Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 348
  • Last Modified:

Antivirus 2010

One of my coworkers laptop (his personal one) was infected with Antivirus 2010 (even though he had Norton running.
He is having a problem connecting to the Internet
He rtied downloading Malwarebytes onto a flash drive from a different computer and running it on the infected laptop.
But it does not appear to run.

Any recommendations on how to proceed?
0
DSG-IT
Asked:
DSG-IT
2 Solutions
 
JeremySBrownCommented:
Run a temporary file remover...CCleaner is a good one and it's free.
http://www.ccleaner.com/

Download Combofix by sUBs.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Before running Combofix, temporary disable any firewall(s) shield(s) ect...to prevent any conflicts with Combofix. After Combofix is done scanning, it will create a log, for futher instructions, save and paste the results by Attach File, or by Code Snippet so other experts can take a look at it. Once after the log looks clean, you may enable your firewall(s) shield(s) ect. Combofix will disconnect your machine from the Internet. Your Internet connection will be automatically restored just before Combofix completes its scan. If Combofix runs into problems, your Internet connection can be manually restored by restarting your machine.

You'll might need to rename the file before saving to your desktop so it will not be blocked.

Please note: Don't run Combofix in Safe Mode.
0
 
johnb6767Commented:
Alot of these rogues are changing Proxy settings in IE.....
Inside IE>Tools>Internet Options>Connections, and look to see if "Use a proxy" is checked.....Can even look at the advanced button on the connections page, and it will probably be port 5555, and the IP of the proxy is 127.0.0.1, which of course is your own address (loopback)....
0
 
rpggamergirlCommented:
Is MalwareBytes already installed in the system? If so, then go to the Program Files, to its directory and rename mbam.exe to svchost.exe or winlogon.exe and run it to bypass the block.
Sometimes MalwareBytes needs to be rename twice, prior to saving the file(before in contact with the infected pc) and after installation.

Here is a link that shows ways to rename files that are blocked by nasties.

If you can't run .exes in an infected system:
http://www.experts-exchange.com/articles/Software/Internet_Email/Anti-Virus/CAN%27T-RUN-EXES-IN-AN-INFECTED-SYSTEM.html
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now