Dan

Members
  • Content Count

    742
  • Joined

  • Last visited

Everything posted by Dan

  1. Dan

    Another Science Project

    Well, this is what I've got so far: Any Suggestions? Danny
  2. Hi, Please go HERE to run Housecall. Note: you must use Internet Explorer, other browsers will not work. Under "Scan your PC", please click Scan now. It's free! Select your location and click the Go button. Click the red magnifying glass button. Select Complete Scan. Please be patient while Housecall downloads. Please allow the ActiveX Control and when prompted click install Put a check next to My Computer Leave the following checked:Scan for Spyware Check security vulnerabilities [*]Click the Next button. [*]It will download the latest scan engine and pattern files. [*]When the definitions have been downloaded, the scan will start. [*]After it's done scanning it will take you to the summary page. [*]Click the Next button. [*]Click the drop-down to choose delete or remove on each bad guy found, if you receive a prompt click OK. [*]Click the Next button to move onto the recovery (final) portion of the scan. [*]After everything has been removed, please click the show button on everything. [*]Highlight all the of text and press CTRL + C to copy the text. [*]Please post the contents into your next reply. Danny
  3. Hi, This topic is closed If you need any more help, feel free to open a new topic, or PM me or a moderator to get this one open. Thanks, Danny
  4. Dan

    Had A Trojan

    Go to Start > Run and type "Services.msc" (without quotes) then hit Ok Scroll down and find the below services: Remote Packet Capture Protocol v.0 (experimental) When you find it, double-click on it. In the next window that opens, under the General tab click the Stop button, then click the drop-down box to change the Startup Type to Disabled. Now hit Apply and then Ok. Open HiJackThis, click on "None of the above, just start the program". Now, click on the "Config" button (bottom right), then click on "Misc Tools", then click on "Delete an NT Service" a window will pop up. Enter the below item into that field (make sure there are NO spaces before or after the name): rpcapd Click OK. It should pull up information about the service, then ask if you want to reboot. Click YES. Post a new HiJackThis log after it reboots and let me know if you received any error messages.
  5. Hey Jeff, In this new version of IPB, does it automatically merge posts? I mean, because I posted a new topic, then replied to it right away, and it merged it. Try it out in the Testing spot...... Just wondering if this is a new "feature" Danny
  6. Dan

    Another Science Project

    Wow! That looks really good. I'll ask my teacher if I can Also, what kind of adhesive should I use? (Gorrilla Glue costs too much BTW) Thanks alot, Danny
  7. Dan

    Would You Do It?

    Money for winning? Do I have to pay anything?
  8. This is a great announcment! I was going to post it here, but I see you got here first Danny
  9. Hey Everyone, Just wondeing if you have any links to C++ Ebooks or PDFs..... If you do that would be great! Thanks, Danny
  10. Dan

    Hjthislog

    Sorry about that jumbled mess I was posting to a topic somewhere else, and accedently copied it! Danny
  11. Dan

    Hjthislog

    Hi, This log is clean . It seems like you don't have an anti-virus or firewall. Please look at these tools that will protect your computer: AdAware - Another very powerful tool which searches and kills nasties that infect your system. AdAware and Spybot Search & Destroy compliment each other very well. SpywareBlaster - Great prevention tool to keep nasties from installing on your system. SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place. IE-SpyAd - puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all. CleanUP! - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders. Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there. Google Toolbar - Free google toolbar that allows you to use the powerful Google search engine from the bar, but also blocks pop up windows. Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN) To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein. Danny Hi, Please download HijackThis from http://www.besttechie.net/tools/HijackThis.exe After downloading, you have place it into a permanent folder such as "C:\HJT". To do this: * Navagate to your C:\ drive. * Right click inside of the C:\ drive * A menu with the choice "New" will pop up * Hover over "New" and select "Folder" from the sub-menu that pops up. * Rename the Folder HijackThis * Drag HijackThis into the new folder. Next, open HijackThis, and click the "Scan" button. Most of what Hijack This lists lists will be harmless or even essential, DO NOT delete or modify anything yet! Now click the 'Save Log' button. Post the contents of that log as a new topic in the Malware Removal Forum Of of the Staff will review your log and help you out. dk Hi, Please download HijackThis from http://www.besttechie.net/tools/HijackThis.exe After downloading, you have place it into a permanent folder such as "C:\HJT". To do this: * Navagate to your C:\ drive. * Right click inside of the C:\ drive * A menu with the choice "New" will pop up * Hover over "New" and select "Folder" from the sub-menu that pops up. * Rename the Folder HijackThis * Drag HijackThis into the new folder. Next, open HijackThis, and click the "Scan" button. Most of what Hijack This lists lists will be harmless or even essential, DO NOT delete or modify anything yet! Now click the 'Save Log' button. Post the contents of that log as a new topic in the Malware Removal Forum Of of the Staff will review your log and help you out. dk
  12. Dan

