Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

a difficult problem


  • Please log in to reply
2 replies to this topic

#1 denis1213

denis1213

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:11 PM

Posted 16 April 2009 - 11:27 PM

This is a dell laptop running winxp sp3. Owner was having a problem with an 'antivirus360' popups as well as various browser redirects using IE. He uninstalled the av360 and downloaded spybot and malwarebytes. He installed both programs, they appeared to install correctly, they will update their databases but the program themselves do not run. IE reedirects on any clicked link in google, yahoo or msn search. Installed firefox and it redirected also on clicked search results. HJT and DDS do run and i have those logfiles available. As a frequent reader of this fine forum, i downloaded combofix and GMER on another box, burned to a cd and copied to the laptop (tried to use a USB flash but the laptop doesnt recognize the device). Neither combofix nor GMER will run. Im lost and in need of some assistance

Denis
Toledo

Edited by KoanYorel, 16 April 2009 - 11:40 PM.
Moved from Windows XP


BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:08:11 PM

Posted 17 April 2009 - 12:15 AM

here's a random renamer for MBAM

http://kixhelp.com/wr/files/mb/randmbam.exe
Chewy

No. Try not. Do... or do not. There is no try.

#3 denis1213

denis1213
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:11 PM

Posted 17 April 2009 - 01:31 AM

many thanks. renaming malwarebytes allowed it to run properly. I had already found the rootkit but automated removal is so much nicer. a total of 20 infected files and reg keys were found and deleted sucessfully. The redirects are gone and both browsers working smoothly. Thank you again




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users