Jump to content

Recommended Posts

Posted

I search for something in google. I get the normal list of results, but then, when I click on the results, some of the time I get redirected to another completely unrelated search webpage.

 

Have run Avast and found A003584.exe and removed to chest.

 

Have run Superantispyware and found A0035972.exe and quarantined.

 

Also Spybot found IRC.crt prunnet and Wim32.Small.buy which have also been quarantined.

 

The problem seems to have started with a pop up for virusremover2008 which I did not open but closed using Alt-F4.

 

Sorry about the post length but trying to give as much info as possible for you.

 

Hope you can help

Regards Frank.

THEY MADE ME DO IT.
  • Replies 11
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Guest Wolfeymole
Posted

Hello Frank

 

You have Malware mate, please follow the instructions below and get back to us.

 

Your computer is infected with Malware.

 

  • Malware is software designed to infiltrate or damage a computer system without the owner's informed consent.
    It is a combination of the words malicious and software.
    The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

 

  • Required Cleanup Steps
    1. Disable the Spybot Search & Destroy TEA TIMER if you use it and if it is enabled
    2. Run a Temporary file and cache cleaner (ATF)
    3. Run 2 Anti-Malware scanners (Listed Below)
    4. Run an Online Anti-Virus / Anti-Malware Scanner (Listed Below)
    5. Clear out old System Restore points
    6. If continued Malware type activity is present you may be asked to post a TrendMicro™ HijackThis™ Log file, do not do so unless requested.

The reason to run multiple scanners is to ensure that no single scanner is missing something.

The time it takes will vary depending on your system and your internet connection speed.

Typically the SUPERAntiSpyware and Malwarebytes scanners will take between 10 to 90 minutes.

The ESET online scan should take between 1 to 3 hours.

In most cases, these scans will suffice to clean and disinfect your computer.

Heavily infected systems or slower PCs can take much longer to scan and clean.

 

For best results print the following instructions and bookmark this Web page

To keep this guide printer-friendly, use your cursor to highlight the contents below.

From your browser select File - Print and in the printer dialog box under "Print range"

click the
Selection
choice to print out these instructions for removal of malware.

 

 

http://i306.photobucket.com/albums/nn266/FPCH/Malware%20Guide/printer-selection.gif

 

____________________________________________

STEP 1

  • Disable Spybot Search & Destroys' TEA TIMER: (if installed, if not go to Step 2)

    1. Run Spybot-S&D in Advanced Mode.

    2. If it is not already set to do this Go to the Mode menu select "Advanced Mode"

    3. On the left hand side, Click on Tools

    4. Then click on the Resident Icon in the List

    5. Uncheck "Resident TeaTimer" and OK any prompts.

    6. Restart your computer.

__________________________________________________

STEP 2

  • Follow these instructions carefully.

  • Download ATF-Cleaner from
    to remove un-needed temporary files from your computer that may contain malware.

  • You can also download it from

  • When you run ATF-Cleaner, check the items as shown below for Main.

  • For FireFox, be sure to click on the FireFox tab on top and check the items as shown below for FireFox

  • NOTE:
    If you don't have FireFox or Opera installed then they will be grayed out and can be ignored

  • Then click on "Empty Selected".

http://i306.photobucket.com/albums/nn266/FPCH/Malware%20Guide/atf-cleaner01.gif

.
http://i306.photobucket.com/albums/nn266/FPCH/Malware%20Guide/atf-cleaner02.gif

__________________________________________________

STEP 3

  • Install and run the free version (not the Professional version) of SUPERAntiSpyware from

    • Accept any prompts to allow SUPERAntiSpyware to install the latest rules and infection definition files.

    • You do not have to send them your e-mail address, just click next.

    • You can leave the automated check for updates on.

    • You can uncheck "Send a diagnostic report to research center" if you don't want to send the information.

    • DO NOT
      allow SUPERAntiSpyware to protect your Home Page settings.

    • On the
      Top Left
      select the
      Scan your computer
      button.

    • Make sure there is a CHECK MARK on all
      Fixed Drives
      .

    • Click "Perform a Complete Scan". Click "Next" to Repair issues found and reboot the computer when prompted to do so.

