Go Back   Computer Forums > General Computing > Hardware
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 04-06-2005, 05:17 PM   #1
Beta Member
 
Join Date: Apr 2005
Posts: 3
Default azasearch

hi, having problems with this nasty program...

Logfile of HijackThis v1.99.1
Scan saved at 22:17:05, on 06/04/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Google\Gmail Notifier\G001-1.0.24.0\gnotify.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\System32\ESB.exe
C:\WINDOWS\System32\4mtcsb.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\SETI@home\SETI@home.exe
C:\WINDOWS\System32\?ttrib.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Ollie\Desktop\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
O1 - Hosts: 69.50.166.11 www.google.com
O1 - Hosts: 69.50.166.11 google.com
O1 - Hosts: 69.50.166.11 www.google.co.uk
O1 - Hosts: 69.50.166.11 google.co.uk
O1 - Hosts: 69.50.166.11 www.google.ca
O1 - Hosts: 69.50.166.11 google.ca
O1 - Hosts: 69.50.166.11 www.google.es
O1 - Hosts: 69.50.166.11 google.es
O1 - Hosts: 69.50.166.11 www.google.de
O1 - Hosts: 69.50.166.11 google.de
O1 - Hosts: 69.50.166.11 www.google.fr
O1 - Hosts: 69.50.166.11 google.fr
O1 - Hosts: 69.50.166.11 www.google.com.au
O1 - Hosts: 69.50.166.11 google.com.au
O1 - Hosts: 69.50.166.14 www.yahoo.com
O1 - Hosts: 69.50.166.14 yahoo.com
O1 - Hosts: 66.218.75.184 mail.yahoo.com
O1 - Hosts: 69.50.166.12 www.msn.com
O1 - Hosts: 69.50.166.12 msn.com
O1 - Hosts: 69.50.166.12 search.msn.com
O1 - Hosts: 69.50.166.12 www.go.com
O1 - Hosts: 69.50.166.12 go.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\apps\Adobe\Acrobat 5.1\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: AddressBar Class - {1474CE44-8057-4AE3-8F3E-ED37C7C63D8A} - C:\WINDOWS\system32\iasad.dll
O2 - BHO: (no name) - {8108E830-5E8A-265F-8F9E-76A2DDA968E3} - C:\WINDOWS\System32\vynhhh.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.24.0\gnotify.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [ESB] C:\WINDOWS\System32\ESB.exe
O4 - HKLM\..\Run: [4mtcsb] C:\WINDOWS\System32\4mtcsb.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [seticlient] C:\Program Files\SETI@home\SETI@home.exe -min
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [PicoZip] C:\Program Files\PicoZip\PicoZipTray.exe
O4 - HKCU\..\Run: [Pldo] C:\Documents and Settings\Ollie\Application Data\othi.exe
O4 - HKCU\..\Run: [Xwlpel] C:\WINDOWS\System32\?ttrib.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite...ITDetector.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by2fd.bay2.hotmail.msn.com/activex/HMAtchmt.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG6 Service (AvgServ) - GRISOFT s.r.o - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe



any help or advice is much appreciated!
__________________

Ollie1 is offline   Reply With Quote
Old 04-09-2005, 01:50 PM   #2
Beta Member
 
Join Date: Apr 2005
Posts: 3
Thumbs up

any help?
__________________

Ollie1 is offline   Reply With Quote
Old 04-09-2005, 07:05 PM   #3
Golden Master
 
Kage's Avatar
 
Join Date: Nov 2004
Posts: 13,873
Send a message via MSN to Kage
Default Re: azasearch

I can't really make any sense of that to help... What program is the problem?
__________________
Abit IP35 Pro / Q6600 G0 / Zalman 9700 / 8800GTS 640mb / 4x 2GB Corsair XMS / X-FI Xtreme M / 1x 1TB / Antec 900 / Logitech Z-5500 / Samsung 20inch
Kage is offline   Reply With Quote
Old 04-10-2005, 07:26 AM   #4
Beta Member
 
Join Date: Apr 2005
Posts: 3
Default Re: azasearch

the toolbar azasearch that i accidently downloaded (i know; stupid!) seems to be causing the problems...
Ollie1 is offline   Reply With Quote
Old 04-10-2005, 01:42 PM   #5
Golden Master
 
Kage's Avatar
 
Join Date: Nov 2004
Posts: 13,873
Send a message via MSN to Kage
Default Re: azasearch

Have you used Spybot Search and Destroy?

