User Name Password Register
DaniWeb IT Discussion Community
Home
Forums
Tutorials
Blogs
Link Directory
All
What is DaniWeb IT Discussion Community?
You're currently browsing the Viruses, Spyware and other Nasties section within the Tech Talk category of DaniWeb, a massive community of 427,789 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 3,760 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Join our community!
Please support our Viruses, Spyware and other Nasties advertiser: Programming Forums

clearing out this gargabe >prosearching.com/ searchbar.html

Join Date: Oct 2003
Posts: 21
Reputation: Ron Wolpa is an unknown quantity at this point 
Rep Power: 0
Solved Threads: 0
Ron Wolpa's Avatar
Ron Wolpa Ron Wolpa is offline Offline
Newbie Poster

clearing out this gargabe >prosearching.com/ searchbar.html

  #1  
Apr 23rd, 2004
Hi
I am quite fed up with spyware , this time : http://prosearching.com/searchbar.html
(IŽd wish to have a valid email to call a bit of names to such [Moderator's edit: Please keep it clean, we ask that our members not use profanity in these forums- thanks]


is there any safe tutorial on how to get rid of IE hijacking (cwshredder has got 2 links where there are explanations on how to uninstall java virtual machine and others items which allow hijacking )

In this meantime , perhaps any of you could assist me to clear my system out of this rubbish (what the h e l l is that : C:\ARQUIVOS DE PROGRAMAS\MIX MAIL LOVE\POLLBAIT.EXE)


Here youŽve got the Logfile :


HijackThis v1.97.7
Scan saved at 1:00:59, on 23/04/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
D:\12GHOSTS\12SRVC.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
D:\ADMUNCHER\ADMUNCH.EXE
C:\ARQUIVOS DE PROGRAMAS\MIX MAIL LOVE\POLLBAIT.EXE
C:\ARQUIVOS DE PROGRAMAS\MYVITALAGENT8\VITALAGENT\PROGRAM\VTLAGENT.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\ARQUIVOS DE PROGRAMAS\MSN MESSENGER\MSNMSGR.EXE
D:\CHATBROWSER4.0\CB_4001.EXE
C:\ARQUIVOS DE PROGRAMAS\SYSAI\SYSAI.EXE
D:\!DOWNLOAD\!_HIJACK_CLEAN\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://prosearching.com/searchbar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://prosearching.com/searchbar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://prosearching.com/searchbar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Multi Media Marketing
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://home.uol.com.br/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\ACROBATREADER\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {00000000-0007-5041-4354-0020e48020af} - D:\12Ghosts\12popup.dll
O2 - BHO: (no name) - {904071B0-0D97-86B7-E2E8-38105E672165} - C:\ARQUIVOS DE PROGRAMAS\SOFTWARE 2 LONG\SEEK64.DLL
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\ARQUIVOS DE PROGRAMAS\SYSAI\APROPOSPLUGIN.DLL
O3 - Toolbar: 12-Popup - {00000000-0008-5041-4354-0020e48020af} - D:\12Ghosts\12popup.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Ad Muncher] D:\ADMUNCHER\ADMUNCH.EXE /bt
O4 - HKLM\..\Run: [AutoLoaderEnvoloAutoUpdater] "C:\WINDOWS\TEMP\~COMPOUNDINST0\AUTO_UPDATE_LOADER.EXE"
O4 - HKLM\..\Run: [Flaw Dog] C:\ARQUIV~1\MIXMAI~1\Pollbait.exe
O4 - HKLM\..\RunServices: [12Ghosts TrayProtect] D:\12GHOSTS\12srvc.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - Startup: MyVitalAgent.lnk = C:\Arquivos de programas\myvitalagent8\VitalAgent\Program\VtlAgent.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download with GetRight - D:\Arquivos de programas\getright502\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - D:\Arquivos de programas\getright502\GRbrowse.htm
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: ICQ Pro (HKLM)
O9 - Extra 'Tools' menuitem: ICQ (HKLM)
O9 - Extra button: ComVC (HKCU)
O12 - Plugin for .spop: C:\ARQUIV~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O19 - User stylesheet: C:\WINDOWS\color.css
Last edited by DMR : Apr 23rd, 2004 at 3:29 pm.
AddThis Social Bookmark Button
Reply With Quote  
Advertising Opportunities on DaniWeb
Contact Us - Newsletter Archive - Sitemap - Privacy Statement
All times are GMT -4. The time now is 1:45 pm.
Forum system based on vBulletin Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
©2003 - 2008 DaniWeb® LLC