krishnasty Posted July 15, 2008 Report Share Posted July 15, 2008 hi guys..i needed a help as i could not decipher wat the following thing is..i was actually surfing and downloading few stuffs when i noticed a fliker of my browser mozilla..i dont know wat happened but i continued to work without noticing any unexpected stuff..after few moments,i noticed a absurd kid of icon on my taskbar(pls refer to the picture attached),which i never downloaded.. i tried to figure out wat the application is via different methods but it simply wont show up..pls tell me wat to do..incidently,my download speed has becum slow.cant say its d same reason or something else.pls tell me wat this is and how to remove it..thnx.. Quote Link to post Share on other sites
irregularjoe Posted July 16, 2008 Report Share Posted July 16, 2008 hi guys..i needed a help as i could not decipher wat the following thing is..i was actually surfing and downloading few stuffs when i noticed a fliker of my browser mozilla..i dont know wat happened but i continued to work without noticing any unexpected stuff..after few moments,i noticed a absurd kid of icon on my taskbar(pls refer to the picture attached),which i never downloaded.. i tried to figure out wat the application is via different methods but it simply wont show up..pls tell me wat to do..incidently,my download speed has becum slow.cant say its d same reason or something else.pls tell me wat this is and how to remove it..thnx..Start by giving us some info on the computer. What's the status if any of virus scans. Quote Link to post Share on other sites
krishnasty Posted July 16, 2008 Author Report Share Posted July 16, 2008 i have microsoft vista ultimate installed..its nothing to do with my laptop specifications...that ugly sign was not there before and when i was downloading songs, it came on all of a sudden and now i cant figure out wats wrong...i am using a NOD32 antivirus and when i did depth scan yesterday,it came out with 5 infected files but all where cleaned up..but the sign still persists on my taskbar..i dont know wat application it belongs to,let apart treating it..pls help.. Quote Link to post Share on other sites
TheTerrorist_75 Posted July 16, 2008 Report Share Posted July 16, 2008 Download and install the newest HijackThis.TrendMicro HijackThis ver. 2.0.2Read these directions.How To Post A Hijackthis Log, Easy to Follow GuideCopy the generated log file then paste it in the following section of the forums.Malware Removal - HijackThis LogsPlease wait patiently for the experts to read your log and guide you on removing your malware. Quote Link to post Share on other sites
krishnasty Posted July 16, 2008 Author Report Share Posted July 16, 2008 i have followed d instructions as given by u and i am posting the log file to you. here is d log file..Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:41:22 AM, on 7/17/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeD:\program files\iTunes\iTunesHelper.exeC:\Windows\AGRSMMSG.exeD:\program files\Microsoft Office\Office12\GrooveMonitor.exeD:\program files\Java\jre1.6.0_05\bin\jusched.exeD:\program files\ESET\ESET NOD32 Antivirus\egui.exeD:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Windows\System32\wsqmcons.exeD:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exeC:\Users\KRISHN~1\AppData\Local\Temp\Rar$EX00.985\HijackThis.exeC:\Windows\explorer.exeC:\Windows\system32\SearchFilterHost.exeC:\Users\krishnasty\Downloads\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\PROGRA~1\yahoo\Companion\Installs\cpn\yt.dllO1 - Hosts: ::1 localhostO2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\PROGRA~1\yahoo\Companion\Installs\cpn\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\PROGRA~1\yahoo\Companion\Installs\cpn\yt.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "d:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"O4 - HKLM\..\Run: [WScheduler] d:\PROGRA~1\SYSTEM~1\WScheduler.exe /LOGONO4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitserviceO4 - HKCU\..\Run: [googletalk] C:\Users\krishnasty\AppData\Roaming\Google\Google Talk\googletalk.exe /autostartO4 - HKCU\..\Run: [Yahoo! Pager] "D:\program files\yahoo\Messenger\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [GoodNightPC.Exe] D:\program files\GoodNightPC\GoodNightPC.ExeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - Global Startup: Bluetooth.lnk = ?O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htmO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dllO9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLLO13 - Gopher Prefix: O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dllO17 - HKLM\System\CCS\Services\Tcpip\..\{F17CA675-9EF3-465B-BE82-18BE890F4016}: NameServer = 218.248.255.145,61.1.96.71O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLLO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeO23 - Service: Eset HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exeO23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe--End of file - 6818 bytesthnx.. Quote Link to post Share on other sites
TheTerrorist_75 Posted July 16, 2008 Report Share Posted July 16, 2008 You forgot to post it in the right section of the forums.Copy the generated log file then paste it in the following section of the forums.Malware Removal - HijackThis LogsPlease wait patiently for the experts to read your log and guide you on removing your malware. Quote Link to post Share on other sites
Pete_C Posted July 17, 2008 Report Share Posted July 17, 2008 Is it a magnifying glassI am reminded of quickview / quickview pro(Plus), which opens when you have a file format nothing else handles.ALL I seem to find is references to DOS and Linux versions but I had it on windows for yearsAh here it is Quick View Plushttp://www.avantstar.com/Products/Quick_Vi...iewPlusOverviewhttp://club.coolmaps.com/product_review_qvpa.cfmI think it used to be bundled in Netscape , so having it in mozilla full is not impossiblehttp://store.digitalriver.com/store/avants...ductID.59043000New integrations include Adobe Acrobat Reader 8 and Mozilla ...They have free plugins of the basic QuickView integrated into Mozilla, and Adobe Reader Quote Link to post Share on other sites
TheTerrorist_75 Posted July 17, 2008 Report Share Posted July 17, 2008 It doesn't look like a magnifying glass when blown up. Quote Link to post Share on other sites
Pete_C Posted July 20, 2008 Report Share Posted July 20, 2008 It doesn't look like a magnifying glass when blown up.Well, if hovering over it does not identify it, maybe the process list from a hijackthis log would clarify what is running . Quote Link to post Share on other sites
TheTerrorist_75 Posted July 20, 2008 Report Share Posted July 20, 2008 I can see nothing bad as far as malware goes in his logs. I wonder if that icon has something to do with one of the Apple products on his laptop? Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.