Dragon

Trusted Helpers
  • Content Count

    973
  • Joined

  • Last visited

Everything posted by Dragon

  1. well you certainly have a mess there, lets get you cleaned up shall we. I believe you did a typo as you dont' have mxPMSPv.exe in your log, the file you might have meant to check out is a legit that would be MSPMSPv.exe You may want to print these out for reference as you are doing the steps since you will lose interenet connectivity during the cleaning stages. First I noticed you were running two (2) anti-virus programs, McAfee and Network Associates, please choose the one you would prefer to stay with and delete the other one. Having more then One Anti-Virus program can, and often will, lea
  2. hi welcome to Besttechie.net well you're correct in that being a mess. so lets get things started on the right foot. Please follow the instructions provided, you may want to print out these instructions and use them as a reference. Please download ewido anti-malware it is a free version of the program. Install ewido anti-malware When installing, under "Additional Options" uncheck..Install background guard Install scan via context menu [*]Launch ewido, there should be an icon on your desktop, double-click it. [*]The program will now open to the main screen. [*]When you run ewido for the first
  3. I must agree with jsbowen. looking good, I like the new logo
  4. no those entries are normal. if you disable them you will disable your computer. i'm not too sure on the spybot warning as I can't see the entire key that they are listing. could you run spybot again and then post what the entire key says. We may have to go into the registry to fix this problem depending on what it is.
  5. please post a fresh Hijack this log so I can look it over. I have never heard of Truesword before so this could be whats called a "false positive". I'll have the next, and hopefully, final step for you after you respond.
  6. well, you definately got something there, so liets get rid of it shall we. First let's show your hidden files and folders, open My Computer, then click on tools and select folder options next click on the view tab scroll down and find show hidden files and folder and click on the radio button next to it. close My Computer. Boot into safe mode start My Computer and then navigate to and delete this file: C:\WINDOWS\SYSTEM32\aswBoot.exe finally; Click Start > Run. Type regedit Then click OK. back up the registry before making any changes to it. Incorrect changes to the registry can result in
  7. ok, please do the WinpFind log as requested it sounds like we might be dealing with a hidden malware. you are correct about the newdotnet entry missing. that is odd that it disappeared on it's own. I forgot to mention in my last post after I saw you were using limewire that limewire is clean itself when it comes to the program, however the files you are downloading, sharing, etc are more than likely where you are getting your infections on your computer from. P2P programs open new doors for malware to come into your system no matter how protected it may be. the reason for this is because you a
  8. open FF and in the address bar typ the following: about:plugins This will tell you all the plugins you have. more than likely your missing the plugin you need for it. there should be a little drop down bar, like the IE ACtiveX warning one, that recommends you to install the specific plugin the site uses. here is a list of the most common plugins needed to see videos with FF Shockwave Flashapplication/x-shockwave-flash Macromedia Flash movie swf Yes application/futuresplash FutureSplash movie spl Yes Shockwave for Director application/x-director Shockwave Movie dir,dxr,dcr Yes Microso
  9. follow the advice given by mlegg. after that run Ewido and paste the log as well as a new HJT log.
  10. too be honest with you it's a wonder your online. I don't know exactly what your pc tech told you to remove, but he broke an LSP chain that we now have ot fix. please Download WindPFind Extract WinPFind.zip to your c:\ folder. Do Not Run it Yet Next,Please Download LSPFix from http://www.cexx.org/lspfix.htm and Run the Program. Disconnect from the Internet and close all Internet Explorer Windows. Check the "I know what I'm doing" Button and remove all traces of newdotnet3_88.dll. Reboot your computer into Safe Mode Then open c:\WinPFind and double-click on WinPFind.exe. When the program is o
  11. you said your tcp/IP is corrupted?? ok lets get you back on line, I hope you have floppy disk with you because I need you to get a file off the internet and put it on the disk. 1.) Download WinsockFix.zip. (by: Option^Explicit) 2.) UnZip WinsockFix.zip (Pay close attention to where the file is extracted to.) 3.) Run WinsockFix.exe. 4.) Click the Fix button. This program will clean up your TCP/IP connection and rebuild the database. After the program is complete, reboot and your problems should be resolved.
  12. doh!!! I didn't even think about looking at the IP. thats what I get for being rushed on this computer because my wife needed it for work. *Dragon slaps his head* Falcon24, you can remove those O17 entries using Hijack this. open Hijack this, click on scan only, next find the following entries and put a check next to them. Then with all browsers and windows closed, including this one, click on Fix Selected O17 - HKLM\System\CCS\Services\Tcpip\..\{2D368997-F85F-42D7-BE98-464F4CBB0195}: NameServer = 85.255.113.118,85.255.112.101 O17 - HKLM\System\CCS\Services\Tcpip\..\{453752DE-9C74-446B-98F1-A
  13. before we do anything. Are you located in Ukraine??
  14. looking good, only misnomers i find are listed below. first. that "interesting text color" can not be used on a white background. not only that it looks like something I used to clean out of my kids diapers. (think about it) second, the web site name is ComplHEX however your logo says CompHEX. you might want to fix that otherwise looks good. What made you decide to kill the original design???
  15. ok, it seems that those were missed when I did my first reply. Your suspisions are correct on them. fist do start>run after the box comes up type the following:services.msi Then find the entry for msctl32.dll. highlight it, then choose stop service. next you want to choose disable service. then using Hijack this as you did before put a check next to the following entries. Make sure all windows and browsers are closed, including this one, click fix checked O4 - HKLM\..\Run: [Microsoft Office] C:\WINDOWS\system32\msoff.exe O4 - HKLM\..\Run: [enewsletterpro] C:\windows\enewsletterpro.exe O20 -
  16. it's stating that because you didnt' close the tag. try to add this </tr></td> so it looks like this </tr></td> </table> <!--end of navigation menu --> on a preliminary look I think this will solve your error code you are recieving. I can't get a proper look at it as I am getting a javascript bug error on a missing file. and I don't want to hunt around your code to find it
  17. I know what you mean. Not to mention cross browser problems and css.... We use NAMO They do have templates included in the prorgram, and also have 1000's available for purchase. Clicky both sigs, they were made with NAMO. I love that program, too bad I can't afford it currently. until then I use Nvu on Linux, and Html Kit on Windows.
  18. Dragon

    New Pics!

    good god, it looks like a cardboard factory exploded in your room. and I thought my sons room was a mess.
  19. Spirritoo, could you post a Hijack this log in malware removal for review along with a startup list in the same topic. I'm not saying it is, but it could also be malware related. I do know there are malware out there that spybot, ad aware, AVG etc... don't recognize so they don't try to fix them.
  20. ok, first I want to apologize for the belated reply, I had family come in from out of town over the weekend. and to top things off for some reason I didn't recieve my notification that you had responded. second, I merged your two topics together since they are still dealing with the same problem. Please keep your posting to this one thread until we get you cleaned up Please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an X in the boxes, only next to these following items, then click fix checked. R0 - HKLM\Softwar
  21. you forgot it's also a great way to cover those rust holes in the old car as well as mend the that hole in the muffler that showed up 3 years ago.. Oh yeah and it's also good for repairing those occasional pin holes in the radiator hose
  22. hello and welcome to Besttechie.net well your log isn't too bad. However, for future posting please make sure word wrap is disabled in notepad prior to posting your log. otherwise there are spaces in the log that makes it hard to read. Please put Hijack This in it's own folder such as C:\HJT before you start. Hijack this makes backups and if you don't put it in it's own folder you can lose these backups. Please download CWShredder and save it to someplace you will remember like your desktop. hit ctrl-alt-delete and bring up the task manager. next click on the processes tab and find the followi
  23. congrats. a new baby is always a blessed joy to have around the house. enjoy it now, because when she is a teen it will get harder.
  24. so that we have a little better idea what we are looking for could you please tell us which file asquared is saying it is finding.
  25. yes the minimum to be shipped is 5 which is what i have. I have 3 more of the 5.10 versions available is anyone might be interested in getting one faster. Just pm me with info to send you one.