Yet another google/bing redirect rootkit infection

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Pulseman, Apr 6, 2012.

  1. Pulseman

    Pulseman Private E-2

    well, for the sake of keeping things brief, I'll give you guys the short version:

    Got hit with the "Internet Security 2012 XP defender Plus gold whatever" scareware, nuked it with malwarebytes
    ran tdsskiller for safe measure, found Rootkit.Boot.Pihar.b, killed that too
    thought all was well until I went online and was being redirected
    ran tdskiller again, it found backdoor.multi.zaccess.gen, let it delete it
    no matter what it keeps coming back

    attached is my mbrcheck log, what should I do folks?
     

    Attached Files:

  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

  3. Pulseman

    Pulseman Private E-2

    Done, and Yes I do, what's next?
     
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Please follow the Read and Run Me First instructions please because UNKNOWN MBR does not necessarily mean an infected one.
     
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Boot to your bios and change the boot order to CD/DVD as first boot device. Put in your CD and reboot.

    To run the Bootrec.exe tool, you must start Windows RE. To do this, follow these steps:

    1. Put the Windows Vista or Windows 7 installation disc in the disc drive, and then start the computer.
    2. Press a key when you are prompted.
    3. Select a language, a time, a currency, a keyboard or an input method, and then click Next.
    4. Click Repair your computer.
    5. Click the operating system that you want to repair, and then click Next.
    6. In the System Recovery Options dialog box, click Command Prompt.
    7. Type Bootrec.exe /fixmbr, and then press ENTER.

    Reboot to normal mode and re-run MBRCheck. Attach the log.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds