GazaPP submitted the following as an entry and I debated whether to post it and then decided to go ahead and slap it up under my name with an answer. Here’s what they wrote:
Hi im a new member(“NOOb”), I dont know exactly what topics u guys cover but ive seen lots of different convo’s/posts in this forum so i figured id try u guys for some help with a computer problem. The problem is i use limewire for p2p sharing. Recently i downloaded a rar file under the pretence that it contained episodes of my fav. tv show Family Guy. On extracting files i was met with an exe program labled ‘start up’. Now for some reason ive failed to remember in hindsight i clicked and ran the program with no immediate effect. Thinking it may be a dud i deleted the rar from my library. I now have realised that it was probably the cause of the virus i have now. The symptoms are;
-Limewire opens automatically, everytime i close it opens up again,
-Unable to access task manager by pressing ctl alt delete(ive got around this by making task man run on start up but would like a perminant fix),
-Lots of different ad ware/popup/tool bars install automatically on my browser, including surfersidekick and UCmore and im unable to uninstall them even using ‘windows defender’ software,
-Random processes keep running like astr.exe and nls.exe which are deemed to be malicious according to internet sources (ive managed to stop most of these now but maybee they r still on my system somewhere?)
-Norton has told me its a ‘backdoor trojan’
Unfortunatly my norton subscrtiption expired pretty much the same time this all happened so i used windows defender but this seems unable to remove surfersidekick and UCmore or to stop limewire starting up every 5 seconds!! Any system info u guys need to help just ask me, id much apreciate a response. Thanks, GazaPP.
P.S-Ive downloaded the program Sam Spade from your website and find it interesting, using it i managed to find surfersidekicks ip addy and where they operate from but what can i do with this info? how can i stop them sending me spyware/viruses again(if it is them thats doing it) and what else can sam spade be used for? cheers again, gaz.
Based on what you’ve described it sounds like you infected your PC with a pretty nasty bit of malware. Given the symptoms you describe my honest suggestion for the best way to deal with this would be to backup any data files you want to keep, erase the hard drive completely, and re-install everything from scratch. This is both the simplest method and the only way to be absolutely sure you kill this thing for good. Astr.exe is a ClickSpring adware component and nls.exe is part of NaviSearch spyware.
Yes, you can try whacking at it with a variety of tools, but you’re going to end up spending more time than you would to do a “save and pave” and there’s no easy way to be sure you didn’t miss something. If you insist on not doing a save and pave then the following tools may be of help:
- First remove LimeWire from your PC before you do anything else. It’s known to include its own spyware and is contributing to your problem. If you’re going to use a P2P program then install something known to be malware free such as Shareaza, which has the added benefit of handling bittorrent if you don’t want to install a separate bittorrent client.
- Then grab a copy of Avast Antivirus and install it on your PC. The home edition is free for personal use and it’s a pretty good antivirus program has even removed some bugs that Norton couldn’t.
- Next grab a copy of Spybot Search & Destroy and turn it loose on your system. Allow it to remove anything it finds.
- Then move on to Ad-Aware SE Personal and do the same.
- If you’re running Windows XP then grab a copy of Windows Defender and run it as well.
Between those four programs you should be able to cleanup around 95% of the problems your PC is having, but the folks who produce this crap are very clever and often include scripts hidden in various areas of your PC that will re-install the applications/trojans after they are removed and these extra scripts may be missed by the malware scanners. If that’s the case then you’re talking some pretty intensive digging through your system and/or registry hacking to get rid of the problems. Not sure where you got Sam Spade from on this site as I don’t host the file.
Perhaps some of the other regulars will have some additional suggestions, but if it were me my first response would be to save some time and peace of mind by just restaging the PC after backing up the data files you want to keep.