IadHide4.dll

[JoeRocks]

This jerk is stuck in my temp folder- it is incredibly stubborn to remove. I know a lot of people have picked this hijacker from File sharing. It is one of the more malicious ones out there.
I've run AdAware, SpyBot and HijackThis- but I can't identify it on Hijack's list. I've rebboted in Safe Mode to uninstall- no avail. I think HijackThis is my best bet-does anyone know how to identify it? The list is long, I dont want to remove the wrong item.
Anyone been here before?
Thanks for any help/suggestions.

[CCSDUDE]

Find a process monitor (hopefully with a terminate feature) or use WinXP Manager or SuperUtilites to find the exact dll and kill the son of a bitch off...ban it from loading up then delete it...

[Mels_Smileys45]

This looks very similar to what caused me to lose everything on my hard drive a few weeks back. I was un installing it and eventually it took over everything. I checked always start in safe mode under system start up and it stopped windows from loading. Dont do this! I do not know how to get rid as it seems to attach to windows in a manner thats hard to identify. In your program logs is there a program called wasup or coolcash running? All I can say is be very careful and sorry I can't be of more help. If its the same hijacker its really very amazing.

[MikeHunt]

a site with some tools to help... http://subratam.org/?page=removal


vx2finder is especially good.


warmest personal regards

Mike

[crackerjacker]

hmm read the information on pest patrols website, this may be the reason you are having problems. Read the information and then in the bottom it will tell you how to move it. hmm you might even wanna download a trial version of pest patrol to see if it can remove it. Either way read this site its good information. hmm
http://www.pestpatrol.com/PestInfo/B/Backweb.asp

[crackerjacker]

Quote:

Originally Posted by MikeHunt

a site with some tools to help... http://subratam.org/?page=removal


vx2finder is especially good.


warmest personal regards

Mike

hey mike that site looks good too.

[Mels_Smileys45]

After reading up on this hijacker its nothing like what I came across.

[JoeRocks]

THANK YOU, THANK YOU, I got my soul back! All help was useful and appreciated, but ... http://subratam.org/?page=removal did the trick.
I restarted and saw an AMAZING difference in my system, almost like new.....

[crackerjacker]

Quote:

Originally Posted by JoeRocks

THANK YOU, THANK YOU, I got my soul back! All help was useful and appreciated, but ... http://subratam.org/?page=removal did the trick.
I restarted and saw an AMAZING difference in my system, almost like new.....

Which removal tool did you use btw to resolve the problem that way we know for future ?

[JoeRocks]

Hijack This......ever other method removed it but it would show up again after a reboot

[tm2livnlern]

This file is part of HP/Compaq's Backweb connection service. Kill this process: BACKWE~1.EXE then delete Iadhide.dll

If you open this file using notepad you can see it's origins written in plain english.

[Michael O'Donnell]

Problem: IadHide4.dll
Name: BackWeb
Category: Downloader
Found By: Yahoo! Anti-Spy

Location:
C:\Documents and Settings\Administrator\Local Settings\Temp\IadHide4.dll

Process:
backWeb-8876480 [or similar process!]

Installed By:
Logitech Desktop Messenger [or other program!]

Description:
backWeb-8876480.exe [or similar process] is a process that comes with Logitech [and other corporations] products software.
It manages the automatic update check and provides the latest offers and products from Logitech [and other corporations].
This is a non-essential process; disabling or enabling it is a user preference.

Files:
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\6.1.4.68-8876480L\Program\backweb.dll
C:\Program Files\Logitech\Desktop Messenger\8876480\6.1.4.68-8876480L\Program\backweb.tlb
C:\Program Files\Logitech\Desktop Messenger\8876480\6.1.4.68-8876480L\Program\IAdHide.dll

Solution:
Search For: backweb*.*, iadhide*.* [if necessary to locate other program!]
Uninstall: Logitech Desktop Messenger [or other program!]
Delete: IadHide4.dll

Comment: :santa
Harmless process widely used among corporations like Hewlett-Packard, Kodak, Logitech, etc.

More Info:
http://www.iamnotageek.com/a/iadhide4.dll.php . . . Scan page to "Removal Instructions:" & click "here" . . .

Be Aware: :cross
iamnotageek.com site is loaded with advertisements!

[RACKnRAIL]

i didn't read all of the posts, but if no one mentioned, move on boot, it is also good for stubborn hard to remove folders, files, and so on. It was someone from here, ZP, that turned me onto this app. I haven't had a need for it in a long time, but it does work very well, for future reference. http://www.snapfiles.com/get/moveonboot.html