Surfbar Hijacker Still Being Found Despite Cleaning Efforts

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Dash Branaghan, Jan 23, 2005.

  1. Dash Branaghan

    Dash Branaghan Private E-2

    I checked the thread on Surfbar and the solution doesn't work for me.

    The files (such as drg.exe or winsrv32.exe) that are associated with Surfbar hijacking are absent from my computer, yet my antispyware software (PestPatrol and the beta Giant AntiSpyware from Microsoft) both show that my win32.dll file is spyware, infected with Surfbar.

    My registry is absent of the problem files, my Task Manager is absent of the processes, my browser isn't hijacked, and the only evidence that I have that there is spyware is that the programs tell me there is.

    Any suggestions at this point? I'm running XP with SP2, Pest Patrol (updated regularly), and the Microsoft Anti-Spyware beta. I'm at the point where I'm just going to select the ignore option the next time this comes up on my system.

    Dash
     
    Dash Branaghan, Jan 23, 2005
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Normally I would request you first do all the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal but let's do the below.

    By the way MS Anti-Spyware is a beta and has lot's of issues especially with false positives. It sometimes removes items you need. I cannot recommend using it at this point. If you do use it, you have to be very selective about what you allow it to fix.


    Make sure you have HijackThis 1.99 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

    Now post a HijackThis log as an attachment to your message (Do not post the log inline). All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

    To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT
     
    chaslang, Jan 23, 2005
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds