the next step to eradicating this menace.

Share this post


Link to post
Share on other sites

Hello mattboy

 

It looks as though you have an infected system restore cache and a number of infected files on your machine.

 

This may be a little more serious than a mere cookie/adware problem.

 

 

Please run the following scans then post the logs in our Have I Been Hijacked? forum.

 

Once you have posted the logs wait until you are contacted by a Trusted Malware Tech for assistance. Please be patient, what with the festive season upon us it may take a while for a reply.

 

  • Please perform the following scan

    • Please download DDS from here and save it to your desktop.
    • Disable any script blocking protection (How to Disable your Security Programs)
    • Double click on the DDS icon to run the tool (may take up to 3 minutes to run).
    • When done, DDS.txt will open.
    • After a few moments, attach.txt will open in a second window.
    • Save both reports to your desktop.
    • Please post the contents of the DDS.txt and Attach.txt logs in your next reply.
  • aswMBR

    • Download aswMBR.exe to your desktop.
    • Double click the aswMBR.exe to run it.
    • When asked if you want to download Avast's virus definitions please select Yes.
    • Click the "Scan" button to start scan.
    Posted Image

     

    • On completion of the scan click save log, save it to your desktop and post in your next reply.
    Posted Image

Share this post


Link to post
Share on other sites

and a belated Merry X'mas and A Happy New Year to you and everyone of PCPitstop

Right back at cha mattboy :):b33r:

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...