Various Problems....

ok had some add ware and i think i might have gotten it all just really need my hijackthis log check for final clean up.

THANKS

Amandalynn

 

Please follow forum guidelines and perform cleaning steps in the sticky thread before posting HijackThis logs.

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

http://www.majorgeeks.com/images/grenade.gif Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

• Make sure you check version numbers and get all updates.

http://www.majorgeeks.com/images/grenade.gif Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

http://www.majorgeeks.com/images/grenade.gifAfter doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps in the below thread to properly use HijackThis and attach the log:

http://www.majorgeeks.com/images/grenade.gif Downloading, Installing, and Running HijackThis

 

Ok so i am confused.... perhaps I didn't make myself clear... I followed all the steps in the sticky thread.. all went well i had the shellconhidden window that is an issue with music match version 10 however i am not sure if i fully got it off. I was also wondering about the my way search assistant that dell installs... Not sure i can remove it via hijack this because its part of the dell installation....

I thought i posted my hijackthis log according to the forum stick.. not sure how to do it any differently.... >.<

 

You have HJT installed properly, your HJT log shows no signs of the online scans being run from the READ ME.

Please go back to the READ ME and run these online scans as they are a key asset to cleaning your computer. After you have ran the online scans listed in the READ ME, attach the logs with a fresh HJT log.

 

ahhhh... ok umm damn well i ran the bitdefender and the other one before i did hijack but i will redo and resend

 

After you run both scans attach the logs with a fresh HJT log.

 

Grrrrrrr I ran the panda twice... IT say it will send you a report but I never recieve anything. Not sure what to do... got the bit one... and heres a new hijack this log.

 

Please see the below thread on how to install and run Spy Sweeper.

Running Spy Sweeper...

 

Umm in order to delete it it wants me to purchase it.... But here is everything that it found along with a discription..


Spy Sweeper will provide you with detailed information about the operations being performed in this area.
Updating spyware definitions from Webroot.com
Please wait... This may take a few minutes...
Your spyware definitions have been updated.
You are now protected against 117827 known traces.

To ensure proper removal of spyware, adware and other unwanted items, be sure to close any programs that are open.
Your Sweep Options indicate the following will be swept:
Drives: C:
Also sweeping: Memory, Cookies, Registry
Adware found: winad
Full Sweep has completed. Elapsed time 00:33:08
Traces Found: 4

To subscribe by phone, simply dial 1 866 612-4227



ADWARE Description:

Name:


WinAd

Author:


Category:


Adware

Threat Assessment:


High



Description:

WinAd is an adware program which periodically connects to a Web server to download and display pornographic pop-up window advertisements.

Characteristics:

WinAd may display advertisements on your computer.

Method of Infection:

WinAd generally propagates itself using dialog boxes, various social engineering methods, or through a java scripting error. Usually adware and BHOs are bundled with various, free software programs.

Additional Comments:

 

I will have to look into that about Spy Sweeper, shouldnt be doing that unless they have changed yet something else.

Please see the below thread on how to install and run Ewido Security Suite.

Running Ewido Security Suite ...

 

ok weird things are happening.. I ran the Ewido Scan and made a new Hijack log.. however even when i click go advanced to reply i don't get the option to manage attachments... >.< not sure what happened in the last 12 hours but apparently i became a nub over night... >.< I will mess around with it and see if I am somehow ever looking and try to get it posted soon...

 

Grrrrrr... ok what am I missing? I see the additional options but where it says attach files it only has what the valid file extensions are no place to upload... I broke it...

 

Ok some reason I couldn't do it in Mozilla Firefox.. here you go...

 

Please look in Add or Remove Programs for the following and Uninstall them if found:

Ewido

Spy Sweeper

Now scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.myway.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.myway.com/

O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-ac tivex-2.0.2.8.cab

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

Again, make sure All Browser Windows are Closed when you Click FIX.

NEXT:
Run CCleaner to clean up cookies and temp files.

Run full scans with Ad-Aware SE & Spybot S&D and have both programs fix what they find.
Note: Remember to get all updates before doing the scans.

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.


After you complete the above, reboot and let me know how things are running.

 

Ok did all the above here is the updated hijackthis log... i did notice the O23 line is still there. Sofar the pc is running good though.

Amanda

 

Your log is clean, are you having any further problems?

 

so far running great.. actually a bit faster, could be in my head but hey... lol


Thanks much, you guys are great as always!

Amandalynn

 

Your Welcome!

You should see this article on How to Protect yourself from malware!

Surf Safely!