Home Search Assistant removal

Computing.Net > Forums > Windows Me > Home Search Assistant removal

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

Home Search Assistant removal

Name: sniddsta
Date: November 25, 2004 at 20:03:35 Pacific
OS: windows ME
CPU/Ram: Intel Pentium 3

Comment:

I need help removing Home Search Assistant. Someone plz show me how i can. my Hijack This results were these.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system\yvfyu.dll/sp.html#11111
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\yvfyu.dll/sp.html#11111
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system\yvfyu.dll/sp.html#11111
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system\yvfyu.dll/sp.html#11111
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\yvfyu.dll/sp.html#11111
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system\yvfyu.dll/sp.html#11111
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system\yvfyu.dll/sp.html#11111
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
O2 - BHO: Class - {10B5455C-E366-44EC-C21E-935B3E2831BF} - C:\WINDOWS\SYSTEM\MFCGH.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [OEMRUNONCE] c:\windows\options\cabs\oemrun.exe
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [BCMDMMSG] BCMDMMSG.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.exe
O4 - HKLM\..\Run: [InkWatch] C:\PROGRA~1\GATEWAY\GATEWA~2\INKWATCH.exe
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.exe /LOADQUIET
O4 - HKLM\..\Run: [WUSB11B.exe] C:\Program Files\WUSB11 WLAN Monitor\WUSB11B.exe
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [Windows AdControl] C:\PROGRAM FILES\WINDOWS ADCONTROL\WINADCTL.exe
O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [CRWD.EXE] C:\WINDOWS\CRWD.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [GoBack Polling Service] C:\Program Files\Adaptec\GoBack\GBPoll.exe
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\COMMON~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.exe
O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.exe"
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe
O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinject.exe
O4 - HKLM\..\RunServices: [GhostStartService] C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON GHOST\GHOSTSTARTSERVICE.exe
O4 - HKLM\..\RunServices: [ADDRB32.EXE] C:\WINDOWS\ADDRB32.exe
O4 - HKLM\..\RunServices: [MFCUI.EXE] C:\WINDOWS\MFCUI.exe
O4 - HKLM\..\RunServices: [NETOS32.EXE] C:\WINDOWS\NETOS32.exe
O4 - HKLM\..\RunServices: [CRVD32.EXE] C:\WINDOWS\SYSTEM\CRVD32.exe
O4 - HKLM\..\RunServices: [D3AT.EXE] C:\WINDOWS\SYSTEM\D3AT.exe
O4 - HKLM\..\RunServices: [SDKAA32.EXE] C:\WINDOWS\SDKAA32.exe
O4 - HKLM\..\RunServices: [NETUX32.EXE] C:\WINDOWS\SYSTEM\NETUX32.exe
O4 - HKLM\..\RunServices: [IPXH32.EXE] C:\WINDOWS\SYSTEM\IPXH32.exe
O4 - HKLM\..\RunServices: [SYSDI.EXE] C:\WINDOWS\SYSTEM\SYSDI.exe
O4 - HKLM\..\RunServices: [IEAB.EXE] C:\WINDOWS\IEAB.exe
O4 - HKLM\..\RunServices: [APPSU.EXE] C:\WINDOWS\SYSTEM\APPSU.exe
O4 - HKLM\..\RunServices: [APPQK.EXE] C:\WINDOWS\APPQK.exe
O4 - HKLM\..\RunServices: [JAVAHK32.EXE] C:\WINDOWS\JAVAHK32.exe
O4 - HKLM\..\RunServices: [MSAX.EXE] C:\WINDOWS\MSAX.exe
O4 - HKLM\..\RunServices: [D3CL.EXE] C:\WINDOWS\SYSTEM\D3CL.exe
O4 - HKLM\..\RunServices: [IEET32.EXE] C:\WINDOWS\IEET32.exe
O4 - HKLM\..\RunServices: [WINCZ.EXE] C:\WINDOWS\SYSTEM\WINCZ.exe
O4 - HKLM\..\RunServices: [ATLIB32.EXE] C:\WINDOWS\ATLIB32.exe
O4 - HKLM\..\RunServices: [SYSFF32.EXE] C:\WINDOWS\SYSFF32.exe
O4 - HKLM\..\RunServices: [CRAY.EXE] C:\WINDOWS\SYSTEM\CRAY.exe
O4 - HKLM\..\RunServices: [NTHP32.EXE] C:\WINDOWS\SYSTEM\NTHP32.exe
O4 - HKLM\..\RunServices: [SDKFX.EXE] C:\WINDOWS\SDKFX.exe
O4 - HKLM\..\RunServices: [APPAE.EXE] C:\WINDOWS\SYSTEM\APPAE.exe
O4 - HKLM\..\RunServices: [APIJE.EXE] C:\WINDOWS\SYSTEM\APIJE.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Tsa2] C:\PROGRAM FILES\COMMON FILES\TSA\TSM2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.exe" /background
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.exe
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR.DLL/cmtrans.html
O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - (no file) (HKCU)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://cgi.verizon.net/bookmarks/bmredir.asp?region=west&bw=dsl&cd=4.0&bm=ho_home
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/3022fdc56ab33221f219/netzip/RdxIE601.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=9eafaeb2a8e2a9518112bc6e0cedee1552dd4ecb1dd748bcf1cf4d42ced1394245b14c137e17952f3a6abadc3d36297b2b37:b70ac5aa8ec48e2e58a29296baabe1d6

