Home Search Assistant...

Status
Not open for further replies.
M

mhopeck

Posts: 17   +0
I can't uninstall the Home Search Assistant and SearchExtender and Shopping Wizard...when I click to remove them from the Add/Remove Programs window, they all come up with this...

Unable to open "http://looking-for.cc/uninstall/HomeSearchAssistant.html".

Unable to open "http://looking-for.cc/uninstall/SearchExtender.html".

Unable to open "http://looking-for.cc/uninstall/ShoppingWizard.html".

I'm pretty sure these programs aren't supposed to be there because I just recently formatted the hard drive and started everything over from scratch...I just don't know where they came from or how to get rid of them. If someone could point me in the right direction, I would greatly appreciate it.

Thanks, Matt
 
edit: According to http://www.computing.net/security/wwwboard/forum/12346.html Adaware 6.0 has an update that takes care of these. Please try that first.

I went to the pages myself... (Were you connected to the 'net when you did this?)

http://looking-for.cc/uninstall/SearchExtender.exe

Is a direct URL to what they claim to be the searchextender removal tool. See below first, but if that fails download these "tools" to try to fix this...

http://looking-for.cc/uninstall/HomeSearchAssistant.exe

For HomeSearchAssistant.

I'm gonna save myself time, and guess the last one is

http://looking-for.cc/uninstall/ShoppingWizard.exe

One thing I would definately suggest is downloading Spybot Search & Destroy from security.kolla.de and Adaware 6.. both do an excellent job of hunting down and removing such things.

Also see http://www.computing.net/security/wwwboard/forum/12346.html

Hope this helps.
 
currently, i am using both spybot - search & destroy and ad-aware, AND an additional Spyware Doctor for additional support, and so far this threat has not been tamed...
 
When you use these, though, be sure you download the most recent updated definitions.

You need to be sure you're using Spybot S&D 1.3, as 1.2 is no longer being updated. It was rather abruptly dropped, I thought... caught many of my machines unawares.

Have you tried the uninstallers above? Judging by the questionability of the product to start with, I somewhat doubt that they'll work, but they may not be too bad of a thing to try.

Also, what Anti-Virus are you using?
 
I've been updating through the programs almost every time I use them and I use them quite frequently, and still no go on getting rid of these "things". I am using AntiVir Version 6, that I got from Majorgeeks.com as my antivirus. I was thinking about using HijackThis! or whatever that program is I've seen on most messageboards, but I don't want to ruin my computer. As far as trying the websites associated with these files, well, first I wouldn't trust it from the start just because, and second I did try the first one, and nothing happened at all. I would try again, but I'm not so sure that's a good idea. What do you think about the HijackThis! program?
 
i have the same problem. i have ad-aware 6.0 and McAfee virus scan and neither have helped. i tried the links posted to unistall the programs, but all of them failed to work. is there anything else i can do?
 
1. Be sure your adaware definitions are up to date.

2. Have you tried Spybot Search & Destroy? It does a good job, and is a compliment to Adaware.

3. If all else fails, get Hijack this from the web, and post your log here, we'll try to help you.

PS- Welcome to Techspot!! :wave:
 
I have run Ad-aware, CWShredder and Spybot.
this is my hijackthis log:

Logfile of HijackThis v1.98.2
Scan saved at 2:59:04 PM, on 08/09/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\D3IV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\NETZV32.EXE
C:\WINDOWS\SYSTEM\CWMCWI.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\LOXIL.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSFTSN.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\MY DOWNLOAD FILES\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jtduj.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\jtduj.dll/sp.html#28129
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\jtduj.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jtduj.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\jtduj.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\jtduj.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
F1 - win.ini: run=hpfsched
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Class - {B2A5EACF-0437-872B-EC15-4F5DA5CE403A} - C:\WINDOWS\SYSTEM\NETFS.DLL
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Hidserv] Hidserv.exe run
O4 - HKLM\..\Run: [Keyboard Manager] C:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NETZV32.EXE] C:\WINDOWS\NETZV32.EXE
O4 - HKLM\..\Run: [qdhbujasht] C:\WINDOWS\SYSTEM\cwmcwi.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe /embedding
O4 - HKLM\..\RunServices: [D3IV.EXE] C:\WINDOWS\D3IV.EXE
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [Vaje] C:\WINDOWS\SYSTEM\loxil.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Event Reminder.lnk = C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE
O4 - Startup: PowerReg Scheduler V3.exe
O4 - User Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - User Startup: Event Reminder.lnk = C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE
O4 - User Startup: PowerReg Scheduler V3.exe
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com
O16 - DPF: {869F3BBC-A812-4D13-A93B-7B3FC816DCD5} (McAfee.com Updater) - http://download.mcafee.com/molbin/clinic/virusscan/mcasupd.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,76/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,16/mcgdmgr.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/28881e28f40c0047e400/netzip/RdxIE601.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab
 
You need to end the following processes first:
C:\WINDOWS\SYSTEM\LOXIL.EXE
C:\WINDOWS\NETZV32.EXE
C:\WINDOWS\SYSTEM\CWMCWI.EXE
C:\WINDOWS\D3IV.EXE

Then fix the following entries:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jtduj.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\jtduj.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\jtduj.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jtduj.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\jtduj.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\jtduj.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O4 - HKLM\..\Run: [qdhbujasht] C:\WINDOWS\SYSTEM\cwmcwi.exe
O4 - HKLM\..\RunServices: [D3IV.EXE] C:\WINDOWS\D3IV.EXE
O4 - HKCU\..\Run: [Vaje] C:\WINDOWS\SYSTEM\loxil.exe
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab

I also see the netzv32. If you use NetZero for an ISP, I would leave it. Otherwise, I would consider removing this entry as well. A google for that file got NOTHING.

