hi all
I did a whole scan of my computer using , avast , malwarebytes antimalware , super antispyware and hitman pro .
hitman pro was the only one to notify me of malware in the form of a file called mediabar.exe
Malware _____________________________________________________________________
C:\Users\brendan\AppData\Local\Temp\nsy9AE0.tmp\nsj9FB5.tmp\mediabar.exe
Size . . . . . . . : 1,591,136 bytes
Age . . . . . . . : 243.4 days (2013-04-18 13:28:27)
Entropy . . . . . : 8.0
SHA-256 . . . . . : A5174816BD64ECE456E40ECF80493EFF37BF99F2EC7B07AF8CF8CB3C8E88443B
Product . . . . . : 7-Zip
Publisher . . . . : Igor Pavlov
Description . . . : 7z Console SFX
Version . . . . . : 9.20
Copyright . . . . : Copyright (c) 1999-2010 Igor Pavlov
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:Downloader.Win32.Agent.awjz
Fuzzy . . . . . . : 101.0
my free trial of hitman has run out so I can’t remove this and all the other software did not find it .
any advice is much appreciated
thanks for reading
hello,
Not-a-virus = PUP which means it might just be unwanted. Scan wit the tools here: http://forum.avast.com/index.php?topic=53253.0 (OTL/MBAM/aswMBR)
Then I can get someone for you
thank you alan
I shall have to try and download and run them scans later today/tonight as I have to work soon .
I will upload the scan files once I have done them
many thanks
Pondus
December 18, 2013, 12:07pm
4
mediabar.exe
upload file to www.virustotal.com and test with 40+ malware scanners (if tested before click new scan)
post link to test result here
alternativ: www.metascan-online.com / www.jotti.org
Pondus
December 18, 2013, 12:23pm
6
ah… the visicom toolbar. http://software.visicommedia.com/en/products/antiphishing/
legal program, but they use uncrypted signatures from Panda and this will give detections from avast
posted many times here
you can clear this with AdwCleaner. http://www.bleepingcomputer.com/download/adwcleaner/
and possible also Malwarebytes
attach the requested logs when you have the time
how do I use ADW to scan the file ?
Pondus
December 18, 2013, 12:40pm
8
you download the program… run scan…click clean … attach log here
also do the other logs requested by alan1998
thanks , for the quick reply.
I will have to do them later if that ok pondus , again many thanks for the help
hi guys
for some reason I didn’t get a extras.txt file
Looks like you got it all, any problems ?
hi Essexboy
the only problem is hitman and virustotal finding a problem with mediabar.exe
do you know how I get rid of it ?
Media bar is not showing on the OTL log either within the browsers or appdata where are they finding it ?
C:\Users\brendan\AppData\Local\Temp\nsy9AE0.tmp\nsj9FB5.tmp\mediabar.exe
that’s where they are finding it
That is easily fixed
Clear Cache/Temp Files
Download TFC by OldTimer to your desktop
[*] Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator ).
[*]It will close all programs when run, so make sure you have saved all your work before you begin.
[*]Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion .
[*]Once it’s finished it should reboot your machine . If it does not, please manually reboot the machine yourself to ensure a complete clean.
thank you Essex boy , it has been removed
thank you to pondus and alan too for the replies and help
Our pleasure, run OTL and press the cleanup button to remove it