Begin2search & toolbar.desktoptraffic.net?

Hi all. This is my first post so go easy on me....

I have that damned begin2search toolbar in my browser and I also have a problem with lots of words on any random web page turning into lime green colored links (toolbar.desktop.traffic.net?). I have run: Norton Antivirus 2002 (yes, I manually updated my virus definitions), Adaware 6.0, and Spybot Search and Destroy. As far as I can tell, neither of these programs found anything relevant to the problems I've been having. Furthermore, my webpages hang before loading. I've just dowloaded Hijackthis and will be happy to post an attachment log upon request.

Thanks so much!!

Kelly

 

Hi Kelly,

Welcome to MG's.
Generally, we like people to start with the Cleanup Tutorial HERE:
READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan and Virus Removal

This will remove a lot of stuff that would otherwise clog a HJT log.

You may also want to try this tool. Make sure to put it in its own folder - C:\Program Files\OKSM and run it Twice: OmegaKillerSM v1.2

When working the Tutorial, Please note the steps that you are able to complete and the ones that give you problems. Note that you need to be in Safe Mode with System Restore OFF (if you have it - you didn't give OS) and have the Viewing of Hidden Files ENABLED as per the instructions in the link. Make sure to do the Online Scans.

Post back and let us know how you fared. Also, send us a HijackThis Log. Make sure to follow the instructions below:

Note that your HijackThis should be up-to-date (v1.98.2) and MUST be extracted to its own safe folder - C:\Program Files\HijackThis!

If you need a Fresh Download of HJT, get it HERE: HijackThis 1.98.2

Also note that, before you scan, you MUST close all running programs including your web browser, e-mail and items in the system tray.

Please save your HJT Log and attach it via the "Manage Attachments" tool in the Additional Options section when you post.

Somebody will take a look when they get a chance.

Best luck
PP

 

Wow. That was quite the experience. Okay, so I followed the instructions in the "Basic Spyware, Trojan, and Virus Removal" tutorial. Trend Micro's Free Online virus scan showed 9 viruses and they were all deleted. McAfee AVERT stinger showed that my system was clean. CCleaner removed 1,407.6 MB of data. Ad-Aware showed about 500 infected files and I quarentined those files which I recognized as unhealthy. Spybot detected a few things and successfully removed them all. Both CWShredder and Kill2me showed a clean system. I then booted my computer up again normally and the green link problem was still there and the browser was still hanging. Also, there was an error at startup--a file could not be found. I don't remember off the top of my head what the file was but I can restart in a minute and get that info.

Attached is my hijackthis log. Thanks so much for all of the help.

 

addendum

Okay so I just restarted and the error message that I'm getting is: "Error loading C:\programfiles\wildtangent\apps\cda\cdaengine0400.dll The specified module could not be found". One more thing that I forgot to mention--I did run the OmegaKiller twice and it came up clean. Thanks!

 

Re: addendum

Hi Kelly,

You should uninstall any remnants of Wild Tangent as it is just begging to give you problems. Use Add or Remove Programs. Then, delete the folder, if it remains: C:\programfiles\wildtangent

I am heading out the door, but Chaslang or I will take a look at your HJT Log when one of us gets a chance and see what else needs to be done.

***I took a quick glance and there is still a bunch that needs to go! Hang in there!

PP

 

Well, there were no remnants of Wild Tangent in either the Add/Remove Programs list or in the Program Files folder. However, I ran a search for "Wild Tangent" and found a file called "wildtangent.jar" in C:\ProgramFiles\java\j2re1.4.1\lib\ext. I didn't delete it, I just left it alone.

I don't know if that info is relevant but I thought I'd mention it. Thanks again for all of the help. I'll check back tomorrow!

 

Darn it Chas, I'm last again! No need to post my fix, I guess. Drat!!

Surprised you didn't mention the LimeWire and the dangers of P2P?

PP

 

Hi again,

Okay so I followed the instructions and fixed the problems that you suggested using hijack this. I did not, however, find:

C:\WINDOWS\System32\dsktrf.dll or
C:\Program Files\WildTangent

when I booted up in safe mode.

The browser seems to be working fine now--those pesky green links are gone and so far there is no hanging. woooooohooooo!! Oh, and as I mentioned before, the only wildtangent file that I can find is located in C:\ProgramFiles\java\j2re1.4.1\lib\ext

Is this file legit? Oh, and I uninstalled Limewire PhilliePhan--I've been meaning to do that for a while. I usually use suprnova or other torrent sites for downloading. This is safe, yes?

Thank you both SO much for all of the help. I'm so glad I found this site. You guys are the best!!

Kelly

P.S. most recent hijack this log attached

 

Hi Kelly,

Your HJT Log looks OK Chas will probably be along to doublecheck it.

Go ahead and Delete that wildtangent.jar - WT like to install itself everywhere, it seems!

While you are here, I suggest that you take a look at some of his recommendations: How to Protect yourself from malware!

Happy Computing

PP

 

Thanks for all the help guys...everything seems to be running smoothly!!

Kelly