Nova Knowledgebase
Search:     Advanced search
Browse by category:
Glossary
Nova Knowledgebase / Troubleshooting / Quick Launch settings are not saved; Search Assistant Toolbar in Taskbar

Quick Launch settings are not saved; Search Assistant Toolbar in Taskbar
Print
Views: 554
Votes: 0

Quick Launch settings are not saved; Search Assistant Toolbar in Taskbar

If you see a Search Assistant Toolbar in the Taskbar, it might be due to a malware named BlazeFind. Quick Launch bar may be missing on every reboot or the Quick Launch sort order may not be maintained. Your ALT-Text here

These symptoms are caused by this Malware. This page discusses the preliminary steps required to remove this Desk band object, before running spyware removal tools.

Phase I  -  Removing the Search Assistant Toolbar from the Taskbar

Click Start, Run and type this command exactly as given and press Enter:

regsvr32 /u "%Systemroot%\System32\omniband.dll"

This uninstalls the Search Assistant Desk Band settings in the registry. Next, rename the file omniband.dll to old_omniband.dll and reboot Windows.


Note: The module name was determined by this program named deskbands.exe. This tiny utility which I wrote, enumerates all the Desk Band objects from the registry and just lists them with the corresponding DLL names.


Phase II  -  Fixing a registry entry which causes the Quick Launch issue (not retaining the settings)

Click Start, Run and type REGEDIT. Navigate to:

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ WindowsNT \ CurrentVersion \ Winlogon

In the right-pane, change the value of Userinit to "C:\WINDOWS\system32\userinit.exe,"

Type the above value exactly as given, including the comma - exclude the quotes. Also, change the path to userinit.exe appropriately if Windows is installed in a different drive.

Close Registry Editor and restart Windows. The Quick Launch settings should be retained now.

Phase III - Removing the Malware from the system

Follow the advice here and run all the tools documented in this page. Be sure to update them before scanning!

Unable to logon to Windows after removing BlazeFind using a spyware removal utility? 

Logon - Logoff loop, also caused by BlazeFind

Another critical symptom caused by this malware: This malware modifies the Userinit area in the registry (replacing the userinit.exe with wsaupdater.exe) and Ad-Aware (with a particular definition update) removes the wsaupdater.exe file from the system, thus causing the Logon - Logoff loop. That is, when you login to Windows, the 'loading personal settings" verbose will appear, but suddenly it will logoff. This issue was documented clearly by Lavasoftusa in it's Lavahelp Knowledgebase. 

Here is the solution to the logon - logoff issue in Windows XP.

Enter the Recovery Console

Boot the system using the Windows XP CD-ROM. In the first screen when the Setup begins, read the instructions press "R" (in the first screen) enter the Recovery Console. Type-in the built-in Administrator password to enter the Console. You'll see the prompt reading C:\Windows (Or any other drive-letter where you've installed XP) 

Type the following command and press Enter.

CD SYSTEM32
(If that does not work, try CHDIR SYSTEM32)

COPY USERINIT.EXE WSAUPDATER.EXE

Quit Recovery Console by typing EXIT and restart Windows.

You'll be able to login successfully as you've created the wsaupdater.exe file (now, a copy of userinit.exe)

Now, change the USERINIT value in the registry (see Phase II in this page) and change it accordingly.


NOTE    If you don't have a Windows XP CD-ROM, you need to use Windows XP Setup floppy disks to enter the Recovery Console.
Others in this Category
document How Spam Works?
document Why the AntiSpam Don't Block all Spam?
document Difference Between Regular Mail and Electronic Mail?
document Access to the current record is denied. Validate your permission
document Computer is not responding
document Email Communication Problems
document Bad weather preparation for your PC
document Outlook Web Access - Red X in Body Section
document How to troubleshoot missing network connections icons in Windows Server 2003 and in Windows XP
document Mac OS X 10.1 or later: How to Connect to Windows File Sharing (SMB)
document Connecting Macintosh OS X 10.3 and Higher Clients to a Windows Small Business Server 2003 Network
document What is InstallShield Update Manager
document How Do I Install or Uninstall The Software Manager?
document How do I check my Software Version?
document Error 1603: Cannot install Flash Player 7
document The current time on this computer and the current time on the network are different. For more information about Date/Time Properties, see Help and Support. To log on, contact your system administrator.
document How to Merge Vendors in QuickBooks
document This portion of the Remote Web Workplace requires the Microsoft Remote Desktop ActiveX Control. Your browser's security settings may be preventing you from downloading ActiveX controls. Adjust these settings, and try to connect again.
document The installation source for this product is not available. Verify that the source exists and that you can access it.
document Missing DVD/CD ROM Drive
document Error Message: Cannot Install Hardware. An Error Occurred During the Installation of the Device
document How to cancel printing or to delete a print job that is stuck in the print queue in Windows XP
document This file does not have a program associated with it for performing this act
document This operation has been cancelled due to restrictions in effect on this computer.
document Registry Edits for Windows XP "Tweaks and Tips"
document When Performing Windows Updates Error number: 0×80070424


Powered by KBPublisher (Knowledge base software)