mysearch.com: infected with its toolbar

Discussion in 'other anti-malware software' started by tahoma, Feb 12, 2003.

Thread Status:
Not open for further replies.
  1. tahoma

    tahoma Guest

    hi

    i jsut noticed a new toolbar in ie. turns out to be this one: http://www.doxdesk.com/parasite/MySearch.html

    dont know how i got it, but it must have been autoinstalled from some site. which is weird, cos i have spywareblaster installed, and well as ad-aware 6 pro + ad-watch running at all times, set to blick activex installations.

    ad-aware doesent detect this parasite at all, but luckily spybot s&d does ,and im now clean. may i recommend this one being added to spywareblaster? also, what urls/ips to add to my hosts file to avoid it from installing again? i alraedy added mysearch.com to my hosts file.

    ive cleaned my hd as best as i can, but i wanna be sure. would anyone know what files and folders it creates on my hdd apart from the myseach folder in program files.

    thank u
     
  2. tahoma

    tahoma Guest

    ok, i have now found out that the bar came from my installation of a p2p called piolet from piolet.com
    now ur warned
     
  3. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,402
    Location:
    North Carolina, USA
    tahoma,

    I would probably be correct in saying this (knowing Patrick's work), that if SpyBot Search and Destroy found the "MySearch" toolbar, and you selected it and clicked "Fix Selected Problems", then you should have no remnants of "MySearch" on your system. I would not worry. :D

    Regards,
    Kent
     
  4. tahoma

    tahoma Guest

    thanks for your reply. yes it seems im clean :D

    however, dll-injection is pretty scary imho. how can u protect yourself against it? i know the newest versions of zonealarm pro can do this, but ZA isnt a good option for me. im using outpost, and apparently outpost2 will have anti dll-injection mechanisms.

    but in the meantime, are there any dll injection protection apps out there at all ? suggestions welcome :)
     
Thread Status:
Not open for further replies.