Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Believe I have an infection of some sort


  • Please log in to reply
No replies to this topic

#1 Kr@Zym@N

Kr@Zym@N

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 27 April 2010 - 06:10 AM

Hello all. First time post here, so be gentle. Hope you guys can help out, so here goes the description.

Machine is a Dell desktop running Windows XP Home SP3. It currently has Norton Internet Security 2006 installed with a valid subscription along with Norton System Works Basic. This system is used in a small bookstore and one of it's employees was alarmed to discover that according to a pop-up window, the system was infected. It was one of those bogus programs, the name of which I personally do not know and employee doesn't remember. In any case, employee ran a handful of tools upon the recommendation of a friend (oh joy!!) and thought they had it fixed. A few days later they realize that all their google results are crap, and clicking on what should be links to whatever, takes them to some bladder control drug website. That's when they called me. It looks like they ran, or tried to run based on what I can see and they have told me, MBAM, Spybot, and Combofix (although they said when they ran combofix it would hang up and 3 instances of IE would be open in task manager immediately after starting it, evidently they where brave and armed with some knowledge and google). And don't worry, I've already scolded them for running combofix on their own. I can also report that this machine does not boot into safe mode, giving BSOD for PAGE_FAULT_IN_NON_PAGE_AREA, even with no page file set. Also interesting to note is that Norton Internet Security re-enables itself on re-boot, even though it's set to be dis-abled for 4 hours.

What we are ultimately trying to avoid is re-installing Windows, as they use a bookstore software called BookLog, which lucky us requires some sort of SQL server and shared/mapped folders to communicate with the "server" (a second desktop) for cash register functions and inventory/bookkeeping.

Thanks in advance for the assistance.

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users