Can't Get Rid of Search Extender/Search Assistent/Shopping Wizard!! Help!!!

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

homeybear300

Thread Starter
Joined
Dec 28, 2005
Messages
5
Thus, far Tech Support Guy has been fantastic in helping me get rid of a bunch of malware. I've run Smitrem, Cleanup!, etc. and all have helped bring my computer back to normal.

However....I still can't get rid of 3 programs that are still in my Add/Remove programs list. These are: Home Search Assistent, Search Extender and Shopping Wizard. All three are sitting in my Add/Remove programs but whenever I try to remove them I get redirected to a site called:

looking-for.cc/smartfinder/uninstall/HomeSearchAssistant.html

and it tells me to download a file. I doubt that's a good idea.

How can I ever get rid of these three programs? My HJT file is below for your review...

Logfile of HijackThis v1.99.1
Scan saved at 11:40:29 PM, on 12/28/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Apoint\Apntex.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\pcsqx.dll/sp.html#77035%resultposition.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {1D255CCE-1BDB-DEAC-531F-056830B8A8D0} - C:\WINDOWS\system32\d3qy32.dll (file missing)
O2 - BHO: (no name) - {220FF4C9-5EE9-4DB3-B45E-BC6BA5197D0A} - C:\WINDOWS\system32\jnme.dll (file missing)
O2 - BHO: Class - {3AEB4A53-5AC6-45A2-CC21-455FE967B86C} - C:\WINDOWS\sysaf32.dll (file missing)
O2 - BHO: Class - {45801EA8-DEC5-6EE5-3993-E3BBE16B429D} - C:\WINDOWS\system32\addzy32.dll (file missing)
O2 - BHO: Class - {47E4FBDB-C8BA-4CC0-1F4B-2FD2601D0930} - C:\WINDOWS\system32\msnm.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Class - {53EB571E-DF9B-C0FE-846E-402B5896036A} - C:\WINDOWS\mske.dll (file missing)
O2 - BHO: Class - {572CC3BC-F47C-72F9-991D-07F17112FD33} - C:\WINDOWS\system32\windg32.dll (file missing)
O2 - BHO: Class - {719E6513-D632-2EF9-585A-CBABAA0E69DC} - C:\WINDOWS\cren32.dll (file missing)
O2 - BHO: Class - {79E4475A-9E2D-B90A-21E8-77FA3DE0B011} - C:\WINDOWS\system32\msyy.dll (file missing)
O2 - BHO: Class - {8C8960FA-A206-CA3C-2AA1-E1179654EDFA} - C:\WINDOWS\winpt.dll (file missing)
O2 - BHO: Class - {9145FC5B-5E68-A3C0-BB87-B07D6BFAE5AD} - C:\WINDOWS\system32\iebb32.dll (file missing)
O2 - BHO: Class - {A4788C68-2E0A-B762-FBA5-C8CAD0894BFA} - C:\WINDOWS\system32\apibv.dll (file missing)
O2 - BHO: Class - {A7405714-D118-DB1E-B64A-2D6E9FB1AC21} - C:\WINDOWS\system32\d3hm32.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Class - {B32A4F79-97B4-22B1-D6EB-E169E8EB619C} - C:\WINDOWS\atlqz32.dll (file missing)
O2 - BHO: Class - {BAA0D3EB-6EAA-378D-EABD-428A8C6CBCDC} - C:\WINDOWS\ieyq.dll (file missing)
O2 - BHO: Class - {DB1EC062-FA0E-7E65-4CAE-4DB588BE5CF1} - C:\WINDOWS\system32\atlwt.dll (file missing)
O2 - BHO: Class - {DFCA6089-FC42-BEAA-AD1E-45928A767714} - C:\WINDOWS\crcv32.dll (file missing)
O2 - BHO: Class - {E2D8233B-EB51-4A42-F2AA-063A02152A72} - C:\WINDOWS\wincx.dll (file missing)
O2 - BHO: Class - {F5155F20-FF52-9C3B-B02B-CF48E85DA740} - C:\WINDOWS\system32\applb.dll (file missing)
O2 - BHO: Class - {F55C72C0-13B8-E0AC-E025-78ECF4B088BD} - C:\WINDOWS\system32\crlb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [D.tmp] C:\DOCUME~1\JOEMAT~1\LOCALS~1\Temp\D.tmp.exe
O4 - HKLM\..\Run: [E.tmp] C:\DOCUME~1\JOEMAT~1\LOCALS~1\Temp\E.tmp.exe
O4 - HKLM\..\Run: [D.tmp.exe] C:\DOCUME~1\JOEMAT~1\LOCALS~1\Temp\D.tmp.exe
O4 - HKLM\..\Run: [E.tmp.exe] C:\DOCUME~1\JOEMAT~1\LOCALS~1\Temp\E.tmp.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1125808267405
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {D99516A4-D3D9-4076-BF6B-D4FB0E4DE3B2} - http://www.dealmaven.com/products/fa...astTrackXL.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\apiwp.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top