I ask you for help because i have done everything without any results :(

What OS are you running? Also, what search assistant? Please describe in more detail what the exact problem is. It would help us figure out how to help you. It also helps if you list the components you have in your computer (cpu, mobo, ram, stock or overclocked, hdd info, etc.).

i expect its some spyware you installed on your computer by accident...usually there could be a way to uninstall it via control panel -> add/remove programs...but sometimes there is no way unless you format..good luck :D

if it links into IE in any way then hijackthis will give you an opportunity to remove it...google 'hijackthis download' for the program, run it, save the log, and post the log here if nothing makes sense to you, and we shall tell you what to delete. If you mean the windowsXP dog thingy...i think u just rightclick on him and you can turn him off.

Hi,
I can't seem to remove SearchAssistant (that's what it calls itself) from my system either. I've scanned and deleted with SpyBot, SpySweeper, AdAware. I am running WinXP Svc. Pack 2, all the updates on a P3 733Mhz system, and have broadband connection with windows firewall.
It keeps wanting to change the search page of IE. Every 30 seconds SpyBot's dialog box comes up asking whether it should allow a value change to the browser page and SpySweeper comes up with an Alert saying IE Hijack Shield has detected a change to IE's default pages, such as the Search page, and whether to "restore" or or "keep new". This has not stopped happening for the last 3 hours. Also instead of going to the default "This page cannot be found" when IE cannot find a page, it goes to a search page.
I had installed MSN Messenger 6.2 with an expansion pack as well as Soulseek day before yesterday. I uninstalled both those today, thinking they might have something to do with this sudden appearance.
Uptil then my computer has been free of spam, adware, malware, and I regularly run checks with all three softwares mentioned before. In this instance they are catching something and I delete it everytime but it doesn't seem to go.
I took your advice on the forum and ran HiJackThis. Here is the log from HiJackThis:

Logfile of HijackThis v1.97.7
Scan saved at 6:15:07 PM, on 9/24/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system\wcdvtray.exe
C:\Program Files\iRiver\iHP100\iHPDetect.exe
C:\Program Files\ATI Technologies\HydraVision\HydraMD.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\SmartDisk\FlashPath\sdstat.exe
C:\Program Files\Nokia\PC Suite for Nokia 3650\connmngmntbox.exe
C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntim e.exe
C:\WINDOWS\system32\devldr32.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\AIM95\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Diran Hafiz\Local Settings\Temporary Internet Files\Content.IE5\W3E1GZSP\HijackThis[1].exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.denison.edu
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.denison.edu
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ServiceLayer] C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [OWCWebCamDV] C:\WINDOWS\system\wcdvtray.exe
O4 - HKLM\..\Run: [iHP-100] C:\Program Files\iRiver\iHP100\iHPDetect.exe
O4 - HKLM\..\Run: [HydraVisionViewport] C:\Program Files\ATI Technologies\HydraVision\HydraMD.exe
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\LaunchPd.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [MtdAcq] C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.EXE /s
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: FlashPath Monitor.lnk = C:\Program Files\SmartDisk\FlashPath\sdstat.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PCSuiteForNokia3650 Detect.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: @btrez.dll,-4015 (HKLM)
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 (HKLM)
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: ppctlcab - http://www.my-etrust.com/includes/pscanner/ppctlcab.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.my-etrust.com/includes/pscanner/axscanner.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {93CEA8A4-6059-4E0B-ADDD-73848153DD5E} (CWebLaunchCtl Object) - http://gateway.cf1live.com/eSupport/static/weblaunch/weblaunch.cab
O16 - DPF: {96FF5E7C-B6AD-4E2F-95BB-993C4FD206FE} (XControlWrapper Class) - http://portal.golinkup.com/linkup/download/xnet.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37795.9727430556
O16 - DPF: {A8658086-E6AC-4957-BC8E-8D54A7E8A790} (GDIChk Object) - http://www.microsoft.com/security/controls/GDI/0/GDIChk.CAB
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab

I've gone through this log and a lot of the entries are program I use. Some I have no clue about.
PLEASE ADVISE!!! I'm desperate to remove this from my computer...

I ask you for help because i have done everything without any results :(

hi, i've got the same problem. I've tried evrything :mad:
spybot, spyhunter, cwshredder, hijackthis and spywareblocklist! and i have tried to remove it in add/remove programmes but it wont let me. Also i think its sending me pop ups and more spyware with its weird toolbar which i cant get rid of either :( I'ts been changeing my hompage to: www.searchweb2.com and i change it back to what i had it as before then next time i open up my internat explorer its back agen :confused: well if anyone can help then please reply..

some spyware just wont come off...usually though...if you look/tried hard enough you might find a way to uninstall...(this happened with me a while ago....i clicked yes to some pop up by accident...and it installed some spyware on my comp...took like hours before i uninstalled it)

but if you feel that you have tried everything...maybe a format is in store...because that is the only way to truely get rid of everything :p

oh felt good to load os on new hd and keep eve-online game i suck at stilll microsofts spyware program works well spybot all other freebee ones remove and then backup the threats so had same problems kinda

My solution to spyware/viruses: write zeroes, format, reinstall. Save what you want to save first, of course, checking to make sure you're not saving the spyware/virus and go. If you don't have a second harddrive to store the "keepers" on, CDs will work. (This of course is assuming that just about everyone has a CD burner in this day and age)

If reformatting isnt an option, boot up in safe mode and run your anti-adware and anti-virus programs. Safe mode prevents anything non essential from loading up; ie, no spyware. With that done, run msconfig (from Start > Run), go to Startup, and remove anything which seems suspicious. CTHELPER, ctfmon, and nwiz tend to be legit. Keep your firewall and AV on startup as well. Take off msnmsgs and qttask while you're there.

First of all Hijack this should be downloaded to and run from a separate folder. Make a folder HJT and move the program there. Before running the program set Windows up to show all hidden files and system files. There options are found in the Tools>Folder Options> advanced section. The only suspect thing I can see in this scan is O16 - DPF: {96FF5E7C-B6AD-4E2F-95BB-993C4FD206FE} (XControlWrapper Class) - http://portal.golinkup.com/linkup/download/xnet.cab

Sometimes trojans can masquerade as legit programs, look through the log and see if you have all those devices listed, like the Nokia Smart phone, the iRiver mp3 player and a Lexmark printer.