• Content Count

  • Joined

  • Last visited

Everything posted by Dan

  1. :o :o GET WELL SOON MARTY!!!
  2. BE CAREFUL EVERYONE! This is a really bad virus!!!!!! (Thanks Matt for getting this:) So BE CAREFUL in IMs...I have had this on a VM and it is not pretty. At the moment, there is no fix, and requires a format! Danny
  3. Dan

    Xbox 360

    M$ Should've done their reasearch!
  4. Hi, Thanks for the info just in case I miss an important show Danny
  5. Happyy Birrrrrrrrrrthday rocky!!!!!!!!!!!!!!!!!!!! Happy to turn 19 eh? Danny
  6. Hey Guys.. SmitRem will remove it It's not really /hard/ to remove, just a pain in the arse! Danny
  7. Hi, The stuff that was missing from HJT were probably the R1 lines that were CWS. Apparently CWShredder cleaned it. ============================ We have a couple of last steps to perform and then you're all set. First, let's reset your hidden/system files and folders. System files are hidden for a reason and we don't want to have them openly available and susceptible to accidental deletion. Click Start. Open My Computer. Select the Tools menu and click Folder Options. Select the View tab. Under the Hidden files and folders heading UNSELECT Show hidden files and folders. CHECK the Hide protected operating system files (recommended) option. Click Yes to confirm. Click OK. Next, let's clean your restore points and set a new one: Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous re1. Turn off System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. Check Turn off System Restore. Click Apply, and then click OK. 2. Restart your computer. 3. Turn ON System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. UN-Check Turn off System Restore. Click Apply, and then click OK. System Restore will now be active again. store points which are likely to be infected) Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs: SpywareBlaster to help prevent spyware from installing in the first place. SpywareGuard to catch and block spyware before it can execute. IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email. Even though you have an antivirus program, it is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit Microsoft Windows Update monthly. And to keep your system clean run these free malware scanners AdAware SE Personal Spybot Search & Destroy weekly, and be aware of what emails you open and websites you visit. To learn more about how to protect yourself while on the internet read this article by Tony Klien: So how did I get infected in the first place? Have a safe and happy computing day! Danny
  8. Hi, You have a CoolWebSearch infection. Download CWShredder here to its own folder. Update CWShredder * Open CWShredder and click I AGREE * Click Check For Update * Close CWShredder Boot into Safe Mode: Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode. Now run CWShredder. Click I Agree, then Fix and then Next, let it fix everything it asks about. Please run HijackThis and click "Scan." Place checks next to the following entries (If Present): R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O1 - Hosts: L2authd.lineage2.com #C3 Server O1 - Hosts: om O4 - HKLM\..\Run: [timessquare] C:\windows\timessquare.exe O4 - HKLM\..\Run: [adtech2006] C:\windows\adtech2006.exe O4 - HKLM\..\Run: [0wso0x0s.dll] RUNDLL32.EXE 0wso0x0s.dll,b 101093796 O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\gp2ml3f11.dll (file missing) Close all windows browsers except HijackThis, and click the "Fix Checked" button. Close HijackThis. Next, please enable viewing of hidden files as follows: 1) Go to My Computer, and click on the "Tools" menu 2) Click "Folder options" 3) Select the "View" tab 4) Make sure "Show hidden files and folders" is selected 5) Make sure "Hide extensions for known file types" is unchecked 6) Make sure "Hide protected operating system files (recommended)" is unchecked Next, delete the following files/folders (if they exist): C:\windows\adtech2006.exe << This file C:\windows\timessquare.exe << This file C:\drsmartload1.exe << This File C:\inrh9400.exe << This File C:\mt13u.exe << This File C:\stub_113_4_0_4_0.exe << This File Locate via Start > Search: 0wso0x0s.dll << This file Finally, go to the Start Menu, click "Run", and in the window type cleanmgr. This will run the System Cleanup program. Make sure the box next to "Temporary files" is checked, and then click "OK". Reboot and post a new log. Danny
  9. Dan

    Another Science Project

    No....I need to add more cardboard in the middle as support beams. It's going to lay like that
  10. Hopefully I get that much snow
  11. Dan

    Terms Of Use Updated

    Reading em right now On first glace, you should try to bold the things, or Make them bigger. But good
  12. You just have to bring that up don't you But I agree with Jeff. We don't want to scare off new users
  13. Close any programs you have open since this step requires a reboot. From the l2mfix folder on your desktop, double click l2mfix.bat and select option #2 for Run Fix by typing 2 and then pressing enter. It will process then start. Your desktop and icons will disappear (this is normal). L2mfix will continue to scan your computer and when it's finished, it will be ready for a reboot. Press any key to reboot. After the reboot notepad will open with a log. Copy the contents of that log and paste it back into this thread, along with a new hijackthis log. IMPORTANT: Do NOT run any other files in the l2mfix folder unless you are asked to do so! If after the reboot the log does not open double click on it in the l2mfix folder. Danny
  14. You have the latest version of VX2. Download L2mfix from one of these two locations: http://www.downloads.subratam.org/l2mfix.exe http://www.atribune.org/downloads/l2mfix.exe Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop. Double click l2mfix.bat and select option #1 for Run Find Log by typing 1 and then pressing enter. This will scan your computer and it may appear nothing is happening, then, after a minute or 2, notepad will open with a log. Copy the contents of that log and paste it into this thread. IMPORTANT: Do NOT run option #2 OR any other files in the l2mfix folder until you are asked to do so! if you receive, while running option #1, an error similar like: ''C:\windows\system32\cmd.exe, C:\windows\system32\autoexec.nt the system file is not suitable for running ms-dos and microsoft windows applications. choose close to terminate the application.."...then please use option 5 or the web page link in the l2mfix folder to solve this error condition. do not run the fix portion without fixing this first. Next, please run an on-line virus scan at Kaspersky OnLine Scan , save and post that log here as well as the L2MFix log! Thanks, Danny
  15. Topic Closed because of inactivity
  16. Dan

    Hijack This Log

    Closed because of inactivity
  17. Topic Closed because of Inactivity
  18. Dan

    Defrag Issue?

    Topic Closed because of inactivity
  19. Hi, This doesn't sound like a malware related problem. I suggest you post a new topic in the Computer Support forum Thanks, Danny