Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Another Annoying Malware[RESOLVED]


  • This topic is locked This topic is locked

#1
Mousie

Mousie

    New Member

  • Member
  • Pip
  • 9 posts
Hello,

I recently got the AZEsearch malware infection. And I have done so much to my knowledge to get rid of it. So far (as it seems), The AZEsearch toolbar is no longer in my internet browser. Adds asking if I want to see explicit items are no longer showing. The annoying desktop saying "INFECTION blah blah blah" is not there either but..here is where there is something wrong. Although I do not have that annoying desktop display. My desktop is now blinking from white to blue. and when I right-click, its like as if I'm right clicking on a website instead of desktop properties. My wallpaper doesnt show up at all. I just get this retarded blinking when Im on my desktop. I have included pics of what (my desktop) looks like its doing and my hijackthis log.

thank you for your time...


Logfile of HijackThis v1.99.1
Scan saved at 12:43:29 AM, on 6/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
F:\WINDOWS\Explorer.EXE
F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
F:\Program Files\Messenger Plus! 3\MsgPlus.exe
F:\WINDOWS\System32\svchost.exe
D:\Desktop\D-Player\Download\SpyWare Removal\HijackThis.exe

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar1.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - F:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [MessengerPlus3] "F:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [STYLEXP] F:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MessengerPlus3] "F:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "F:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Rainlendar.lnk = F:\Program Files\Rainlendar\Rainlendar.exe
O8 - Extra context menu item: &Google Search - res://F:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://F:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://F:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://F:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - F:\PROGRA~1\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - F:\PROGRA~1\GetRight\GRbrowse.htm
O8 - Extra context menu item: Similar Pages - res://F:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://F:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\MSMSGS.EXE (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} (ZoneUpwords Object) - http://messenger.zon...ds.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.co...ad/MsnPUpld.cab
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory....sharingctrl.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory....ap/PhtPkMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.c...ropper1_4us.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - F:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: StyleXPService - Unknown owner - F:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - F:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

Attached Thumbnails

  • crap1.JPG
  • crap2.JPG

  • 0

Advertisements


#2
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,674 posts
In the Control Panel click Display > Desktop > Customize desktop > Website > Uncheck "Security Info"

or disable Active Desktop completely:
http://www.computerh...es/ch000593.htm

Regards,
  • 0

#3
Mousie

Mousie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
oh my goodness. i feel soo stoopid now...totally missed this.

But Thank You soo much! seeing as how this is the only thing you left me with im confident that there isnt anything wrong anymore :tazz:. thanks again for your help
  • 0

#4
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,674 posts
If you cleaned that mess out all by yourself, you should give yourself some more credit. :tazz: ;)

Please have a look at my site for some tips on how to remove and prevent spyware.

Regards,
  • 0

#5
Mousie

Mousie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
:tazz: you're right XD..now I don't feel soo stoopid ;) THANK YOU sooo much ^__^

[this is last reply very busy site ^__^]
  • 0

#6
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,674 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP