Pest Patrol has found a Search Hijacker in Registry and I dont know what to do

G'day ran pest patrol and found a Search Hijacker but I am not sure what to do? My freind always WARNS me not to touch the registry. Pest Patrol Log is inlcuded.

Followed all outlined steps before posting this query.

HijackThis Log is included if this helps. Panda Scan log found a virus but google search says this is harmless (it is located within a pest patrol file) thus I am a little confused about this one, also included. Bit Defender Scan Report found nothing (also included), I ran this after the Panda Scan. I hope this is not to many logs to post most are very short in length. Spybot S & D Scan returned a clean system, use it regularly. Adaware found two tracking cookies (low threat = 3). Microsoft AntiSpyware said system was clean as with Spydoctor. CWShredder found one entry and removed it (ran first in normal mode with nothing and then in safe mode and it found it, Good Advice?!?)

I try to maintain a secure and clean system but I am still a beginner. I do a fair bit of research to make this a safe surfing vessel and have had most of the apps already installed.

Pest Patrol says it is a low threat but small problems can become very large if not addressed thus any help would be appreciated.

 

Forgot to state have a P4 3.0 GHz, 1 Gig Ram

 

HijackThis, BitDefender, and Panda ActiveScan show nothing to be concerned about.

May be a false Positive by Pest Patrol.

 

I will run Pest Patrol again and note what happens from there, Thanks

 

P.s. so this is no virus to be concerned about and google was right, i.e. it is just a test for Virus Scanners

 

That is correct Eicar is not a virus, but a test file.

 

Ran Pest Patrol again and returned exactly same results any suggestions, new log file added. Identical to prev. one. Does Pest Patrol return false positives often?

 

Go to Add/Remove Programs in the Control Panel, choose the ‘NavHelper’ entry, click ‘Remove’ and restart.

 

Tried but not present within the Add/Remove Programs but is present in registry

 

Look for NavExcel, NavHelper, WildMedia.

If not present:

Download
- Registry Search Tool

Unzip to your Desktop and double click on regsrch.vbs
(if you have script protection, please allow this to run)

In the dialog that opens enter the following:

Press 'OK'

The search will run for a while then alert you when it is finished.

Press 'OK' and copy the contents of the WordPad window and post in this thread

 

Looked for all three and found NavExcel entries. These had been previously removed from the Registry and placed into a seperate from advice recieved from a lot more experienced friend. They were saved into this other folder in case of a false positive and some problem occurred.

 

Pos the contents of this file: C:\\Documents and Settings\\Paul\\Desktop\\NavExcel maybe.reg

 

Here you go. Had to change ot from .reg to .txt as upload was not allowed on this site as a .reg file

 

Yes that is NavExcel.

Remove these registry entries.

[HKEY_USERS\S-1-5-21-1719181666-676789874-3028039142-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*]
"e"="C:\\Documents and Settings\\Paul\\Desktop\\NavExcel maybe.reg"

[HKEY_USERS\S-1-5-21-1719181666-676789874-3028039142-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\reg]
"a"="C:\\Documents and Settings\\Paul\\Desktop\\NavExcel maybe.reg"

Delete NavExcel maybe.reg

 

Thanks for your help, these maybe naive ques, but I am constantly learning

 

No problem.

How is your computer running?

 

As far as spyware this is a very clean machine (no viruses, couple of tracking cookies and that little pest) and overall software very good with all of the better apps' etc., but I am having overheating issues which I have posted in the other forum "Cooling and Modding: thread: P4 3.0 GHz Prescott overheating.

It seems hardware issues, still under warranty so should be serviced after New Year 01/03/06.

Thanks Again