desktop hijack

I have done all of the things you have said to do. I disabled my restore in safe mode as well. I have norton internet security, along with everything else you suggested to download. I am still unable to get rid of the warning on my desktop that talks about all the crap it can help fix and a random popup everyonce in a while saying the same. I can't even click on the properties of any desktop items unless I am in safe mode. I am running windows.

 

Hi zer0gh0st,

If you have run through the Cleanup Tutorial HERE:
READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan and Virus Removal
including the online scans, then go ahead and send us a HijackThis Log. Make sure to follow the instructions below:

Note that your HijackThis should be up-to-date (v1.98.2) and MUST be extracted to its own safe folder – C:\Program Files\HijackThis!

If you need a Fresh Download of HJT, get it HERE: HijackThis 1.98.2

Also note that, before you scan, you MUST close all running programs including your web browser, e-mail and items in the system tray.

Please save your HJT Log as a .txt File and attach it via the "Manage Attachments" tool in the Additional Options section when you post.

Somebody will take a look when they get a chance.

Best luck
PP

 

Ok, here is my hijack this file.

 

Hi Zer0gh0st,

AFTER we get you cleaned up, you MUST go to Windows Updates and get Updated. You are Waaay behind!!

Please look in Add or Remove Programs for the following and Uninstall them if found:

MyWebsearch
MySearch
MyBar

Please print out these instructions so that you can operate with All Browser Windows CLOSED.

Please make sure System Restore is OFF and the Viewing of Hidden Files is Enabled as per the tutorial.


Now scan with HijackThis and Check the Boxes for the following:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search-control.com/search.cgi?id=224

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search-control.com/search.cgi?id=224

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {A78860C8-EE1A-46DF-A97F-E3E6D433E80B} - (no file)

O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-7173706D1316} - C:\WINDOWS\System32\spm1316.dll

O3 - Toolbar: Search Toolbar - {9EAC0102-5E61-2312-BC2D-544243544243} - C:\WINDOWS\System32\TBC.dll
O4 - HKCU\..\Run: [Xzpuj] C:\WINDOWS\System32\w?nlogon.exe

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk12741US

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

Again, make sure All Browser Windows are Closed when you Click FIX.

Now boot into Safe Mode and navigate to and DELETE the following if they remain:

C:\WINDOWS\System32\w?nlogon.exe
C:\WINDOWS\System32\TBC.dll
C:\WINDOWS\System32\spm1316.dll

Reboot to Normal Windows and Scan with HijackThis and attach that log. Let me know of any problems you may have encountered with the above instructions and how your computer is running now.

Best luck
PP