__________________________________________________

STEP 4

  • Install and run
    Malwarebytes' Anti-Malware
    from

    • Accept all defaults for the installer

    • Allow the program to update the definitions

    • Click on the
      Quick Scan
      and click Next.

    • If any items are found allow it to clean them and then Reboot your computer.

__________________________________________________

STEP 5

  • Run an online scan with ESET from

    • You
      must
      use Internet Explorer for this online scan. FireFox, Opera, etc will not work for this scan.

    • If your computer is running Window's Vista, then you
      must first
      start Internet Explorer as an Administrator. To do so, right-click on the
      Internet Explorer
      icon in the Start Menu and select "
      Run as administrator
      " from the popup context menu.

     

    • Accept the terms and click "Start".

    • Once the scanner is ready, check "Remove found threats" AND "Scan unwanted applications".

    • Click "Start" to begin the scan.

    • When completed restart your computer

__________________________________________________

Make sure your internet firewall security is enabled, and then please return to Extreme Tech Support - Free PC Help and tell us how the computer seems to be operating.

At that time, you will receive instructions to assist you in removing malicious programs from your Add/Remove program list if warranted.

 

If required this is the download link for TrendMicro™ HijackThis™

Unless instructed to by the Technician helping you then do not download this tool.

 

Once you and the Technician agree that your system appears to be clean then you should delete all your System Restore points and recreate a new one.

Please follow the instructions here

How to turn off and turn on System Restore in Windows XP

How to turn off and turn on System Restore in Windows Vista

Guest Wolfeymole
Posted
Please do Frank, the instructions may seem long and tedious but they will benefit you.
Posted

All done (thank heavens for 20mb broadband:))

 

Google now appears back to its own corporate self. Did a few reboots just incase but all Okay.

 

Thanks for your help, is there anything else I need to do?

 

 

Regards

Frank.

THEY MADE ME DO IT.
Guest Wolfeymole
Posted
What security measures are you running Frank in terms of Anti Virus, Firewall and malware killers?
Posted

Avast Home anti virus.

ActiveArmor firewall (set on high).

SpywareGuard.

Spywareblaster.

Ad-aware (free version).

Sbybot S&D.

SuperAntiSpyware (free version).

CCleaner (set on Gutmann 35 passes).

 

Running on XP Pro.

THEY MADE ME DO IT.
Guest Wolfeymole
Posted

Ok well AdAware and Spybot are not the programs they once were Frank so I suggest dumping those.

 

Be very careful when using CCleaner as it can screw the registry big time.

 

I never heard of Active Armour although others may have.

Posted

Found a rather interesting write up via Google here-

NVIDIA cuts TCP offloads to end data corruption - The Tech Report

I would also bear in mind that most hardware firewalls are one way only, I am not sure about ActiveArmor as I cannot find any reference in their own pages. The recognised ideal is two way, protecting what is going out as well as in. Do have a look at our recommended security programs (sticky at top of page) HERE

 

my own personal preference is for Comodo, but that is only my opinion and subjective of course.

If you downloaded the Malwarebytes as part of your clean up, I would recommend keeping that as well, update it then use it to do a scan around once a week.

 

The next question has to be, how did you get the nasties in the first place? If you read through this forum, you will find many references to getting rid of P2P software, it is quite definitely becoming a gateway to purgatory plus also the need to be very careful in which sites you visit etc. You can get an addition to your browser called McAfee Site Advisor, or one or two other site warning systems that will warn you of known unsafe sites. also have a look at another of our stickies HERE

Need help with your computer problems? Then why not join Free PC Help. Register here.

If Free PC Help has helped you then please consider a donation. Click here

 We are all members helping other members. Please return here where you may be able to help someone else.  

After all, no one knows everything and you may have the answer that someone needs.

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? 😄

image.png

Posted
I use Mcafee Site Advisor too. It works with IE and Firefox.

We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.

Get help with computer problems. Join Free PC Help here

 

Donations are welcome. Read Here

Posted

It would help if I posted a link to download it from, here-

Protection from Adware, Spam, Viruses, Online Scams | McAfee SiteAdvisor

Need help with your computer problems? Then why not join Free PC Help. Register here.

If Free PC Help has helped you then please consider a donation. Click here

 We are all members helping other members. Please return here where you may be able to help someone else.  

After all, no one knows everything and you may have the answer that someone needs.

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? 😄

image.png

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...