Hope this helps.
 
I hope someone can help me, I can not use the search button from my address bar. Each time I try the window opens, I have the customize option which does nothing, and the window is blank.
What can I do?
 
help me

here is my log for hijack this...someone please tell me what I need to get rid of and how to do it...I've been struggling with my computer for 2 weeks now
 

Attachments

  • hijackthis.txt
    2.3 KB · Views: 5
Help me..

Hey, I think I got rid of home search by running those programs. But search extender and search revelency are still in my add/remove programs list.

Any way I can delete them?

Heres my nice clean log...attached at bottom

Well I hope you guys can help me fix this crap.

And by the way. My homepage is google, I got home search to stop showing up but I still have search extender and search revelency but I get the "only the best" pop-ups still. puke:

My homepage keeps going back to about:blank
 

Attachments

  • Hijackthis.txt
    1.5 KB · Views: 9
Get rid of these as well:
C:\WINDOWS\system32\ipgv32.exe
C:\WINDOWS\system32\sysyk32.exe

O2 - BHO: (no name) - {D729152E-DC8A-1818-A137-A22D8D05AA26} - C:\WINDOWS\system32\appms32.dll
O4 - HKLM\..\Run: [sysyk32.exe] C:\WINDOWS\system32\sysyk32.exe
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O15 - Trusted Zone: *.frame.crazywinnings.com
 
please help!!!!!!!!!!!!!!!

got hit by the home search assistant. have no idea how to get rid of it and have tried nothing thus far...two days now. please help! here's my hijackthis log!
 

Attachments

  • hijackthis.zip
    2.7 KB · Views: 21
geoffworks76

Platform: Windows 2000 SP2 (WinNT 5.00.2195)
You should really update your W2000 to SP4.

Uninstall this junk:
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"

Let HJT fix these:
C:\WINNT\msac.exe
C:\WINNT\atlly.exe
C:\Documents and Settings\Administrator\Application Data\uhct.exe
C:\WINNT\System32\l?***.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\lelyy.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\lelyy.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\lelyy.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\lelyy.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\lelyy.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\lelyy.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\lelyy.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {766A46B0-7120-19A8-47E6-092E66C96EB7} - C:\WINNT\atlxj32.dll
O4 - HKLM\..\Run: [atlly.exe] C:\WINNT\atlly.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKCU\..\Run: [Ltcu] C:\Documents and Settings\Administrator\Application Data\uhct.exe
O4 - HKCU\..\Run: [Hymrwma] C:\WINNT\System32\l?***.exe
O4 - HKCU\..\Run: [Tsa2] C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.xxxtoolbar.com
O16 - DPF: DigiChat Applet - http://vdo-lax-002.cnshosting.net/DigiChat/DigiClasses/Client_IE_5_0_1_3.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://activation.rr.com/install/download/tgctlcm.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - https://support.gateway.com/support/profiler//PCPitStop.CAB
O16 - DPF: {10000000-1000-0000-1000-000000000000} - file://C:\Program Files\Internet Explorer\nebefflc.exe
O16 - DPF: {11111111-1111-1111-1111-222222222222} - ms-its:mhtml:file://d:\foo.mht!http://008i.com/pic//28129.chm::/open.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...b743482bfaec:0a002003c3f6d5950937c6314a45eb37
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_adult.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/149a2ee102396ead1223/netzip/RdxIE601.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.infuzer.com/IDC/client/player/isetup.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup152.cab
 
Help

Okay, heres my log. You guys told me to remove...

"Get rid of these as well:
C:\WINDOWS\system32\ipgv32.exe
C:\WINDOWS\system32\sysyk32.exe"


I went under msconfig and went to startup and de-checked those items. Also went under running processes and stopped them. Then cleared all the suspicious stuff and the stuff you told me from my HiJackThis. I pulled the plug on my computer. But when I turned it back on, I still had the crap. And I went under msconfig, and another suspicious .exe was running this time, they were different everytime I restarted, like..sdkws32.exe, sysyk32.exe, is there anyway of deleted those processes from that window too?

Ill keep my computer on til about 9' tonight. So if you could just get back me me on what I need to do.

:chef:

heres my log.

I already know to delete the repeating HKCO and HKLM, but they come back.

help me please!

I just ran aboutbuster. if that makes any difference....
heres yet another log...
 

Attachments

  • Hijackthis.txt
    2.7 KB · Views: 7
Avg Scan

From now on, you should tell people to do the AVG Scan, nothing with HJT or anything, it works great, just examaine the found viruses, then delete them if possible. maybe even google the names if you have to. Thats'll all what i stopped all the virusesd processes, ran AVG, and its gone. 1 try..
 
Status
Not open for further replies.

Similar threads

A
Google rolls out new shopping tools in Search and Chrome
Replies
1
Views
246
Theinsanegamer
T
E
Hackers can access your private, encrypted AI assistant chats
Replies
7
Views
289
erickmendes
erickmendes
D
Google is changing how it shows search results to European users
Replies
1
Views
185
Mr Majestyk
M

Latest posts

Back