HELP!

Matt77 · Oct 10, 2012

HELP!
My friend was messing on my PC today, and accidentally downloaded a bogus program that gave me the Google Redirect Virus. Malwarebytes and McAfee OAS cannot kill it, and RKILL doesnt fix it either :\
Please help

-Matt

zeon505 · Oct 11, 2012

if the antivirus can pick it up (scan say's it found it) but cant remove it, try boot into safe mode
and rescan, i had an issue where avg could pick it up, but not remove as it was being accessed by the pc,

carnageX · Oct 11, 2012

Boot to Safe Mode and scan with MBAM.

Try ComboFix from BleepingComputer as well (again, in Safe Mode). Post the log to ComboFix here. I would also recommend running HiJackThis and posting the log here as well (after ComboFix).

Matt77 · Oct 11, 2012

I can't install anything cuz im admin. Safe Mode's blocked too.

I ended up removing it myself by ripping the Driver files from a Windows Boot Disk and replacing the one there by force. Bug was hidden in there. FIxed

carnageX · Oct 11, 2012

-M4TT- said:
I can't install anything cuz im admin. Safe Mode's blocked too.

I ended up removing it myself by ripping the Driver files from a Windows Boot Disk and replacing the one there by force. Bug was hidden in there. FIxed

Done that before too. There was a virus outbreak a year or two ago that infected one of the driver files for the HDD, and upon removal it would BSOD the computer; had to replace the file through a LiveCD.

zeon505 · Oct 12, 2012

live boot using ophcrack if you need the admin password, take a note of it,
then safe boot and run the antivirus.

carnageX · Oct 12, 2012

zeon505 said:
live boot using ophcrack if you need the admin password, take a note of it,
then safe boot and run the antivirus.

Erm, why would he need the admin password if he can already login?

Ophcrack doesn't always work. I usually just use Offline NT Password Editor and blank out passwords.

zeon505 · Oct 12, 2012

mybad, read it wrong, its also fixed now so who cares,
i thought he was saying he could not boot to safe without the admin PW,

i know Ophcrack is kinda ****, but helped me out a few times.

Veraster · Oct 12, 2012

zeon505 said:
i know Ophcrack is kinda ****, but helped me out a few times.

Don't you need a super computer with like 16 Intel Xeons and 8 Nvidia Teslas in SLI for those kinds of programs to work?

carnageX · Oct 12, 2012

Veraster said:
Don't you need a super computer with like 16 Intel Xeons and 8 Nvidia Teslas in SLI for those kinds of programs to work?

No.. Depending on the dictionary size though, and the complexity of the password, higher-powered systems are required.

For dictionary-based attacks (Ophcrack does this), it just compares to a dictionary (rainbow tables I believe is what Ophcrack uses). A faster computer can however go through the process faster than a slower computer though of course.

HELP!

Matt77

Daemon Poster

zeon505

Solid State Member

carnageX

Private Joker,

Matt77

Daemon Poster

carnageX

Private Joker,

zeon505

Solid State Member

carnageX

Private Joker,

zeon505

Solid State Member

Veraster

In Runtime

carnageX

Private Joker,

Similar threads