Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

XP system w/ i.e. redirects & some popups


  • This topic is locked This topic is locked
2 replies to this topic

#1 doug at dataplay

doug at dataplay

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 17 June 2010 - 04:39 PM

The boss went overseas and came back with something that seems to redirect his searches in internet explorer.
It also redirects him if he just refreshes the browser.
He also gets some popups - but I can't tell you what the said.

I installed a new version of symantec endpoint - that was pointless
I installed the malwarebyes software and it tells me that if found a couple of registry entries that it found and deleted them - but the problem persists - btw the registry entries that it found were:

HKEY_CURRENT_USER\software\avsuite (Rogue.AntivirusSuite)
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite)

I ran the scans but the gmer scan blue screened so I wasn't able to get any info on that.

Attached are the two scans dds.txt & attach.txt. I hope you could look into these scans to gather any useful information.

any help would be much appreciated.

Thanks a bunch
doug

Attached Files



BC AdBot (Login to Remove)

 


#2 doug at dataplay

doug at dataplay
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 18 June 2010 - 01:33 PM

Ok, so to give you all an update - i'm cautiously optimistic about these results but it looks like we got rid of that nasty software by using the tdsskiller. this TDSSKILLER can be obtained at http://support.kaspersky.com/viruses/solutions?qid=208280684

the boss ran it and within seconds it was done - rebooted - all's good he says.

I think we're done here, unless you think there's some kind of cleanup work that needs to be done.

incase its of any interest to you attached is the tdsskiller log file.


Attached Files



#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:11:50 AM

Posted 23 June 2010 - 05:55 PM

Thanks for letting us know.

This thread will now be closed since the issue seems to be resolved.

If you should have a new issue, please start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users