Sponsored Link

Ads by Google

Response Number 1

Name: johnr
Date: November 26, 2004 at 03:18:08 Pacific

Reply:

For a start, there are numerous requests/instructions NOT to post HJT logs unless specifically asked. Secondly, if you'd made the effort to read other posts you'd know that HJT offer a site where you can post your log & get an immediate free response to the most likely problems - you have a lot by the way. I'll let you spend 2 minutes looking through a few other posts to find the link.
"I know that I'm mad - I've always been mad..."

Response Number 2

Name: S_force
Date: December 20, 2004 at 14:20:06 Pacific

Reply:

the fastest way that i have found is to use CWShredder it is in with spy subtract pro or you can get it from downloads.com. install it and then press the fix button. Once it is done quickly pull the power cord out of the wall or the back of your computer. I have been hit with this virus 3 tiimes now.

Sponsored Link

Ads by Google

acrobat assistant remove C:/program files/verizon online/bin/mad.exe search assistant ctfmon	remove gala search HJT offer a site where you can post your log & get an immediate free respon my way search assistant removal instructions
See More

trojen viruses keep comin...

ME to XP

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Windows Me Forum Home

Sponsored links

Ads by Google

Results for: Home Search Assistant removal

CWS_NS3 and qttask.exe

Summary

www.computing.net/answers/windows-me/cwsns3-and-qttaskexe/44290.html

a-search.biz start page IE?!!?

Summary

www.computing.net/answers/windows-me/asearchbiz-start-page-ie/44076.html

Help! My Web Search

Summary

www.computing.net/answers/windows-me/help-my-web-search/44140.html

From the Geek Dictionary
MOBO - In high-tech, MOBO is a slang term for motherboard, the main circuit board ...

Ask a Question!

Weekly Poll
What do you think of the new preview of Chrome OS?

Poll Finishes In 6 Days.
Discuss in The Lounge
Poll History

Recent Posts
quit working

Best CD/DVD Printers

pc powers on but no boot

need mouse

After an XP reinstall, backup drives go RAW

All Awaiting Reply

Tom's News
Woman Tracks Down Club Attacker on Facebook

Geolocation Functions Come to Twitter

New Craigslist Trend: Trade Sex for Rent?

Law Firm Investigates MS Over Xbox Live Bans

Amazon Charges $25 for Palm Pixi and $80 for Pre

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE