GF's computer has a virus. Only allows her to go to her gmail account, nothing else on the net. So when I had her shut down and start in safe mode with networking to download malwarebytes, it wont allow her to click the link so she can download it. Also, I tried to send it to her in an email. Gmail wont let me send it (says its an executable file) and my yahoo mail account wont let me send it either (says its illegal).

How can she get to where she can get this downloaded to kill the virus? Or do you guys have any other ideas? She may need one of you guys to just work on it, so let me know if you would do that as well.

12/26/2010 9:58:23 PM

Put it on a flash drive

12/26/2010 10:40:56 PM

just a note on usage...

You probably don't have a virus (a program that spreads across a computer by injecting its code), but rather some other form of malware, probably a rootkit (a program that gains unauthorized high-level access to affect nearly every aspect of system operation); if you had a virus, MalwareBytes might have trouble clearing it up, because MBAM does not clean up viruses.

Now for more substantive advice, you should also consider getting ComboFix and using that in case MalwareBytes doesn't clear up the infection, because MBAM doesn't always catch rootkits; be sure to get the latest version, right before you head on over to your GF's computer to run it, and re-name the .exe file to something else in case the malware automatically blocks anything with "combofix" in its name (and also do this to the MalwareBytes installer).
Another idea is to find the manual installer for the MalwareBytes detection rules, in case MBAM can't connect to the Internet after installation to get the latest rules by itself.

12/27/2010 1:08:51 AM

You can rename the executable extension to get around the file type filter.

12/27/2010 7:51:15 AM

If GMail is that stupid, it's scary: Any security professional worth his or her title knows that you can tell a Windows or MS-DOS executable by the first couple bytes of the actual file. Then again I once got around Hotmail's restriction on attaching .reg files by changing the extension to .txt so it could work...

12/27/2010 12:26:36 PM

Which would fuck you for uploading any legitimate data whose first two bytes were MZ. Come on, now. I wouldn't call Google "stupid" for failing to implement a check like that.

12/27/2010 1:05:40 PM

[Edited on December 27, 2010 at 2:57 PM. Reason : couldn't enlarge it

12/27/2010 2:57:09 PM