Frank Posted November 7, 2008 Posted November 7, 2008 I search for something in google. I get the normal list of results, but then, when I click on the results, some of the time I get redirected to another completely unrelated search webpage. Have run Avast and found A003584.exe and removed to chest. Have run Superantispyware and found A0035972.exe and quarantined. Also Spybot found IRC.crt prunnet and Wim32.Small.buy which have also been quarantined. The problem seems to have started with a pop up for virusremover2008 which I did not open but closed using Alt-F4. Sorry about the post length but trying to give as much info as possible for you. Hope you can help Regards Frank. Quote THEY MADE ME DO IT.
Guest Wolfeymole Posted November 7, 2008 Posted November 7, 2008 Hello Frank You have Malware mate, please follow the instructions below and get back to us. Your computer is infected with Malware. Malware is software designed to infiltrate or damage a computer system without the owner's informed consent. It is a combination of the words malicious and software. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. Required Cleanup Steps Disable the Spybot Search & Destroy TEA TIMER if you use it and if it is enabled Run a Temporary file and cache cleaner (ATF) Run 2 Anti-Malware scanners (Listed Below) Run an Online Anti-Virus / Anti-Malware Scanner (Listed Below) Clear out old System Restore points If continued Malware type activity is present you may be asked to post a TrendMicro™ HijackThis™ Log file, do not do so unless requested. The reason to run multiple scanners is to ensure that no single scanner is missing something. The time it takes will vary depending on your system and your internet connection speed. Typically the SUPERAntiSpyware and Malwarebytes scanners will take between 10 to 90 minutes. The ESET online scan should take between 1 to 3 hours. In most cases, these scans will suffice to clean and disinfect your computer. Heavily infected systems or slower PCs can take much longer to scan and clean. For best results print the following instructions and bookmark this Web page To keep this guide printer-friendly, use your cursor to highlight the contents below. From your browser select File - Print and in the printer dialog box under "Print range" click the Selection choice to print out these instructions for removal of malware. http://i306.photobucket.com/albums/nn266/FPCH/Malware%20Guide/printer-selection.gif ____________________________________________ STEP 1 Disable Spybot Search & Destroys' TEA TIMER: (if installed, if not go to Step 2) Run Spybot-S&D in Advanced Mode. If it is not already set to do this Go to the Mode menu select "Advanced Mode" On the left hand side, Click on Tools Then click on the Resident Icon in the List Uncheck "Resident TeaTimer" and OK any prompts. Restart your computer. __________________________________________________ STEP 2 Follow these instructions carefully. Download ATF-Cleaner from Snapfiles.com to remove un-needed temporary files from your computer that may contain malware. You can also download it from Majorgeeks.com When you run ATF-Cleaner, check the items as shown below for Main. For FireFox, be sure to click on the FireFox tab on top and check the items as shown below for FireFox NOTE: If you don't have FireFox or Opera installed then they will be grayed out and can be ignored Then click on "Empty Selected". http://i306.photobucket.com/albums/nn266/FPCH/Malware%20Guide/atf-cleaner01.gif. http://i306.photobucket.com/albums/nn266/FPCH/Malware%20Guide/atf-cleaner02.gif __________________________________________________ STEP 3 Install and run the free version (not the Professional version) of SUPERAntiSpyware from SUPERAntiSpyware.com Accept any prompts to allow SUPERAntiSpyware to install the latest rules and infection definition files. You do not have to send them your e-mail address, just click next. You can leave the automated check for updates on. You can uncheck "Send a diagnostic report to research center" if you don't want to send the information. DO NOT allow SUPERAntiSpyware to protect your Home Page settings. On the Top Left select the Scan your computer button. Make sure there is a CHECK MARK on all Fixed Drives. Click "Perform a Complete Scan". Click "Next" to Repair issues found and reboot the computer when prompted to do so. __________________________________________________ STEP 4 Install and run Malwarebytes' Anti-Malware from Malwarebytes - (direct download) Accept all defaults for the installer Allow the program to update the definitions Click on the Quick Scan and click Next. If any items are found allow it to clean them and then Reboot your computer. __________________________________________________ STEP 5 Run an online scan with ESET from Free Virus Scan: Use ESET's Online Antivirus Scanner You must use Internet Explorer for this online scan. FireFox, Opera, etc will not work for this scan. If your computer is running Window's Vista, then you must first start Internet Explorer as an Administrator. To do so, right-click on the Internet Explorer icon in the Start Menu and select "Run as administrator" from the popup context menu. Accept the terms and click "Start". Once the scanner is ready, check "Remove found threats" AND "Scan unwanted applications". Click "Start" to begin the scan. When completed restart your computer __________________________________________________ Make sure your internet firewall security is enabled, and then please return to Extreme Tech Support - Free PC Help and tell us how the computer seems to be operating. At that time, you will receive instructions to assist you in removing malicious programs from your Add/Remove program list if warranted. If required this is the download link for TrendMicro™ HijackThis™ Unless instructed to by the Technician helping you then do not download this tool. Once you and the Technician agree that your system appears to be clean then you should delete all your System Restore points and recreate a new one. Please follow the instructions here How to turn off and turn on System Restore in Windows XP How to turn off and turn on System Restore in Windows Vista Quote
Frank Posted November 7, 2008 Author Posted November 7, 2008 Thanks for the quick response Wolfeymole, will follow instructions and get back to you. Quote THEY MADE ME DO IT.
