Go to Add or Remove Programs and uninstall:
- Enhanced search
- Help Features
- Help Finder
- IE Win-enhancer
- J2SE Runtime Environment 5.0 Update 10
- Zupdate
.
----------
Download the
Norton Removal Tool (SymNRT) to your Desktop.
Once downloaded please close ALL open browsers, also save any work because this may require a restart.
- Go to your desktop and double click on the removal tool and then click Setup.
- Once open Click Next
- Accept the license agreement and click Next
- Type in the letters/numbers that you see into the text box then click Next.
- Then click Next and the tool will start running.
- Once finished restart the PC and run the tool again to ensure everything has been removed.
.
----------
Run this
Disable/Remove Windows Messenger to the Desktop to remove
Windows Messenger.
Do not confuse
Windows Messenger with
MSN Messenger because they are not the same.
Windows Messenger is a frequent cause of popups.
Unzip the file on the Desktop. Open the
MessengerDisable.exe and choose the bottom box -
Uninstall Windows Messenger and click
Apply.
Exit out of MessengerDisable then delete the two files that were put on the Desktop.
----------
Open Hijackthis and select
Do a system scan only.
Place a check mark next to the following entries: (if there)
O2 - BHO: (no name) - {B753C7C5-0942-4b7f-BC27-942B52BDAC66} - C:\PROGRA~1\ACCELE~1\StopSign\webcbrowse0.dll (file missing)
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [WinFavorites] c:\program files\winfavorites\WinFavorites.exe1
O4 - HKLM\..\Run: [Media-Search] "C:\Program Files\msnet\v9\msnet.EXE" /H
O4 - HKLM\..\Run: [EarthLink Installer] " /C
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Á³# L"h'þ9Óœð3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\jloivs.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: NOBICYT Service (NOBICYT) - Unknown owner - C:\WINDOWS\system32\Nobicyt.exeImportant: Close all windows except for Hijackthis and then click
Fix checked.
Exit Hijackthis.
----------
Go to
Start > Run and type
Notepad.exe then click
OK.
Copy and paste the following text within the code box into the new
Notepad file.
@ECHO OFF
sc stop NOBICYT
sc delete NOBICYT
sc stop BOONTY
sc delete BOONTY
exit
File and
Save asChoose the Save to location to be the Desktop and for the
File name: type in
fixme.bat making sure that the
Save as type field says
All files.
Next double click
fixservice.bat to run it.
A black box should open and close after a short time, this is normal.
Do not continue until the black box has closedDelete fixservices.bat from the Desktop.
----------
Download
OTMoveIt2 by OldTimerNote: If you are running on Vista, right-click on OTMoveIt2.exe and choose
Run As Administrator.
- Double-click OTMoveIt2.exe to run it.
- Copy the lines in the codebox below.
[/list]
[kill explorer]
C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
C:\PROGRA~1\NORTON~1\navapw32.exe
c:\program files\winfavorites\WinFavorites.exe1
C:\Program Files\msnet\v9\msnet.EXE
C:\WINDOWS\system32\Nobicyt.exe
C:\WINDOWS\jloivs.exe
C:\PROGRA~1\SYMNET~1\SNDWarn.exe
C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe
EmptyTemp
[start explorer]
- Return to OTMoveIt2, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste
- Click the red Moveit! button.
- Copy everything in the Results window (under the green bar) and paste it in your next reply.
- Close OTMoveIt2
.
----------
After the computer has been restarted run a new HijackThis scan and post the log
Also let me know how everything is now.