?
Solved

Antivirus 2010

Posted on 2010-01-10
3
Medium Priority
?
343 Views
Last Modified: 2013-11-22
One of my coworkers laptop (his personal one) was infected with Antivirus 2010 (even though he had Norton running.
He is having a problem connecting to the Internet
He rtied downloading Malwarebytes onto a flash drive from a different computer and running it on the infected laptop.
But it does not appear to run.

Any recommendations on how to proceed?
0
Comment
Question by:DSG-IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 13

Accepted Solution

by:
JeremySBrown earned 1000 total points
ID: 26280085
Run a temporary file remover...CCleaner is a good one and it's free.
http://www.ccleaner.com/

Download Combofix by sUBs.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Before running Combofix, temporary disable any firewall(s) shield(s) ect...to prevent any conflicts with Combofix. After Combofix is done scanning, it will create a log, for futher instructions, save and paste the results by Attach File, or by Code Snippet so other experts can take a look at it. Once after the log looks clean, you may enable your firewall(s) shield(s) ect. Combofix will disconnect your machine from the Internet. Your Internet connection will be automatically restored just before Combofix completes its scan. If Combofix runs into problems, your Internet connection can be manually restored by restarting your machine.

You'll might need to rename the file before saving to your desktop so it will not be blocked.

Please note: Don't run Combofix in Safe Mode.
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 26281014
Alot of these rogues are changing Proxy settings in IE.....
Inside IE>Tools>Internet Options>Connections, and look to see if "Use a proxy" is checked.....Can even look at the advanced button on the connections page, and it will probably be port 5555, and the IP of the proxy is 127.0.0.1, which of course is your own address (loopback)....
0
 
LVL 47

Assisted Solution

by:rpggamergirl
rpggamergirl earned 1000 total points
ID: 26281665
Is MalwareBytes already installed in the system? If so, then go to the Program Files, to its directory and rename mbam.exe to svchost.exe or winlogon.exe and run it to bypass the block.
Sometimes MalwareBytes needs to be rename twice, prior to saving the file(before in contact with the infected pc) and after installation.

Here is a link that shows ways to rename files that are blocked by nasties.

If you can't run .exes in an infected system:
http://www.experts-exchange.com/articles/Software/Internet_Email/Anti-Virus/CAN%27T-RUN-EXES-IN-AN-INFECTED-SYSTEM.html
0

Featured Post

Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question