Guest Wolfeymole Posted November 7, 2008 Posted November 7, 2008 Please do Frank, the instructions may seem long and tedious but they will benefit you. Quote
Frank Posted November 7, 2008 Author Posted November 7, 2008 All done (thank heavens for 20mb broadband:)) Google now appears back to its own corporate self. Did a few reboots just incase but all Okay. Thanks for your help, is there anything else I need to do? Regards Frank. Quote THEY MADE ME DO IT.
Guest Wolfeymole Posted November 7, 2008 Posted November 7, 2008 What security measures are you running Frank in terms of Anti Virus, Firewall and malware killers? Quote
Frank Posted November 7, 2008 Author Posted November 7, 2008 Avast Home anti virus. ActiveArmor firewall (set on high). SpywareGuard. Spywareblaster. Ad-aware (free version). Sbybot S&D. SuperAntiSpyware (free version). CCleaner (set on Gutmann 35 passes). Running on XP Pro. Quote THEY MADE ME DO IT.
Guest Wolfeymole Posted November 7, 2008 Posted November 7, 2008 Ok well AdAware and Spybot are not the programs they once were Frank so I suggest dumping those. Be very careful when using CCleaner as it can screw the registry big time. I never heard of Active Armour although others may have. Quote
Frank Posted November 7, 2008 Author Posted November 7, 2008 ActiveArmor is a hardware fiewall built into Nvidia chipset motherboards. Quote THEY MADE ME DO IT.
Plastic Nev Posted November 7, 2008 Posted November 7, 2008 Found a rather interesting write up via Google here- NVIDIA cuts TCP offloads to end data corruption - The Tech Report I would also bear in mind that most hardware firewalls are one way only, I am not sure about ActiveArmor as I cannot find any reference in their own pages. The recognised ideal is two way, protecting what is going out as well as in. Do have a look at our recommended security programs (sticky at top of page) HERE my own personal preference is for Comodo, but that is only my opinion and subjective of course. If you downloaded the Malwarebytes as part of your clean up, I would recommend keeping that as well, update it then use it to do a scan around once a week. The next question has to be, how did you get the nasties in the first place? If you read through this forum, you will find many references to getting rid of P2P software, it is quite definitely becoming a gateway to purgatory plus also the need to be very careful in which sites you visit etc. You can get an addition to your browser called McAfee Site Advisor, or one or two other site warning systems that will warn you of known unsafe sites. also have a look at another of our stickies HERE Quote Need help with your computer problems? Then why not join Free PC Help. Register here. If Free PC Help has helped you then please consider a donation. Click here We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs. -------------------------------------------------------------------- I have installed Windows, now how do I install the curtains? 😄
RandyL Posted November 7, 2008 Posted November 7, 2008 I use Mcafee Site Advisor too. It works with IE and Firefox. Quote We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.Get help with computer problems. Join Free PC Help here Donations are welcome. Read Here
Plastic Nev Posted November 8, 2008 Posted November 8, 2008 It would help if I posted a link to download it from, here- Protection from Adware, Spam, Viruses, Online Scams | McAfee SiteAdvisor Quote Need help with your computer problems? Then why not join Free PC Help. Register here. If Free PC Help has helped you then please consider a donation. Click here We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs. -------------------------------------------------------------------- I have installed Windows, now how do I install the curtains? 😄
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.