Download it free at:

http://www.safer-networking.org/en/download/

Its a very good spyware detector and deletes them no problems too. There are also many tools within the programt hat can help with spyware, with regular updates. That will get rid of it

Hope this helps
__________________
Abit IP35 Pro / Q6600 G0 / Zalman 9700 / 8800GTS 640mb / 4x 2GB Corsair XMS / X-FI Xtreme M / 1x 1TB / Antec 900 / Logitech Z-5500 / Samsung 20inch
Kage is offline   Reply With Quote
Old 04-10-2005, 01:54 PM   #6
Fully Optimized
 
99nasha's Avatar
 
Join Date: Aug 2004
Posts: 2,995
Default

Or ad-aware. \http://www.download.com/3000-2144-10...age&tag=button
99nasha is offline   Reply With Quote
Old 04-10-2005, 03:24 PM   #7
Wizard of Wires
 
setishock's Avatar
 
Join Date: Feb 2005
Location: Not sure
Posts: 10,030
Default Ok...

Before you run another thing disable the restore points. The nasties like to hide out in the restore points.
Disclaimer: Disabling the restore points will delete them.
setishock is offline   Reply With Quote
Old 04-10-2005, 05:10 PM   #8
Daemon Poster
 
Techy Geek's Avatar
 
Join Date: Feb 2005
Posts: 1,320
Send a message via MSN to Techy Geek
Default Re: azasearch

Quote:
Originally Posted by Kage
Have you used Spybot Search and Destroy?

Download it free at:

http://www.safer-networking.org/en/download/

Its a very good spyware detector and deletes them no problems too. There are also many tools within the programt hat can help with spyware, with regular updates. That will get rid of it

Hope this helps
dont, i installed it and it deleted some important system files and i had to back up data, wipe hard drive and re-install windows
__________________
"If I seem to act unkind, its only me and not my mind" I Want To Tell You, The Beatles, Revolver
"When I am king, you will be first against the wall" Paranoid Android, Radiohead, OK Computer
There are two types of people, those who hate Microsoft, and those who work for it...
Possibly a Mac Convert
Techy Geek is offline   Reply With Quote
Old 04-11-2005, 04:21 AM   #9
Golden Master
 
Kage's Avatar
 
Join Date: Nov 2004
Posts: 13,873
Send a message via MSN to Kage
Default Re: azasearch

:O Its a great program. For one thing, it has never deleted my internet connection leaving me with only one option, to use system restore because Adaware does this to me when I use it. Maybe not the first time it cleans, but the 2nd or 3rd or even 4th. Pretty deadly, and that is why I don't say it just incase it happens to someone else. It doesn't seem to like the NTL broadband connection and tried everythnig to get it back with only system restore to turn to...

As for Spybot giving you ptroblems. you obviosuly selected something you shouldn't have, as it's very stable. It has a few tools that might do what you've said if not looked after properly yes, for example the tea timer which protects from hackers and spyware from even getting on your manchine in the first place, and clean up functions with settings to mess with. You just need to watch, like with any program what you press!

Use both though if you have to, and I'm not trynig to scare you away from any of the programs. Its just you have to be careful and trust that the program will do just right to your machine. I'm sure most people wouldn't get any of these problems.

and yes disable system restore and then after deleting them, make another restore point without them.
__________________

__________________
Abit IP35 Pro / Q6600 G0 / Zalman 9700 / 8800GTS 640mb / 4x 2GB Corsair XMS / X-FI Xtreme M / 1x 1TB / Antec 900 / Logitech Z-5500 / Samsung 20inch
Kage is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 03:46 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0