Can't get rid of this!

Tags:

Hewlett-packard DV9000

Boogyman June 10, 2010 at 07:38:55
Specs: Win XP Pro / Win Vis, E6300 / 2 GB

I can't get rid of this spyware. I have tried hijackthis, BHO clean, LSP Fix, Malware Bytes, Trend Micro, but no luck. I am in safe mode with networking and I still have the problem. What happens is when I search on google for something I get redirected and the Favicon looks like a Cursive 2 or sometimes a green earth with a grid around it. This affects all browsers on my computer. Any ideas on what this is or how to remove it?
Intel E6300 Core 2 Duo
G.Skill 2GB DDR26400
Sapphire Radeon X1900XT
Seagate 320GB HDD
WD 80GB HDD
Windows XP Professional / Windows Vista

See More: Cant get rid of this!

Report •

XpUser4Real June 10, 2010 at 07:43:28

You may want to try
1- Trojan Remover
2- Hitman Pro
remove all they find and when they run clean you can uninstall them
If those 2 don't work, try combofix:
http://www.bleepingcomputer.com/com...
Follow the tutorial and you should be fine.
Some HELP in posting on Computing.net plus free progs and instructions Cheers

Report •

SSHGuy June 10, 2010 at 07:47:14

Hi, Boogyman,
First, try True Sword:
http://www.securitystronghold.com/t...
Download it and register for 1 month trial. Its free and fullfunctional for 1 month. Perform scan and remove found items.
If that won't help:
Please, do the following:
Download following file and run it.
http://download.bleepingcomputer.co...
Tell me if error will still occur and send me log generated.
You will need to disable active anti-virus temporary.
;) Security Made Easy ;)

Report •

XpUser4Real June 10, 2010 at 07:50:54

'Download following file and run it.
http://download.bleepingcomputer.co...
Hmmm....I thought I did suggest combofix?? Maybe my eyes are going ;-)
Also, if True Sword requests you use a credit card to access the 30 day free trial, I would suggest NOT to try it. I have never used that program.
Some HELP in posting on Computing.net plus free progs and instructions Cheers

Report •

Related Solutions

See More ↓

SSHGuy June 10, 2010 at 08:14:39

XpUser4Real,
I was typing my answer while you added it and haven't seen it.
True Sword don't ask credit card - if it helps you can buy it - if not remove it. It is free fullfunctional trial for 1 month.
;) Security Made Easy ;)

Report •

XpUser4Real June 10, 2010 at 08:24:34

no problem, I just don't believe in name, address and credit card, etc when registering for a free trial....I stay away from those.
Some HELP in posting on Computing.net plus free progs and instructions Cheers

Report •

Boogyman June 10, 2010 at 11:53:27

Awesome thanks for all the great advice and tips. I hit it with ComboFix and turns out it was a rootkit. Everything seems to be working fine now.
Intel E6300 Core 2 Duo
G.Skill 2GB DDR26400
Sapphire Radeon X1900XT
Seagate 320GB HDD
WD 80GB HDD
Windows XP Professional / Windows Vista

Report •

XpUser4Real June 10, 2010 at 13:48:15

Thanks for posting back. Hopefully combofix deleted the rootkit ;-)
Some HELP in posting on Computing.net plus free progs and instructions Cheers

Report •

Start a discussion

Ask Your Question

Weekly Poll

Do you think Microsoft can save the Surface Book lineup?

Poll Finishes In 7 Days.
Discuss in The Lounge
Poll History