Cannot Remove MYWAY Search bar

  Doyakkon 20:32 21 Oct 2004
Locked

IT'S Driving me Bleeding MAD

i believe this git off a thing
came with an app my son D/L'ed and installed.
i uninstaled it and thought that was the end of it. but the puters still behaving badly,[which is begining to get really annoying now] so i thought id check to see if anything else was instaled. i found the myway folder still in C/ programmes so i tryed to delete it, it wouldnt let me.
so i ran my cleaners,
Lavasoft-Adaware 6

Spybot S&D

EScan AV

Spysweeper

CW Shredder

A2 Malware cleaner

AVG Free

But not one has found it, i know its there i can see it, and FEEL its presence.

any suggestions please?


""D""

  Bugzee 20:36 21 Oct 2004
  Doyakkon 20:48 21 Oct 2004

tryed those routes, spysweeper no longer see's it and its gone from add/remove progs.

but its still in c/progs still making its presence felt

ps system restore is off

  spikeychris 20:50 21 Oct 2004

Open the registry and run a search for MWSOEMON, delete it. then search Windows for MWSOEMON.EXE..delete that also.

  Bugzee 20:51 21 Oct 2004

i had that little blighter and i cant remember how to get rid,but spikey chris option is a good bet

  MAJ 20:53 21 Oct 2004

Have you tried HijackThis click here, Doyakkon? If not, download HJT to a folder of it's own, run a scan with it and post a copy of the log file. When pasting in the log file, leave a space between each line so that the forum displays it correctly. You also might need to spread the post over a few replies because of the 800 word limit on replies.

  Cal 20:59 21 Oct 2004

Have you upgraded your AdAware?
I had the same problem and updated my AdAware 6 to AdAware SE personal and it picked up MyWay straight away.

  Doyakkon 20:59 21 Oct 2004

Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\SYSTEM32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Network ICE\BlackICE\blackd.exe
F:\NEWPRO~1\TRAYSSER.EXE
C:\WINNT\System32\inetsrv\inetinfo.exe
F:\NEWPRO~1\avpm.exe
C:\WINNT\System32\oodag.exe
C:\WINNT\System32\locator.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\PAL\PCS\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\WINNT\System32\PuXpMan.exe
C:\Program Files\RAM Idle LE\RAM_XP.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\Program Files\Grisoft\AVG6\avgcc32.exe
F:\new programmes\qttask.exe
F:\new programmes\Ad-aware 6\Ad-watch.exe
F:\NEWPRO~1\TRAYICOS.EXE
F:\NEWPRO~1\AVPMWrap.EXE
F:\NEWPRO~1\MAILDISP.EXE
C:\WINNT\System32\ctfmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
F:\NEWPRO~1\SPOOLER.EXE
F:\NEWPRO~1\MAILSCAN.EXE
F:\new programmes\Adobe a\Distillr\acrotray.exe
C:\Program Files\Network ICE\BlackICE\blackice.exe
F:\NEWPRO~1\kavss.exe
C:\WINNT\System32\wuauclt.exe
F:\NEWPRO~1\AvpM.exe
C:\Program Files\Avant Browser\avant.exe
C:\Documents and Settings\user\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = click here
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = click here*click here
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = click here*click here
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = MSN Users are Geeks, BEAT THEM UP ON SITE
R3 - Default URLSearchHook is missing
N3 - Netscape 7: user_pref("browser.startup.homepage", "click here"); (C:\Documents and Settings\user\Application Data\Mozilla\Profiles\default\w97ii9tn.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\user\Application Data\Mozilla\Profiles\default\w97ii9tn.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_19_0.dll

  Doyakkon 21:00 21 Oct 2004

O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\new programmes\Adobe a\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Internet Explorer Web Content Guard - {1B77D30A-81C9-497A-8647-142F7511B1FB} - C:\WINNT\System32\PAL\PCS\ieguard.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\new programmes\spybot S&D\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - F:\new programmes\Adobe a\Acrobat\AcroIEFavClient.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_19_0.dll
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\new programmes\Adobe a\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [mspwr] C:\WINNT\System32\PuXpMan.exe
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle LE\RAM_XP.exe
O4 - HKLM\..\Run: [klp] C:\WINNT\System32\PAL\PCS\explorer.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "F:\new programmes\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ad-watch] "F:\new programmes\Ad-aware 6\Ad-watch.exe"
O4 - HKLM\..\Run: [MailScan Dispatcher] "F:\new programmes\LAUNCH.EXE"
O4 - HKLM\..\Run: [eScan Updater] F:\NEWPRO~1\TRAYICOS.EXE /App
O4 - HKLM\..\Run: [eScan Monitor] F:\NEWPRO~1\AVPMWrap.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINNT\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Global Startup: Acrobat Assistant.lnk = F:\new programmes\Adobe a\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlackICE Utility.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm

  Doyakkon 21:04 21 Oct 2004

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In &New Window - C:\Documents and Settings\user\Application Data\TuneUp Software\TuneUp Utilities\Web\tuofinw.tui
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Search with Freeserve - res://C:\PROGRA~1\FREESE~1\FSBar\FSBar.dll/VSearch.htm
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Zoom &In  - C:\Documents and Settings\user\Application Data\TuneUp Software\TuneUp

  Doyakkon 21:04 21 Oct 2004

Utilities\Web\tuzoomin.tui
O8 - Extra context menu item: Zoom &Out  - C:\Documents and Settings\user\Application Data\TuneUp Software\TuneUp Utilities\Web\tuzoomout.tui
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: ICQ 4.0 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O10 - Broken Internet access because of LSP provider 'mwtsp.dll' missing
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - click here
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - click here
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - click here
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - click here
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - click here
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - click here
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - click here
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - click here
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - click here
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - click here
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - click here
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - click here
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar) - click here
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - click here
O17 - HKLM\System\CCS\Services\Tcpip\..\{01658250-21E6-4FE8-8405-1C99F05A9393}: NameServer = 195.92.195.95 195.92.195.94
O17 - HKLM\System\CS1\Services\Tcpip\..\{01658250-21E6-4FE8-8405-1C99F05A9393}: NameServer = 195.92.195.95 195.92.195.94

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Fujitsu Lifebook P727 laptop review

Lightwell software lets you create mobile apps without using code

Best value Mac: Which is the best £1249 Mac to buy

Comment désactiver les programmes qui s'exécutent au démarrage de Windows 10 ?