    Another Science Project

    Hey Dave, My mind hasn't "processed all of the info yet, but from the last bmp, it looks like it might not work. I'll ask my teacher, but I don't think that it will be able to work. I think I need to have the brick stick up on a string through it. Attached is what I think I need. If I could, should I get it to wrap around your idea? JDoors, I don't wanna cheat I NEED a good grade on this, but thanks, Danny _2.bmp
  13. Dan

    Hijack Log

    Ok, Try this: Please download WebRoot SpySweeper from HERE (It's a 2 week trial): Click the Free Trial link under to "SpySweeper" to download the program. Install it. Once the program is installed, it will open. It will prompt you to update to the latest definitions, click Yes. Once the definitions are installed, click Sweep Now on the left side. Click the Start button. When it's done scanning, click the Next button. Make sure everything has a check next to it, then click the Next button. It will remove all of the items found. Click Session Log in the upper right corner, copy everything in that window. Click the Summary tab and click Finish. Paste the contents of the session log you copied into your next reply, as well as a new HijackThis log. Danny
  14. Dan

    Hijack Log

    Are you using Internet Explorer?
  15. Dan

    Another Science Project

    Well, it needs to be at least 16" apart, and the tables are going to be placed apart about 14". Here is what I have so far:
  16. Dan

    Had A Trojan

    Hi, We have a few things left to do. Open HijackThis, click the Scan button, and check the following item: O20 - Winlogon Notify: WindowsUpdate - C:\WINDOWS\system32\ksdhu.dll (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) Close all windows except HijackThis, and click the "Fix Checked" button. Reboot and post a new log. Danny
  17. Dan

    Had A Trojan

    Hi, Open HijackThis, click the "Scan" buttonn, and check the following items: O4 - HKLM\..\Run: [Kub121D] C:\documents and settings\owner\local settings\temp\Kub121D.exe O4 - HKLM\..\Run: [bakra] C:\WINDOWS\System32\IEHost.exe O4 - HKLM\..\Run: [Media Access] C:\PROGRA~1\MEDIAA~1\MediaAccK.exe O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\bxxs5.dll,DllRun O4 - HKLM\..\Run: [Contextual Tool] C:\WINDOWS\System32\ZQInContextactx1.exe O4 - HKLM\..\Run: [sys03418770551] C:\WINDOWS\sys03418770551.exe O4 - HKLM\..\Run: [ms04187705514] C:\WINDOWS\ms04187705514.exe O4 - HKCU\..\Run: [redx.exe] C:\Documents and Settings\Owner\Application Data\System Restore\redx.exe O4 - HKCU\..\Run: [mc-110-12-0000122.exe] C:\WINDOWS\System32\mc-110-12-0000122.exe O4 - HKCU\..\Run: [fran-super.exe] C:\WINDOWS\System32\fran-super.exe O4 - HKCU\..\Run: [ventbb.exe] C:\WINDOWS\System32\ventbb.exe O4 - HKCU\..\Run: [VB1.exe] C:\Documents and Settings\Owner\Application Data\System Restore\VB1.exe O4 - HKCU\..\Run: [setup75.exe] C:\WINDOWS\System32\Setup75.exe O4 - HKCU\..\Run: [ZQInContextactx1.exe] C:\WINDOWS\System32\ZQInContextactx1.exe Close all windows except HijackThis and click the "Fix Checked" button. Locate the following files/folders and delete them: C:\WINDOWS\System32\ZQInContextactx1.exe << This file C:\WINDOWS\System32\Setup75.exe << This file C:\Documents and Settings\Owner\Application Data\System Restore << This folder C:\WINDOWS\System32\ventbb.exe << This file C:\WINDOWS\System32\fran-super.exe << This file C:\WINDOWS\System32\mc-110-12-0000122.exe << This file C:\WINDOWS\ms04187705514.exe << This file C:\WINDOWS\sys03418770551.exe << This file C:\WINDOWS\System32\ZQInContextactx1.exe << This file C:\WINDOWS\bxxs5.dll << This file C:\PROGRA~1\Media Access << This folder C:\WINDOWS\System32\IEHost.exe << This file C:\documents and settings\owner\local settings\temp\Kub121D.exe << This file Please download WebRoot SpySweeper from HERE (It's a 2 week trial): Click the Free Trial link under to "SpySweeper" to download the program. Install it. Once the program is installed, it will open. It will prompt you to update to the latest definitions, click Yes. Once the definitions are installed, click Sweep Now on the left side. Click the Start button. When it's done scanning, click the Next button. Make sure everything has a check next to it, then click the Next button. It will remove all of the items found. Click Session Log in the upper right corner, copy everything in that window. Click the Summary tab and click Finish. Paste the contents of the session log you copied into your next reply, as well as a new HijackThis log. Danny
  18. Well, the other one didn't go so well. It landed on its side and went caput! Oh well...For this one: Materials: Curugated Cardboard Strips, no longer then 6" no wider then 1" Any Adhesive - NO TAPE Goal: To build a structure to support a brick :surrender: Restrictions: Cannot glue strips together vertically Device must 16" minimum Max Weight: 150 g. Need Paperwork - 5 different ideas, with 5 different descriptions So, If you guys could help me, that'd be great! Also, I have a thread at G2G: http://www.geekstogo.com/forum/index.php?showtopic=78054 Danny
  19. Dan

