1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help!!! Aaaagh!!

Discussion in 'Virus & Other Malware Removal' started by Baxterbob2010, Apr 4, 2010.

Thread Status:
Not open for further replies.
  1. Baxterbob2010

    Baxterbob2010 Thread Starter

    Joined:
    Apr 4, 2010
    Messages:
    1
    Hi,
    I really hope someone can help me here. The problem I'm having is whenever i make a search in google it redirects me to another page. XP total security keeps popping up, google only loads to a white page and the computer takes an age to boot up.

    Cheers, Tim
     
  2. CatByte

    CatByte Malware Specialist

    Joined:
    Feb 24, 2009
    Messages:
    3,930
    Please do this:

    [​IMG]


    Download DDS and save it to your desktop from here or here.



    Disable any script blocker, and then double click dds to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt
    • Save both reports to your desktop.
    ---------------------------------------------------------------------------------------------

    Download GMER Rootkit Scanner from here to your desktop. Rename it to a .com extension. You may need to ensure file extensions are viewable.

    Go to My Computer->Tools->Folder Options->View tab:
    * make sure there is no checkmark beside Hide file extensions for known file types


    * Click Yes to confirm and then click OK.
    • Double click the renamed .com file.
    • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO, then use the following settings for a more complete scan.
    [​IMG]
    Click the image to enlarge it

    • In the right panel, you will see several boxes that have been checked. Ensure the following are unchecked
      • Sections
      • IAT/EAT
      • Drives/Partition other than Systemdrive (typically C:\)
      • Show All (don't miss this one)
    • Then click the Scan button & wait for it to finish.
    • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
    • Save it where you can easily find it, such as your desktop, and attach it in reply.
    **Caution**
    Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries




    Please include the following logs in your thread:
    • Contents of the DDS.txt posted as text in your reply
    • Attach the Attach.txt and the ark.txt to your post by clicking the Manage Attachments button under Additional Options>Attach Files on the composition page. Browse to where you saved the file, and click Upload.
    If you're having troubles running those tools still, see if this helps...

    • If you have an active internet connection, copy/paste the links below into your browser, don't click them or the rogue might redirect.
    • If you don't have an active internet connection, download the tools from another machine, and transfer them to the affected machine via USB flash drive.
    Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)

    There are 4 different versions.
    If one of them won't run then download and try to run the other one.
    Vista and Win7 users need to right click and choose Run as Admin

    You only need to get one of them to run, not all of them.


    http://download.bleepingcomputer.com/grinler/rkill.exe
    http://download.bleepingcomputer.com/grinler/rkill.com
    http://download.bleepingcomputer.com/grinler/rkill.scr
    http://download.bleepingcomputer.com/grinler/rkill.pif


    Note:

    You will likely see a message from this rogue telling you the file is infected.

    Ignore the message. Leave the message OPEN, do not close the message.

    Run rkill repeatedly until it's able to do it's job. This may take a few tries.

    You'll be able to tell rkill has done it's job when your desktop (explorer.exe) cycles off and then on again.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/914613

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice