Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirect virus.. system restore incapacitated.. mbam not responding.. updates not possible to connect to server.../ Moved


  • Please log in to reply
2 replies to this topic

#1 dgmalek

dgmalek

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:west coast us
  • Local time:03:00 AM

Posted 15 April 2009 - 02:16 PM

Hi!
Totally new to forums and BP! I will try and throw this out to you and see if i can resolve it with your help before i swallow my pride and surrender!

I have a fujitsu-siemens laptop, amilo M1451G with win Xp home edition swedish version 5.1.2600 service pack 3 build 2600.

I had norman av for 3 years without any problems. Last week had to change av and in spite of disconnecting the internet, i connected it too early and messed up my protection. I was wide open for just enough time for something to infect me.

Any search from google, yahoo or aol for major well known sites get redirected to spam sites, auto insurance, comedy or the likes. v1. adwarefeed.com, info-feed.com play some role. When it cannot find a site to redirect, it goes to fastbrowsersearch which i have no idea how that got in. and the same thing happens then too. If i google the search word, it redirects me. if i simply type in the website directly in the menu, i can access the website. so googling nod32 will be redirected, inserting eset.com in the browser will take me there.

I have tried restore the computer to a previous point... there is no answer on the last |next\ to do so. Simply no reaction. I have installed spyware doctor and registry mechanic, but updates are blocked by the dns server... no connection to server in spite of being connected. nod 32 is installed and has updated to the latest definitions but hasnt warned of anything. tune up installed and run and all okay. Ad aware installed and run, no detection there either. mbam.exe installed but it doesnt react... cannot be run. Installed cobian 9 as was suggested in this forum. I have hijackthis when needed. Last night i thought i had fixed it by running gooredfix.exe... still here. I have taken overlay.xul from the mozilla program file thingie ..without success.. i put it back. i tried uninstalling mozilla firefox and reinstalling it via IE... made noo difference at all. I suspect even if i reformat the whole bleeding computer this $%^& will still be there!

Any suggestions before i throw in my towel!! I know i could do this..i hardly ever give up!!

With many thanks

dgm

ps. nod 32 just found a threat...
Time Module Object Name Threat Action User Information
4/15/2009 12:12:29 PM IMON file MOD EDIT~MALICIOUS LINK REMOVED Win32/AutoRun.FakeAlert.M worm Connection terminated NT INSTANS\SYSTEM
4/13/2009 18:41:06 PM Kernel file C:\DOCUME~1\debs\LOKALA~1\Temp\sp081021.dll Win32/Rootkit.Agent.QQ trojan Alert was generated during the system startup file check.
4/13/2009 18:40:53 PM Kernel file c:\windows\system32\atidemg.dll a variant of Win32/Rootkit.Podnuha.NCB trojan


i have no idea what to do... I terminated threat... what else?

Edited by Pandy, 15 April 2009 - 04:22 PM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,958 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:00 AM

Posted 18 April 2009 - 01:20 AM

I am moving this topic from the XP forum to the Am I Infected forum where these issues can be addressed.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:00 AM

Posted 18 April 2009 - 08:09 AM

Did you reformat?

Edited by DaChew, 18 April 2009 - 08:12 AM.

Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users