I Know I have SOMETHING wrong!

Hey there! I KNOW something is up here, I think ATLEvents is one and I've got the WildTangent problem too! I downloaded HijackThis into it's own folder, and I downloaded Killbox as well. I await any possible help!

Thanks!

 

Hi hafdawg,
Have you seen the below link:

http://forums.majorgeeks.com/showthread.php?t=35407

Check it out, do what you can and post results here. Someone will help you further after that.

Good Luck

 

Yep Ive read that, but I wasnt allowed to post my hijack this until asked to so i know what to target with Killbox and Hijack!

May I post my log? Also, I had a program called regdll.exe taking up all my memory until i disabled it, anyone have an idea of what that may be?

Thanks!

 

If you have done all in the tutorial then yes post your log. I won't be able to help you with it but BJ or Chas will. They will be around later today I'm sure.
Good Luck

 

HafDawg,

http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

 

regdll.exe is not a virus app as far as i remember.

 

Here's my log!

Thanks!

 

HafDawg,

You may have read the READ ME but you have not ran the steps in it like you should have.


Now lets begin by running the below online scans:

TrendMicro Online Scan
Bitdefender online scan
RavAntivirus online scan <-- select Auto Clean then click Scan My PC
TrojanScan online scan
Panda Online Scan

After you have completed ALL of the above online scans, reboot and post a fresh HJT log.

 

I've ran the TrendMicro previously and the Bitdefendersays the web site is not authorized to host the ActiveX control, so I cant run that one, but as for the others, Im running them now.

 

Here we go! The new log!

 

Scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.dogpile.com/info.dogpl.toolbar/dog/forms/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.dogpile.com/info.dogpl.toolbar/dog/forms/search.htm

O2 - BHO: CATLEvents Object - {3EC8E271-FAB9-418a-8A8E-65AEB4029E64} - C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\pacbdo.dat (file missing)

O3 - Toolbar: Dogpile Toolbar - {5E92F538-B50B-46c5-9C5F-C6EECED3F6C6} - C:\Program Files\DogpileToolbar\insptbar.dll (file missing)

O8 - Extra context menu item: Dogpile Cursor Search - C:\Documents and Settings\All Users\Application Data\Infospace\DogpileToolbar\contextsearch.htm

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

Again, make sure All Browser Windows are Closed when you Click FIX.

NEXT:
Run CCleaner and Spybot S&D and have Spybot fix what it finds.
Note: Dont forget to update Spybot S&D by selecting "Search For Updates"

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.


After you complete the above REBOOT, Scan with HijackThis and attach the new log.

 

THe only thing spybot found was 1 wildtangent entry.

Here's the log!

And since I havent said it before, thanks for the help!

 

Your HJT log is clean, are you having any further problems?

 

Nope but I have another computer, after I follow all the above steps again, can I post the HiJackThis log?

Thanks!

 

Created new thread for other computer to avoid confusion!

You should see this article on How to Protect yourself from malware!