Home > Win Min > Win Min - Your Searcher

Win Min - Your Searcher

Go into HijackThis->Config->Misc. Reboot into Safe Mode (hit F8 key until menu shows up). Note- If you get any messages concerning the deletion of system files such as desktop.ini or index.dat, just choose to delete those files; they'll be automatically regenerated by Windows if needed. Message Insert Code Snippet Alt+I Code Inline Code Link H1 H2 Preview Post your Reply Alt+S Related Topics Need suggestions for gaming desktop - 13 replies Windows 7 and Windows 10 this contact form

Ok, i did what u said, but as u can see in my log "your-searcher" is still there.I still have the "system restore" option off. java script:emoticon(':inlove:')java script:emoticon(':inlove:')Logfile of HijackThis v1.97.7Scan saved at 02:00:51 p.m., on 09/06/2004Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Archivos de programa\McAfee\McAfee VirusScan\Avsynmgr.exeC:\WINDOWS\System32\gearsec.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\Archivos de programa\McAfee\McAfee VirusScan\VsStat.exeC:\Archivos de programa\McAfee\McAfee Magstay lang for a couple of hours. It will run in safe mode but shuts down once I'm outta it. see here

I decided to check out that 'your-searcher' site and downloaded an uninstaller. Zoom in to see updated info. You should not have any open browsers when you are following the procedures below. Logfile of HijackThis v1.98.2 Scan saved at 3:24:51 PM, on 11/2/04 Platform: Windows 98 Gold (Win9x 4.10.1998) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSGLOOP.EXE C:\WINDOWS\SYSTEM\MSG32.EXE

Click here for tips and instructions Close help menuNew SearchLibrary InfoHoursLibrary HomeAsk UsSearchKeywordBrowsePhraseExactBooleanLibrary DatabasesMy ListsRequest a TitleMy AccountMy RecordItems OutRequestsFines & FeesPay FinesSaved SearchesLog In / Messenger (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) TripAdvisor members only. your-searcher.com ATTACK!

Click Next->Next->Next and it will tell you that after the next reboot/restart the file should run by itself and clean out the temp folders. We help millions of travelers each month to find the perfect hotel for both vacation and business trips, always with the best discounts and special offers. Note all of this done in safe mode.Again when rebooted that damn 'your-searcher' was sat smugly staring back at me. If you cannot get to this site, PM me your email address and I will send it to you.

Please do the following:Please make sure that you can view all hidden files. Run a scan and save the log file. Thank you very much for the reply. Thanks so much!

The Temp folder will open. http://www.mytechsupport.ca/forums/index.php?topic=6014.5;wap2 Show all answers (1) Answer aubrey r Hi Good Day! C:\WINNT\ybbmf.dll C:\Program Files\Web_Rebates\ C:\WINNT\system32\javafy.dll Run Index.dat Suite now and go to Tools->Settings. Password Site Map Posting Help Register Rules Today's Posts Search Site Map Home Forum Rules Members List Contact Us Community Links Pictures & Albums Members List Search Forums Show Threads

If it asks if you want to delete a certain random file, choose No and post that filename here. At what time does the pool open each day? Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cabO16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28177.cabO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://active.macromedia.com/director/cabs/sw.cabO16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6...922/wmv9VCM.CABO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab28177.cabO16 If it asks if you want to delete a certain random file, choose No and post that filename here.

Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any): R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://your-searcher.com/sp.htm R1 - Several functions may not work. Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cabO16 - DPF: Yahoo! http://yellowproductions.net/win-min/win-min-error-and-your-searcher-com.php Wildcat fan !!!

I don't have my infected laptop with me at the moment, but as I mentioned in the original post, I did use CWShredder (v.1.591) a few times both in normal mode Also make sure that Display the contents of System Folders' is checked. Reboot into Safe Mode (hit F8 key until menu shows up).

We are happy to know that our custom service (Luggage storage) made your stay more cost effective and convenient.

Show all answers (2) Answer Shimrell23 Do you allow college student? 5 months ago Problem with this question? Download Index.dat Suite to clean out all the temp folders. Post the whole log file here. One thing I wanted to mention is that that file name sounded like something from Prefetch.

Show Ignored Content As Seen On Welcome to Tech Support Guy! You should clear out the files in the Prefetch folder. Our convenient location makes us the best choice when waiting for an early morning bus ride or for when arriving late into the city. http://yellowproductions.net/win-min/win-min-and-your-searcher-com-errors.php Advertisements do not imply our endorsement of that product or service.

Please start a New Thread if you're having a similar issue.View our Welcome Guide to learn how to use this site. Do you know what this program is??? Try moving the map or changing your filters. Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.0.0.110\InstallStub.exe -a O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - Global Startup: Logitech Desktop Messenger.lnk =

Please print out or copy this page to Notepad. Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cabO16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28177.cabO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://active.macromedia.com/director/cabs/sw.cabO16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - file://C:\install.cabO16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6...922/wmv9VCM.CABO16 - DPF: Then click on the second button on the top. Keyword search for: Search by: Any Field Title Author Subject General notes Publisher Genre Series ISBN ISSN LCCN Publisher No.

Just good for 1 night stay with the lil cockroaches. 😑 Yay! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [Gijnce] C:\WINDOWS\System32\l?gonui.exe O4 - HKCU\..\Run: [dllhelp] c:\windows\dllhlp.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE O4 - Global I have also used Hijackthis several times to delete the R0-R1 entries, but they would come right back. Dominoes - http://download.games.yahoo.com/games/clients/y/dot4_x.cabO16 - DPF: Yahoo!

Tech Support Forum Security Center Virus/Trojan/Spyware Help General Computer Security Computer Security News Microsoft Support BSOD, Crashes And Hangs Windows 10 Support Windows 8, 8.1 Support Windows 7, Vista Support Windows Positive comments: - very fast housekeeping service (one call away) - accessible to all modes of transportation (bus, vans, jeeps, tricycles) - near to food stalls/restaurants and groceries - spacious room Click Apply then OK.