Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

had/have browser redirect virus, how to know if it is gone


  • Please log in to reply
No replies to this topic

#1 Jeffajab

Jeffajab

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:09 PM

Posted 28 January 2010 - 01:49 AM

I have a WIN XP laptop that started to get browser redirects in IE8 and I couldn't reboot in safe mode. I tried to remove with Malware Bytes and then, after some Internet searching, starting looking for rootkit removers. I ran HitManPro 3.5 and UnHackMe and a few others. They did not find any problems, but the browser redirects kept coming back.

Somewhat desperate I ran ComboFix (I have a log) and it repaired "WS2_32.dll" and I was able to reboot in safe mode. I then ran MalwareBytes and it found and deleted the following:

Files Infected:
C:\System Volume Information\_restore{22B1D675-E73B-4401-A00B-228C7630DB3B}\RP65\A0011198.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{22B1D675-E73B-4401-A00B-228C7630DB3B}\RP65\A0011226.com (Trojan.Agent) -> Quarantined and deleted successfully.

I ran CCleaner also, including temporary files older than 24 hours.

Now my infected computer is sitting in safe mode and I'm afraid to reboot in normal mode with networking.

My question is: how do I tell if I have removed the virus and repaired the damage, especially if it was some rootkit type virus? Is there some other diagnostic program I should run?

Thanks in advance,

Jeff

Edited by Orange Blossom, 28 January 2010 - 10:24 PM.
Move to AII. ~ OB


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users