i am getting browser hijack and "all access plugin message"

Discussion in 'malware problems & news' started by google88, Mar 26, 2010.

Thread Status:
Not open for further replies.
  1. google88

    google88 Registered Member

    Dec 15, 2009

    I rarely restart my machine

    but i am getting a few explorer crashes

    and when i restart i am getting my homepage changed to


    and very fast popups installing an all access plugin

    i use kaspersky and i used to use spybot, but just days ago i changed to Malware bytes antimalware, i bought it so i get the resident protection.

    I'd ran a few scans and removed a couple of things so i thought it was clean

    but i rarely restart so i thought it was gone

    what the best thing for me to do? run a few malware bytes scans and a few restarts

    Has anyone got any experience of this http://w****ww3.iamwire****d.net/ browser hijack (I put stars so it wsnt a link)

    cheers guys
  2. PC__Gamer

    PC__Gamer Registered Member

    Dec 26, 2009
    run Drwebs Cureit,
    run MalwareBytes
    & run a very quick scan with Hitman Pro


    purchase and install Prevx with SafeOnline ;)

    or you could start running your browser via a Sandbox.
  3. innerpeace

    innerpeace Registered Member

    Jan 15, 2007
    Mountaineer Country
    I went to that site and at the bottom of the page there is a gray "support" link. The link has a removal tool that is available. I uploaded it to VirusTotal and it came up clean except for a symantec insight hit but I have been seeing those lately so it's probably a false positive.

    I have no idea if the tool would actually fix your problem. You could give it a try. If you do post back if it helped or not.

    P.S. If you not familiar with virustotal, it scanned the file with 34 scanners and basically said it is clean.
  4. FanJ

    FanJ Updates Team

    Feb 9, 2002
    Maybe the best thing is to let an expert check an HijackThis Log.
    The Wilders board isn't doing such things anymore, see:
    In that link you will see several sites listed where they do HijackThis.
    Go to one of those sites and follow the required steps on that site for HijackThis Analysis.
  5. google88

    google88 Registered Member

    Dec 15, 2009

    thanks for the input

    I'm running the scans now

    I took some recommendations a few days a go and bought Malware Bytes Anti malware to replace SPybot

    And MBAM at least raised the flag when i rebooted

    I'm ruining the other scanners now

    but my system appears a little unstable

    i'm getting explorer.exe crashes (twice today)

    Any crash makes me panic that its malware causing it :(

    It it possible that the malware could be removed and crashes still happen?

    also i removed

    C:\Documents and Settings\-my name-\Local Settings\Temp\nsd50.tmp

    this had a few files that were from the pop up i got when the pc started

    downloads File Folder
    Background PNG Image
    blowfish.dll Application Extension
    Components HTML Document
    Confirmation HTML Document
    Final HTML Document
    ginfo File
    InetLoadEx.dll Application Extension
    Install HTML Document
    LangDLL.dll Application Extension
    nswebgui.dll Application Extension
    Processes.dll Application Extension
    Progress.dll Application Extension
    Register HTML Document
    System.dll Application Extension

    I manually deleted the files

    and when i checked the removal log for malwarebytes

    there was a sequential number file in the 'downloads' folder of the above
    C:\Documents and Settings\-my name-\Local Settings\Temp\nsd50.tmp

    i think i may have stopped this replicating

    but i have had a few explorer.exe crashes

    I'll run these scans

    its like I'm the wrong side of nervousness on this

    (i might post a new topic about registry fixers. I'm never sure if i should use one from time to time)

    I'll post back if anything happens
Thread Status:
Not open for further replies.