Hi Jen - Well, this probably has nothing to do with the patch. It might be
the Google Toolbar which isn't a "bad guy", and which you can easily
uninstall if you don't want it. It might also be that you've picked up a
"hijacker, a malware Browser Helper Object (BHO).
If you go to this page at Jim Eshelman's site, here:
http://aumha.org/a/noads.htm and wait a little bit (be patient), an analysis
of a number of possible parasites on your machine will be made to help you
identify and remove them. NOTE: You will need to disable Ad Blocking in Zone
Alarm 3.x, if present or any other Ad Blocking software which interferes
with Java Scripting for this scan to work. You should get a message between
the two lines of **** giving the results of the scan.
From your description it's difficult to be sure just what you got into, and
therefore to prescribe any specific actions. Do the following:
Download HijackThis, free, here:
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
Unzip it to any convenient folder, start it then press Scan. Click on
SaveLog when it's finished which will create hijackthis.log. Now click the
Config button, then Misc Tools and click on Generate StartupList.log which
will create Startuplist.txt
Go to Spyware and Hijackware Removal Support, here:
http://www.spywareinfo.com/forums/index.php?s=8a236cdf61469fbad3bddbe810be0374&act=SF&f=11
Sign in, then copy and paste both files into a message asking for
assistance, Someone will answer with detailed instructions for the removal
of your parasite(s).
In addition to the above, if you don't already have them here are some
things which will help you defense your systems:
The best way to start is to get Ad-Aware 6.0, Build 181 or later, here:
http://www.lavasoftusa.com/support/download/. Update and run this regularly
to get rid of most "spyware/hijackware" on your machine. If it has to fix
things, be sure to re-boot and rerun AdAware again and repeat this cycle
until you get a clean scan. The reason is that it may have to remove things
which are currently "in use" before it can then clean up others.
Another excellent program for this purpose is SpyBot Search and Destroy
available here:
http://security.kolla.de/ SpyBot Support Forum here:
http://www.net-integration.net/cgi-bin/forums/ikonboard.cgi. I recommend
using both normally. After fixing things with SpyBot S&D, be sure to re-boot
and rerun SpyBot again and repeat this cycle until you get a clean "no red"
scan. The reason is that SpyBot sometimes has to remove things which are
currently "in use" before it can then clean up others.
Lastly, you might want to consider installing the SpywareBlaster and
SpywareGuard here to help prevent this kind of thing from happening in the
future:
http://www.wilderssecurity.com/spywareblaster.html (Prevents malware Active
X installs) (BTW, SpyWare Blaster is not memory resident ... no CPU or
memory load - but keep it updated) The latest version as of this writing
will prevent installation or prevent the malware from running if it is
already installed (currently 822 baddies), and it provides information and
fixit-links for a variety of parasites.
http://www.wilderssecurity.net/spywareguard.html (Monitors for attempts to
install malware) Both Very Highly Recommended.
--
Please respond in the same thread.
Regards, Jim Byrd, MS-MVP
In
