Help with Azesearch removal!

Discussion in 'Malware Help (A Specialist Will Reply)' started by fiddle, Mar 30, 2005.

  1. fiddle

    fiddle Private E-2

    Hello,

    I've tried almost everything to get this Azesearch off of my computer and nothing seems to help, it just keeps coming back!

    When giving directions please be kind and give directions step by step to me I'm no computer geek :eek:

    My Highjackthis log is as follows: Thanks Fiddle

    Edit by chaslang: Unrequested, Old version, inline log removed
     
    Last edited by a moderator: Mar 31, 2005
    fiddle, Mar 30, 2005
    #1
  2. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    First:
    Please update your version of Hijack This.

    Second:
    Please close ALL browsers while running HJT!

    • C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

    Third:
    Please download HOSTER and then follow the below steps.
    • Unzip Hoster to a convenient folder such as C:\Hoster
    • Run Hoster.exe, click Restore Original Hosts and then click OK.
    • Click the X to exit the program.

    After doing ALL of the above, reboot and post a new log using the new version.
     
    bjgarrick, Mar 30, 2005
    #2
  3. fiddle

    fiddle Private E-2

    Hello bjgarrick,

    Thank you for taking the time to help me out with my problem, below is my new logfile.

    thanks again,
    Fiddle


    Edit by chaslang: Inline log attached. Please attach HJT logs.
     

    Attached Files:

    Last edited by a moderator: Mar 31, 2005
    fiddle, Mar 31, 2005
    #3
  4. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    From now on post your logs as attachments to your post as a .txt or .log file. I will have the first log removed as its no good and the second converted into an attachment.

    Allow me a moment to check it!
     
    bjgarrick, Mar 31, 2005
    #4
  5. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Scan with HijackThis and Check the Boxes for the following:

    Make sure All Browser Windows are Closed when you Click FIX.

    O16 - DPF: {D40D5025-F883-4922-A57D-A280223B7153} (WatchOCX.WatchX) - http://www.watchsatellite.tv/members/WatchOCX.CAB
    O16 - DPF: {9EFE1D39-7CDF-4B3E-B862-02F8F7E56317} (WatchOCX.WatchX) - http://www.watchsatellite.tv/members/WatchOCX.CAB
    O16 - DPF: {6BE748EB-9B03-46B1-9890-90EBC2492495} (WatchOCX.WatchX) - http://www.watchsatellite.tv/members/WatchOCX.CAB
    O16 - DPF: {81101DA5-EF80-4FEB-8028-55C333920B70} (WatchOCX.WatchX) - http://www.watchsatellite.tv/members/WatchOCX.CAB
    O16 - DPF: {B2642D01-57CA-4C99-B844-938BD1FA518A} (WatchOCX.WatchX) - https://www.watchsatellite.tv/members/WatchOCX.CAB
    O16 - DPF: {956E0572-0E6D-4254-B472-359420BE468E} (WatchOCX.WatchX) - https://www.watchsatellite.tv/members/WatchOCX.CAB
    O16 - DPF: {63C4C187-E23F-4A20-898C-62CAF22335F8} (WatchOCX.WatchX) - https://www.watchsatellite.tv/members/WatchOCX.CAB
    O16 - DPF: ChatSpace Full Java Client 3.1.0.235 - http://chat.ccwerks.net:8041/Java/cfs31235.cab
    O16 - DPF: ConferenceRoom Java Client - http://java.irc.liveharmony.org:8080/java/cr.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/...all/xscan53.cab
    O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://www.webcamnow.com/broadcast/ActiveXWebCam.cab
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
    O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (Web Camera Server Control) - http://www.webgateinc.com/wizard/co...5/wg_webeye.cab
    O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://toolbar.azesearch.com/install/azesearch.cab
    O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6...bridge-c293.cab
    O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab

    Again, make sure All Browser Windows are Closed when you Click FIX.

    Other than these few ActiveX Controls you look clean, are you currently having any problems?
     
    bjgarrick, Mar 31, 2005
    #5
  6. fiddle

    fiddle Private E-2

    Hello bjgarrick,

    So far so good, everything looks like it's gone according to HijackThis.

    Yes, I started having problems a couple of days ago after signing up for a 30 day trial copy of Symantic Antispam, I used a different email address to sign up and I got the notification of where to go to d/l it. When I went into that site I got a different kind of toolbar in IE. I went into view-toolbars found the toolbar that was put there and got rid of it, then selected "lock the toolbars". I never did d/l Antispam by the way. Then the computer started getting slow kind of intermitted, like driving along and coming to a stop waiting for a red light, then driving along again. This happened every few minutes. I also noticed that the Google search page logo had changed. I did a online scan and it found I had Azesearch on it, I ran Hijackthis and it was confirmed. I also d/l Spybot Search and Destroy it found a couple of malware. and also d/l a-square it found a Trogan.

    Thank you once again for taking the time to help me, and one other thing thank you for being so prompt! :)

    Fiddle
     
    fiddle, Mar 31, 2005
    #6
  7. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    I would go to Add/Remove Programs and uninstall it.
     
    bjgarrick, Mar 31, 2005
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds