Pieter_Arntz
September 26th, 2004, 02:58 PM
A few variants of this hijacker are active:
Log examples:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.makemesearch.com/?said=126
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.makemesearch.com/?said=126
O2 - BHO: Tubby - {9EAC0102-5E61-2312-BC2D-4D54434D5443} - C:\WINDOWS\SYSTEM\MTC.DLL
O3 - Toolbar: Search Toolbar - {9EAC0102-5E61-2312-BC2D-4D54434D5443} - C:\WINDOWS\SYSTEM\MTC.DLL
Known variants:
{CLSID} filename
{9EAC0102-5E61-2312-BC2D-4D54434D5443} mtc.dll
{9EAC0102-5E61-2312-BC2D-444C4C4F5552} DLL.dll
{9EAC0102-5E61-2312-BC2D-414456544F4E} ADV.dll
{9EAC0102-5E61-2312-BC2D-4E4153202020} NAS.dll
Remove Search Toolbar under Add/Remove Software and fix the entries in the HijackThis log.
Special credits to Zupe
Log examples:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.makemesearch.com/?said=126
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.makemesearch.com/?said=126
O2 - BHO: Tubby - {9EAC0102-5E61-2312-BC2D-4D54434D5443} - C:\WINDOWS\SYSTEM\MTC.DLL
O3 - Toolbar: Search Toolbar - {9EAC0102-5E61-2312-BC2D-4D54434D5443} - C:\WINDOWS\SYSTEM\MTC.DLL
Known variants:
{CLSID} filename
{9EAC0102-5E61-2312-BC2D-4D54434D5443} mtc.dll
{9EAC0102-5E61-2312-BC2D-444C4C4F5552} DLL.dll
{9EAC0102-5E61-2312-BC2D-414456544F4E} ADV.dll
{9EAC0102-5E61-2312-BC2D-4E4153202020} NAS.dll
Remove Search Toolbar under Add/Remove Software and fix the entries in the HijackThis log.
Special credits to Zupe