|
|
#1
November 23rd, 2003, 12:29 PM
|
||||
|
||||
Search Assistant - My Search [REGISTRY ENTRY]
Hi all i have the above in my registry of which i have never heard of.It will not uninstall.Would anyone know what software this came in on and how to remove it.
Search Assistant - My Search Program: C:\Program Files\Spy bot - Search & Destroy\Update.exe Size: 5.17 MB Last used: 16/11/2003 Frequency: rarely (2) Support information: Publisher: My Search about: h t t p : //info.myway.com/index/id/ourmission.html Support: h t t p : //help.myway.com/ Standard information: Uninstall: mshta res://C:\PROGRA~1\MyWay\SrchAstt\1.bin\mysrchas.dll/101 Language: English (United Kingdom) Key name: (HKLM) MyWaySearchAssistant Other information: The above does not make much sense to me as uninstalling spy bot does not remove the registry of Search Assistant - My Search Many thanks C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\GEARSEC.EXE C:\Program Files\Norton AntiVirus\navapsvc.exe C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe C:\PROGRA~1\NORTON~1\navapw32.exe C:\Program Files\HDD Health\hddhealth.exe C:\Program Files\Tweak-XP Pro 3\AdBlocker.exe C:\Program Files\Tweak-XP Pro 3\popup.exe C:\Program Files\TGTSoft\StyleXP\StyleXP.exe C:\Program Files\MRU-Blaster\scheduler.exe C:\Program Files\SpywareGuard\sgmain.exe C:\WINDOWS\webshots.scr C:\Program Files\SpywareGuard\sgbhp.exe C:\PROGRA~1\INCRED~1\bin\IMApp.exe C:\Program Files\PC Magazine Utilities\UnClean\UnClean.exe C:\Documents and Settings\NICK\Local Settings\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.windowsxpmagazine.co.uk/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.windowsxpmagazine.co.uk R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://windowsupdate.microsoft.com/ O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe /waitservice O4 - HKCU\..\Run: [HDDHealth] C:\Program Files\HDD Health\hddhealth.exe -wl O4 - HKCU\..\Run: [BlockAds] "C:\Program Files\Tweak-XP Pro 3\AdBlocker.exe" O4 - HKCU\..\Run: [Pop-Up-Blocker] "C:\Program Files\Tweak-XP Pro 3\popup.exe" O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKLM\..\RunOnce: [MRUBlaster] C:\Program Files\MRU-Blaster\indexcleaner.exe -CC O4 - Startup: MRU-Blaster Scheduler.lnk = C:\Program Files\MRU-Blaster\scheduler.exe O4 - Startup: MRU-Blaster Silent Clean.lnk = C:\Program Files\MRU-Blaster\mrublaster.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: ieSpell (HKLM) O9 - Extra 'Tools' menuitem: ieSpell (HKLM) O9 - Extra 'Tools' menuitem: ieSpell Options (HKLM) O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 (HKLM) O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 (HKLM) O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/bcd48c18cb7498/housecall.antivirus.com/housecall/xscan53.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B0D8DF6C-A20A-4829-89D9-BF9205E2E8AF}: NameServer = 212.23.3.11 212.23.6.35
__________________
Wilders
 ~Security Specialists~ Microsoft MVP - Consumer Security
|
|
#2
November 23rd, 2003, 01:48 PM
|
||||
|
||||
|
Re:Search Assistant - My Search [REGISTRY ENTRY]
Hi NICK ADSL UK,
The MyWaySearchAssistent is often bundled with other software: http://www.doxdesk.com/parasite/MySearch.html I don't quite see the connection to Spybot S&D except that they were added as targets in the update of 2003-11-02 There is one toolbar in your log that I am not familiar with: O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll If I had to guess I´d say it could be the RealPlayer toolbar. Does that make sense. Your log is perfectly clean by the way. Regards, Pieter
__________________
Regards, Pieter It´s nice to be important, but it´s more important to be nice. Remove & Prevent spyware It's human to make mistakes. It's even more so to blame the computer for it. |
|
#3
November 23rd, 2003, 07:07 PM
|
||||
|
||||
|
Re:Search Assistant - My Search [REGISTRY ENTRY]
Thank you Pieter for your excellent quick response.I have managed to remove the registry entry only with your uninstaller pro.It could not remove the file as it obviously had a broken link somewhere so i just ticked the box to remove the registry entry.I would love to know what program that come in on as i have a lot of software to prevent this sort of thing happening.Real bar is part of real player it is not spy ware in the true sense of the word and spy bot does not pick up on it.Many thanks once again.While i am here i would like to say what a nice forum you have here
__________________
Wilders
~Security Specialists~ Microsoft MVP - Consumer Security
|
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