    Had A Trojan

    Hi, Before we begin: I recommend that you uninstall Morpheus. This P2P program is considered to have spyware in the older versions, and would be better replaced by a different one. Check here for more info. Next, open HijackThis, click the "Scan" buttonn, and check the following items: R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com O2 - BHO: wb - {55BE9F0D-6CAF-4c3e-B125-5A13A8C9D0EC} - C:\WINDOWS\system32\nsh7.dll O4 - HKLM\..\Run: [Kub121D] C:\documents and settings\owner\local settings\temp\Kub121D.exe O4 - HKLM\..\Run: [bakra] C:\WINDOWS\System32\IEHost.exe O4 - HKLM\..\Run: [Media Access] C:\PROGRA~1\MEDIAA~1\MediaAccK.exe O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\bxxs5.dll,DllRun O4 - HKLM\..\Run: [sys02141877055] C:\WINDOWS\sys02141877055.exe O4 - HKLM\..\Run: [ms05877055141] C:\WINDOWS\ms05877055141.exe O4 - HKLM\..\Run: [Contextual Tool] C:\WINDOWS\System32\ZQInContextactx1.exe O4 - HKLM\..\Run: [ms04187705514] C:\WINDOWS\ms04187705514.exe O4 - HKLM\..\Run: [ms06770551418] C:\WINDOWS\ms06770551418.exe O4 - HKLM\..\Run: [win3208055141877] C:\WINDOWS\win3208055141877.exe O4 - HKLM\..\Run: [win3207705514187] C:\WINDOWS\win3207705514187.exe O4 - HKLM\..\Run: [sys01514187705] C:\WINDOWS\sys01514187705.exe O4 - HKLM\..\Run: [sys09551418770] C:\WINDOWS\sys09551418770.exe O4 - HKCU\..\Run: [redx.exe] C:\Documents and Settings\Owner\Application Data\System Restore\redx.exe O4 - HKCU\..\Run: [zqactx1.exe] C:\Documents and Settings\Owner\Application Data\System Restore\zqactx1.exe O4 - HKCU\..\Run: [mc-110-12-0000122.exe] C:\WINDOWS\System32\mc-110-12-0000122.exe O4 - HKCU\..\Run: [fran-super.exe] C:\WINDOWS\System32\fran-super.exe O4 - HKCU\..\Run: [ventbb.exe] C:\WINDOWS\System32\ventbb.exe O4 - HKCU\..\Run: [VB1.exe] C:\Documents and Settings\Owner\Application Data\System Restore\VB1.exe O4 - HKCU\..\Run: [setup75.exe] C:\WINDOWS\System32\Setup75.exe O4 - HKCU\..\Run: [ZQInContextactx1.exe] C:\WINDOWS\System32\ZQInContextactx1.exe O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971C...Bridge-c106.cab O16 - DPF: {26098EA2-C95D-48EA-89B4-63C5A63BD42F} - http://www.pacimedia.com/install/pcs_0008.exe O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab O16 - DPF: {4AD73894-A895-4FC2-B233-299867E08753} (Cadwkzctl Object) - http://apps.deskwizz.com/ax/adwerkz.cab O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://mrsupergames.aavalue.com/toolbars/msg/msg-toolbar.cab O20 - Winlogon Notify: MCD - C:\WINDOWS\system32\ksdhu.dll (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) Close all windows except HijackThis and click the "Fix Checked" button. Next, please enable viewing of hidden files as follows: 1) Go to My Computer, and click on the "Tools" menu 2) Click "Folder options" 3) Select the "View" tab 4) Make sure "Show hidden files and folders" is selected 5) Make sure "Hide extensions for known file types" is unchecked 6) Make sure "Hide protected operating system files (recommended)" is unchecked Locate the following files/folders and delete them: C:\WINDOWS\System32\Setup75.exe << This file C:\Documents and Settings\Owner\Application Data\System Restore << This folder C:\WINDOWS\System32\ventbb.exe << This file C:\WINDOWS\System32\fran-super.exe << This file C:\WINDOWS\System32\mc-110-12-0000122.exe << This file C:\WINDOWS\sys09551418770.exe << This file C:\WINDOWS\sys01514187705.exe << This file C:\WINDOWS\win3207705514187.exe << This file C:\WINDOWS\win3208055141877.exe << This file C:\WINDOWS\ms06770551418.exe << This file C:\WINDOWS\ms04187705514.exe << This file C:\WINDOWS\System32\ZQInContextactx1.exe << This file C:\WINDOWS\ms05877055141.exe << This file C:\WINDOWS\sys02141877055.exe << This file C:\WINDOWS\bxxs5.dll << This file C:\PROGRA~1\MEDIAA~1 << This folder C:\WINDOWS\System32\IEHost.exe << This file C:\documents and settings\owner\local settings\temp\Kub121D.exe << This file Please download AproposFix from here: http://swandog46.geekstogo.com/aproposfix.exe Save it to your desktop but do NOT run it yet. Then please reboot your computer in Safe Mode by doing the following: 1) Restart your computer 2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8. 3) Instead of Windows loading as normal, a menu should appear 4) Select the first option, to run Windows in Safe Mode. Once in Safe Mode, please double-click aproposfix.exe and unzip it to the desktop. Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts. When the tool is finished, please reboot back into normal mode, and post a new HijackThis log, along with the entire contents of the log.txt file in the aproposfix folder. Danny
  20. Dan

