Think the laptop is on it's way out. Please help.

aliEnRIK

Uninstall anything IMESH related
Uninstall YOUTUBE TOOLBAR

TICK and FIX these in hijack (if still there after uninstall) ~
C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R3 - URLSearchHook: youtube-search Toolbar - {02ac71e4-2e16-426e-9c3a-fc0f2f27b08e} - C:\Program Files\youtube-search\tbyout.dll
O2 - BHO: youtube-search Toolbar - {02ac71e4-2e16-426e-9c3a-fc0f2f27b08e} - C:\Program Files\youtube-search\tbyout.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll
O3 - Toolbar: youtube-search Toolbar - {02ac71e4-2e16-426e-9c3a-fc0f2f27b08e} - C:\Program Files\youtube-search\tbyout.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [DataMngr] C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\DataMngrUI. exe
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} (GameHouse Games Player) - http://www.gamehouse.com/games/gamehouse/ghplayer.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://yahoouk.oberon-media.com/Game...onGameHost.cab
O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dl l


Download CCLEANER
http://www.piriform.com/ccleaner/download/slim
Run the CLEANER scan (UNTICK 'cookies')
Then run the REGISTRY scan (Backup the registry when it asks)


Hows it running now?

dave2

whoa, time to do a clean reinstall IMHO. Be as new after that.

This time make sure Norton and windows are set to automatically update, and pay attention to what you download and what you click "OK" to!

By the way, if you got Norton with your laptop it probably only had a 90 day free period and isn't updating after that. No point having it if not bang up to date, either pay up or get a freebie (plenty options in a thread stickied in this forum).

The_Grandmaster

Surely if we run various programmes which can make sure these infections are gone, that would be enough - although I agree that there are a lot of infections and that a clean install is the easiest 'remedy'.

dave2

Personally I think if the software found 174 infections and aliEnRIK a few more, the odds are higher than I'd be comfortable with that there's something else hiding away. Or that those programs replaced some other system files, or left a hole open to get infected again.

Granted I've done it numerous times myself when upgrading etc, so the task isn't very daunting to me. If you'd never done it before you may well have a different perspective (especially since you might have to acquire a backup solution, and by wiping the drive you introduce risk of missing out one of your files when backing up).

The_Grandmaster

So how does one do a system restore? Never done one myself (nor do I plan on doing one but would like to know).

If there's a CD I assume you put that in and follow the instructions on screen? But if there's no CD?

I'm sure alienRIK has a few more tricks up his sleeves before doing a system restore though! And the 'two' malware are mywebsearch and double.D only - although there were a lot of those.

Peculiar that symantec should catch double.d and mywebsearch... http://www.symantec.com/security_response/writeup.jsp?docid=2009-081813-5025-99
http://www.symantec.com/security_response/writeup.jsp?docid=2005-081609-4733-99 although actually the new mywebsearch may be a new variant

Although I'm curious to know why mywebsearch keeps popping up on this forum recently.

timmmers

The_Grandmaster wrote: »

So how does one do a system restore? Never done one myself (nor do I plan on doing one but would like to know).

If there's a CD I assume you put that in and follow the instructions on screen? But if there's no CD?

I'm sure alienRIK has a few more tricks up his sleeves before doing a system restore though! And the 'two' malware are mywebsearch and double.D only - although there were a lot of those.

Peculiar that symantec should catch double.d and mywebsearch... http://www.symantec.com/security_response/writeup.jsp?docid=2009-081813-5025-99
http://www.symantec.com/security_response/writeup.jsp?docid=2005-081609-4733-99 although actually the new mywebsearch may be a new variant

Although I'm curious to know why mywebsearch keeps popping up on this forum recently.

Start menu .accessories...system tools...system restore. Click on a recent or long distant date and restore. Easy. It's reversable too. Assuming you set it to regular restore points, if not they are usually when you update or instal something new. I recently had to take a lappie back 3 years via system restore, instal Avast and Malwarebytes...run them both a couple of times...and it was infested.....now it's running like a swiss watch for it's owner. She can do it herself now, it's not rocket science really.

God knows why people still use Norton...it's awful, expensive, takes over your machine and useless at the one thing it's there for, get Avast which is free and you'll find you rarely if ever have a problem.

t

aliEnRIK

I dont think he really ment a 'system restore'
He was after what Dave mentioned which is to completely wipe the drive and start afresh