Totally new to forums and BP! I will try and throw this out to you and see if i can resolve it with your help before i swallow my pride and surrender!
I have a fujitsu-siemens laptop, amilo M1451G with win Xp home edition swedish version 5.1.2600 service pack 3 build 2600.
I had norman av for 3 years without any problems. Last week had to change av and in spite of disconnecting the internet, i connected it too early and messed up my protection. I was wide open for just enough time for something to infect me.
Any search from google, yahoo or aol for major well known sites get redirected to spam sites, auto insurance, comedy or the likes. v1. adwarefeed.com, info-feed.com play some role. When it cannot find a site to redirect, it goes to fastbrowsersearch which i have no idea how that got in. and the same thing happens then too. If i google the search word, it redirects me. if i simply type in the website directly in the menu, i can access the website. so googling nod32 will be redirected, inserting eset.com in the browser will take me there.
I have tried restore the computer to a previous point... there is no answer on the last |next\ to do so. Simply no reaction. I have installed spyware doctor and registry mechanic, but updates are blocked by the dns server... no connection to server in spite of being connected. nod 32 is installed and has updated to the latest definitions but hasnt warned of anything. tune up installed and run and all okay. Ad aware installed and run, no detection there either. mbam.exe installed but it doesnt react... cannot be run. Installed cobian 9 as was suggested in this forum. I have hijackthis when needed. Last night i thought i had fixed it by running gooredfix.exe... still here. I have taken overlay.xul from the mozilla program file thingie ..without success.. i put it back. i tried uninstalling mozilla firefox and reinstalling it via IE... made noo difference at all. I suspect even if i reformat the whole bleeding computer this $%^& will still be there!
Any suggestions before i throw in my towel!! I know i could do this..i hardly ever give up!!
With many thanks
ps. nod 32 just found a threat...
Time Module Object Name Threat Action User Information
4/15/2009 12:12:29 PM IMON file MOD EDIT~MALICIOUS LINK REMOVED Win32/AutoRun.FakeAlert.M worm Connection terminated NT INSTANS\SYSTEM
4/13/2009 18:41:06 PM Kernel file C:\DOCUME~1\debs\LOKALA~1\Temp\sp081021.dll Win32/Rootkit.Agent.QQ trojan Alert was generated during the system startup file check.
4/13/2009 18:40:53 PM Kernel file c:\windows\system32\atidemg.dll a variant of Win32/Rootkit.Podnuha.NCB trojan
i have no idea what to do... I terminated threat... what else?
Edited by Pandy, 15 April 2009 - 04:22 PM.