Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

W7 Google Redirect and BitNefender (?!) Infection


  • Please log in to reply
3 replies to this topic

#1 221b

221b

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 31 December 2013 - 01:46 PM

My work laptop runs W7 without administrative rights. I did download Chrome and am running it with Google Frame technology.
 
Recently, I noticed I had the Google redirect virus in Chrome and just removed a default/generic "Extension" which appears to have solved it for Chrome, however IE still is an issue.
 
I also started also receiving an error for a BitNefender Antivirus (not BitDefender) and I can't seem to find anything about it.  HERE'S A CAPTURE of the error message.  
 
Again, this is a company laptop and I do NOT have admin rights so I'm wondering:
 
A. How I got infected.
B. What, if anything, I can do here.
 
TIA.

Edited by 221b, 31 December 2013 - 01:47 PM.


BC AdBot (Login to Remove)

 


#2 jkapernicus

jkapernicus

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 31 December 2013 - 04:56 PM

I'm working on a machine with the same process running. Also, an exe "wyzewa.exe". This is in a domain environment. Running Malwarebytes, so far 513 objects...also got a letter from the ISP that something from inside the firewall was sending out spam...great.

 

I'll post my findings when finished.


Edited by jkapernicus, 31 December 2013 - 05:01 PM.


#3 jkapernicus

jkapernicus

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 31 December 2013 - 05:52 PM

My coworker told me to upload the exe to virustotal. Heres what I got:

 

https://www.virustotal.com/en/file/c3afb6ee34cfcf89dcae9fc5cb484fa0200721542642332d978b56c821e00069/analysis/1388528976/



#4 4d_POWER

4d_POWER

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 01 January 2014 - 10:47 PM

Have Bitnefender issues as well. Tried to reboot into safe mode to run malware bytes but in safe mode the /appdata ? Folders are not there to scan.

Don't know how to proceed. I get a exe called yetoba.exe process that continually reopens and replicates.

Rkill will end the processes, but they open right back up on a regular(non safe mode) login.

Edited by 4d_POWER, 02 January 2014 - 01:09 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users