Thread: vroomsearch popup problem
View Single Post
Old 05-22-2005, 09:24 AM   #1 (permalink)
dragonballfan
Member
 
Join Date: Apr 2005
Posts: 23
OS: 2000


vroomsearch popup problem
Hello, I'm having some problems that I hope someone can help me with...
I keep getting this vroomsearch.com popups, and my memory is getting used up and slowing my computer way down. I have Spywareblaster and Spywareguare, but apparently something has gotten through.

PandaActive Scan found 2 things:

Adware:Adware/CWS No disinfected C:\Documents and Settings\ruben\Favorites\Health
Adware:Adware/Beginto No disinfected Windows Registry


CWShredder found nothing
AdAware found a tracking cookie, and the VX2 cleaner found nothing
Spybot Found: Hot Search Bar

There are also things in my favorites that shouldn't be there. Also, something called ll22.exe keeps trying to gain access to my computer, Zone Alarm stops it and when I remove ll22.exe from the programs list, it keeps trying to come back, so I just blocked it from computer.

Here's my HJT log and I used KRC analyzer....


Logfile of HijackThis v1.99.1
Scan saved at 9:40:08 AM, on 5/22/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Browser MOUSE\mouse32a.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.vroomsearch.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.vroomsearch.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.vroomsearch.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cox.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.vroomsearch.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.vroomsearch.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Cox High Speed Internet
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.1\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ohb - {22DFEAE8-9AD2-4FC6-9CBA-A6566CA3B6EB} - C:\WINNT\system32\gpstool.dll
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.cox.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yaho...st20040510.cab
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1...datePortal.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D7A7442D-85A9-475F-82F9-65ED4110B4C5} (iiittt Class) - http://gpstool.globaladserver.com/v30/gpstool.cab
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZONELABS\vsmon.exe


End of KRC HijackThis Analyzer Log.
dragonballfan is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here