    Hijack Log

    Hi, Please rerun VundoFix and enter this for the 2nd filename: C:\WINDOWS\system32\tuxyb.* With the ".*". Also what do you mean you didn't get the virus thing to work? Danny
  21. Hi, Yes it would be safe to remove Weatherbug. Some consider it spyware, and it is an optional to remove. --------------- We have a couple of last steps to perform and then you're all set. First, let's reset your hidden/system files and folders. System files are hidden for a reason and we don't want to have them openly available and susceptible to accidental deletion. Click Start. Open My Computer. Select the Tools menu and click Folder Options. Select the View tab. Under the Hidden files and folders heading UNSELECT Show hidden files and folders. CHECK the Hide protected operating system files (recommended) option. Click Yes to confirm. Click OK. Next, let's clean your restore points and set a new one: Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected) 1. Turn off System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. Check Turn off System Restore. Click Apply, and then click OK. 2. Restart your computer. 3. Turn ON System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. UN-Check Turn off System Restore. Click Apply, and then click OK. System Restore will now be active again. Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs: SpywareBlaster to help prevent spyware from installing in the first place. SpywareGuard to catch and block spyware before it can execute. IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email. You should also have a good firewall. Here are 3 free ones available for personal use: Sygate Personal Firewall Kerio Personal Firewall ZoneAlarm and a good antivirus (these are also free for personal use): AVG Anti-Virus Avast Home Edition It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit Microsoft Windows Update monthly. And to keep your system clean run these free malware scanners AdAware SE Personal Spybot Search & Destroy weekly, and be aware of what emails you open and websites you visit. To learn more about how to protect yourself while on the internet read this article by Tony Klien: So how did I get infected in the first place? Have a safe and happy computing day! Danny Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.
  22. Hmm..I'm not too certain, but if you look on google something about CUE and BIN files. I can't find out how to create BIN files, but if you do, you need to burn the CUE file as the image. Danny