Whataboutadog? and new to the community

[littlebella]

I'm new to TechSpot OpenBoards and the whole concept of "forums" and "threads" and "blogging", but here I am! After much Googling I felt TechSpot was the place to be.

Can someone please help me understand what "whataboutadog.com" is? Is it a virus? Why can't I find it on Symantec? How did I get it? What do I do about it?

Thanks

 

[kimsland]

Hi littlebella and welcome to TechSpot
You will find that these (or specifically this) forum will help with any technical question you may have, be it very basic (there are no dumb questions) or very advanced technical support.

In relation to "whataboutadog.com"
Firstly update your Antivirus and do a full scan
You can find AVG free Here if you do not have an Antivirus software package installed

You may also want to download SpyBots Search and Destroy from Here Being another free tool to remove bugs from your system.

 

[momok]

Hi littlebella and welcome to techspot. =)

The whataboutadog and doginhispen are related, both highly tricky infections to remove. I suggest you do the following before doing anything else.

Important: Please read this thread HERE before deciding if you should CLEAN or FORMAT your system

Should you decide to that cleaning your system is the best option, please go to Viruses/Spyware/Malware, preliminary removal instructions and follow the steps given.
Do follow all the instructions exactly.

Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread.
Do not copy and paste your logs if not they will be removed.

Our experts here will tend to your queries thereafter.

Also, please provide the results of the Antirootkit scan


Regards,
momok =)

This thread is for the use of littlebella only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and The Web forum.

 

[littlebella]

Hey thanks for the response but I'm sooo confused.

I've read a few related threads regarding the whataboutadog and adoginhispen and the cleanup on those seemed very intense.

I downloaded AVG. It found MANY (33) problems: Trojan horse downloader.agent.14.p, Trojan Horse downloader.Generic6.SJK, .VCE, .VCC. Does AVG clean these trojans up or do I still need to do something else?

Still learning...Thanks for your help

Also, AVG didn't find *doginhispen.com and *whataboutadog.com but Hijack did and it fixed them both. Are they truly gone and is there something else I need to do for these 2 "dogs"?

It seems too easy.

Also, the Trojan Horse has been in the system restore files. Do I need to do something with backup files??

 

[littlebella]

Momok,

I saw your message after I sent a quick reply. I'm going to attempt to clean the system, with your guidance of course. Just one dumb question, how do I atttach a log into the message? Still learning...

Littlebella

 

[momok]

Hi,

Just continue with the preliminary removal thread instructions within the links that I had posted. In the last few steps there will be instructions teaching you how to attach a log. =)

 

[littlebella]

Hi,

Was that a long process. I completed everything as outlined in the 15 steps, but please tell me what I did wrong with the AVG Antispyware.

I set all elements to "quarantine" as instructed. When the scan completed it found 38 traces and all of them were marked as "delete". When I looked at the report it posted the "no action taken" phrase you DIDN'T want to see in the log.

Thinking I didn't read it correctly, I exited out and did another scan and came up with the same thing. They were all marked "delete" and one of them was actually put in the "quarantine" under infections. All but one was deleted, but the log still says "no action taken". What did I do wrong? Not feeling very bright at this point...

There were no rootkits found.

Big Question: Prior to having kids old enough to get on the internet, we didn't have any issues. The kids use the computer alot for Facebook, Itunes, Limewire. Are those sources of infection?

Thank you for your help. Sorry I had trouble with the AVG Antispyware.

Kindest Regards,
Littlebella

 

[momok]

Hi,

No problems about that. Please see HERE for AVG instructions, especially the part about saving the report after applying all actions and check if you did correctly.

1. Open notepad and copy/paste the text in the quote box below into it (all except the word QUOTE):
   
   

   File::
   C:\WINDOWS\CA65-50B2-D52A-A559.dat
   C:\WINDOWS\twain_32.dll
   Folder::
   C:\Documents and Settings\All Users\Application Data\Viewpoint

2. Save this as CFScript on the desktop.
3. Referring to the image below, drag CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe.
   
   
   
   
4. ComboFix will begin to execute, just follow the prompts. After reboot (in case it asks to reboot), it shall produce a log for you. Post that log (Combofix.txt) in your next reply.
   
   Note: Do not mouseclick combofix's window while it is running. That may cause your system to hang

Next, please download FindAWF from HERE. Save the file to the Desktop and then complete the following instructions:

1. Open the FindAWF program. If a Security Alert shows, allow the program to run.
2. Press 1 then Enter. The scan may take a while, please be patient. When done, a text file, Find AWF report will be produced.
3. Please remember to attach this report file in your reply along with all other required logs.

Thereafter, please post fresh HJT and AVG Antispyware logs and the resultant ComboFix and AWF log from the above instructions as attachments into this thread.


Regards,
momok =)

This thread is for the use of littlebella only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and The Web forum.

 

[littlebella]

Hi,

ok. I reviewed the posted directions for AVG Antispyware, again, and did the same thing. I chose "quarantine" as the recommended action and cllicked on "apply all actions". I saw it delete everything and quarantine the "adware.gator".

Again the report says "no action taken" next to everything. Although I didn't see it in the directions, the "automatically generate report after every scan" button is marked. Should that not be marked?? What am I doing wrong...

As always, thank you.

Kindest Regards,
Littlebella

 

[momok]

Hi,

No worries about AVG. Uncheck that button that automatically generates reports. Then run a scan, perform the quarantine/cleaning actions then save a report. Attach that report in your next reply.

Run FindAWF again.

1. Press 2 then Enter. A text file named files.txt will open:
   
   
2. Copy and paste the following text from the quote box below into the text file.

   C:\WINDOWS\bak\UpdReg.EXE
   C:\Program Files\iTunes\bak\iTunesHelper.exe
   C:\Program Files\QuickTime\bak\qttask.exe
   C:\Program Files\Zune\bak\ZuneLauncher.exe
   C:\Program Files\HP\HP Software Update\bak\HPWuSchd2.exe
   C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\bak\mmtask.exe
   C:\Program Files\Creative\SBLive\Diagnostics\bak\diagent.exe
   C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\bak\DirectCD.exe

   Next, close and click Yes to save the changes.
   
   
3. Once files.txt is saved, FindAWF does the following:
   -It attempts to terminate the process represented by each filename on the list, if running
   -Deletes the rogue file from the parent folder, if present
   -Copies the original file to the parent folder
   
   When done with the above, it automatically runs a new scan and opens a new log.
   Please attach this new FindAWF log in your reply.

Regards,
momok =)

This thread is for the use of littlebella only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and The Web forum.

 

[momok]

Thread closed due to lack of response. Should the original starter require it to be reopened, please PM a mod.
(Edit: Reopened on request)
(Edit: Closed again due to non-response)