Jump to content

Infected or something else?


Recommended Posts

:)

I might wipe out my harddrive and start with a new Windows, but I am not sure when. Anyways, around a week ago, I did the adobe update, and after, BDTS2010 said it blocked a virus or something. I don't know why there was some trojan right after a Adobe update but here's a picture. And everytime I restart I get the same pop-up. And the file is tmp.edb. After BD blocks it, I try to find the file and it's still there! I scan it with BD and it find's it. I try to disinfect it but it doesn't work. I try to quarintine and it fails. The only thing that's left is deleting, which after I select, it says I have to restart. I restart and it's still there. I scan the file with MBAM, comes out clean. I try to scan on VT, it sometime's doesn't let me because it says, "the file is in use" and when it randomly isn't in use, I try to upload it and nothing happens on VT. I try on Jotti and it say's the file is 0kb when it isn't. what should I do? And I am sure that the Adobe update was the Adobe update because I had the same update as the one on my laptop. I also found the tmp.edb on my laptop, I scan it with BDTS2011, not 2010, and it seems to be clean. What's the problem? Thanks in advanced.

Link to post
Share on other sites

i did a couple days ago with MBAM and also with BDTS2010 but i will run another scan just in case. idk if the file really is malicous and it won't let me upload it to virustotal. it says that the file is in use and when it does not say that, i upload it and nothing happens. i went on jotti and it says 0KB when on my pc it says the file is like 8mb.

Link to post
Share on other sites

Howdy,

May I ask that you be considerate and put some spacing between your sentences. This is not phone texting in terms of cost to you so you do not have to worry about how much space you use.

This is an important issue to you.

Make it a bit easier for your helpers to READ your stuff.....without-putting-it all-in one continuous-stream.

Make it more readable.

Use the space bar and Enter-key to place some spacing.

The file is tmp.edb ?

Where is it located? folder-name

Your specific version of Windows is ??

Link to post
Share on other sites

Howdy,

May I ask that you be considerate and put some spacing between your sentences. This is not phone texting in terms of cost to you so you do not have to worry about how much space you use.

This is an important issue to you.

Make it a bit easier for your helpers to READ your stuff.....without-putting-it all-in one continuous-stream.

Make it more readable.

Use the space bar and Enter-key to place some spacing.

The file is tmp.edb ?

Where is it located? folder-name

Your specific version of Windows is ??

@Maurice Naggar

I didn't get it when you said

" May I ask that you be considerate and put some spacing between your sentences. This is not phone texting in terms of cost to you so you do not have to worry about how much space you use. "

But I did understand when you said

" This is an important issue to you.

Make it a bit easier for your helpers to READ your stuff.....without-putting-it all-in one continuous-stream.

Make it more readable."

I have Windows 7 ultimate 32-bit. And I forgot to upload a picture when I made the topic so I will upload it now.

Link to post
Share on other sites

Turn off Windows Desktop Search. Then see if this file (tmp.edb) is still around. If so, you may safely delete it.

This looks like a false positive by BitDefender.

What is " Windows Desktop Search " and how do you turn it off? And how come when I checked my laptop it did have a tmp.edb and scanning with BDTS2011 didn't catch any threats. BTW, I was looking at my BD quarintine files on my PC, and all of them had a name that were almost the same. I also ran a full system scan with MBAM and it came out clean.

Link to post
Share on other sites

@Maurice Naggar

Uhh, I can't turn it off because I don't think I have Windows Desktop Search.

BTW, running a deep system scan with BDTS2010, it detected that tmp.edb file that has problems removeing, and some .rar file of mine that I had for a malware sample. My brother deleted both just in case the sample was the problem however, I am still getting BD blocking the file on restart.

Link to post
Share on other sites

Hi IDKWat

Boot from Safe Mode and try the following

1) put Tmp.edb in archive and then scan from virustotal.

2) make a copy of it in your pen drive and scan from virustotal.

3) if you want to delete it forcefully try "Unlocker" software. just google it.

Before doing so disable Bitdefender Antivirus Module.

Windows Desktop Search is a separate tool from microsoft that may not be integrated in Windows.

Link to post
Share on other sites

what do u mean by pen drive? and going into safemode is gonna be really hard for me. u see, my dad got some weird windows 7 for the pc, and during the bootup, everything is out of place. what i mean by that is that it is not centered. so i dont know what option is what for safemode, and its really hard to navagate through.

Link to post
Share on other sites

HI

@ive also noticed that u are on the BD forum as well. ONT

Yes

@what do u mean by pen drive?

Usb flash drive.

@going into safemode is gonna be really hard for me

http://windows.microsoft.com/en-US/windows...er-in-safe-mode

http://windows.microsoft.com/en-US/windows...uding-safe-mode

Locate the suspected file "tmp.edb" and may proceed with suggestions in my last post. You can also copy/delete this file using GMER.

Link to post
Share on other sites

  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.