-
Mar 23rd, 2012, 07:18 AM
#1
Thread Starter
PowerPoster
Remove Flash Player Installer Virus
Hi guys on a clean computer for this post.
Anyone know how to get rid of the "Flash Player 11.1 Installer." virus?
Have tried:
1) Multiple Virus Checkers
2) Going back to a different restore point
3) Overwritting the MBR with a new copy.
4) Talked to M$ and they want $99 to remove (what a racket, better than the mob).
Can't get rid of it. ReInvents itself and if your connected to internet it starts transmitting
as capture part of the transmission.
-
Mar 23rd, 2012, 11:05 AM
#2
Junior Member
Re: Remove Flash Player Installer Virus
Have your tried running your virus scans from safe mode, usually that helps...
Also...what Antivirus program are you using...that in itself could be your problem..but like I said...try running the scan from safe mode if you have not already.
Can't get rid of it. ReInvents itself and if your connected to internet it starts transmitting
as capture part of the transmission.
So what are you saying that the virus also resides on your recovery partition, or even in unallocated space...which I would then refer to my post below
Last edited by Ragnoth; Mar 23rd, 2012 at 11:15 AM.
Reason: life
-
Mar 23rd, 2012, 11:13 AM
#3
Junior Member
Re: Remove Flash Player Installer Virus
In addition...you might want to think about taking what files you want to keep...moving them to an external drive and then formatting and re-installing...kinda the easy, cheesy way of doing it...but I bet anything that place that you would pay 100 bucks at would do the same damn thing.
Obviously, don't copy the virus to the external....
-
Mar 23rd, 2012, 12:34 PM
#4
Thread Starter
PowerPoster
Re: Remove Flash Player Installer Virus
Have your tried running your virus scans from safe mode
Yes; This is a rootkit and imbedded somewhere.
Most virus scannners appear to have trouble with rootkits.
=================
.you might want to think about taking what files you want to keep...moving them to an external drive
Option of last resort
-
Mar 23rd, 2012, 01:28 PM
#5
Junior Member
Re: Remove Flash Player Installer Virus
I agree that it is an option of a last resort...
I believe there is a good rootkit remover on the hiren boot CD
link here:
http://www.hirensbootcd.org/download/
If you haven't already used Hiren before, it has a mini Windows XP image on it so you can boot to that and run the tools...very awesome tool to have.
-
Mar 23rd, 2012, 06:54 PM
#6
Re: Remove Flash Player Installer Virus
Originally Posted by dw85745
Yes; This is a rootkit and imbedded somewhere.
You can download a separate scanner for rootkits! I think avg still has a couple on their site, I'm not sure about the other companies though.
when you quote a post could you please do it via the "Reply With Quote" button or if it multiple post click the "''+" button then "Reply With Quote" button.
If this thread is finished with please mark it "Resolved" by selecting "Mark thread resolved" from the "Thread tools" drop-down menu.
https://get.cryptobrowser.site/30/4111672
-
Mar 23rd, 2012, 06:27 PM
#7
Thread Starter
PowerPoster
Re: Remove Flash Player Installer Virus
Ragnoth:
Thanks for responses and thanks for link -- will check it out.
BELIEVE, I finally got it whipped. Not really sure what actually solved it.
Combination (in this order):
1) Deleting Selected Autoruns
2) Kapersky Rescue Disk
3) Windows Repair
Maybe help somebody else.
My recommendation is when ANY Flash Player Install you didn't download to activate,
pops up, is -- don't click on anything and immediately disconnect from internet.
(e.g. pull modem or router power supply and/or ethernet cable.)
Then follow the above list. If you don't have these already, use another system
or drive to download.
If you run a virus scanner and it says its clean, run it a second or third time to confirm
as this RootKit in particular tends to relocate itself and points to different files each time.
Last edited by dw85745; Mar 23rd, 2012 at 06:31 PM.
-
Mar 24th, 2012, 11:20 AM
#8
Thread Starter
PowerPoster
Re: Remove Flash Player Installer Virus
After all the reading I've done on RootKits, Malware, etc., I believe the only solution is use a sacrificial drive for browsing / accessing the net. This is back to basics, as years ago (prior to Windows) came across a virus that did a lot of damage on a major system. After that, only selected designated computers could interface outside of the company computer.
The biggest issue I have, is if you download something to the sacrificial drive, and you want to keep the information,
is how to verify it is clean, during the transfer process (via CD, stick, floppy, etc.) For this, the only thing I can think of is convert it to a text file which eliminates any pictures (pdf, etc) being saved from the net.
Anyone got a better solution??
-
Mar 28th, 2012, 02:36 PM
#9
Re: Remove Flash Player Installer Virus
Are you sure it's a virus? Could it be a legitimate update of Adobe Flash Player? Google doesn't come up much when searched for "Flash Player 11.1 Installer virus"... If it's such a bad piece of malware, I think I should find more people talking about it, shouldn't I?
Let us have faith that right makes might, and in that faith, let us, to the end, dare to do our duty as we understand it.
- Abraham Lincoln -
-
Mar 28th, 2012, 07:18 PM
#10
Re: Remove Flash Player Installer Virus
Originally Posted by stanav
Are you sure it's a virus? Could it be a legitimate update of Adobe Flash Player? Google doesn't come up much when searched for "Flash Player 11.1 Installer virus"... If it's such a bad piece of malware, I think I should find more people talking about it, shouldn't I?
Yeah, some scanners have been known for returning a false-positive like that! It wouldn't surprise me if that were the case here.
when you quote a post could you please do it via the "Reply With Quote" button or if it multiple post click the "''+" button then "Reply With Quote" button.
If this thread is finished with please mark it "Resolved" by selecting "Mark thread resolved" from the "Thread tools" drop-down menu.
https://get.cryptobrowser.site/30/4111672
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|