Dak

why should they have to? I'd guess that firefox are trying to encourage adherance to the w3c standards by refusing to incorrectly interpret HTML, even the common non-w3c HTML. Having said that, I believe that they do interpret some HTML in a non-w3c way...

thats the one reason that i havent even concidered opera over FF; the extentions are so useful. Having said that... half the memory... hmmm, might give it a try.

If you post the HijackThis log up, it should be possible to figure out what virus you have.

This bit seems especially dodgy...

Goto 'start > run' and type in 'regedit'. Up the top, under 'file', click 'export' to save a backup copy of your registry. Open up notepad and copy/paste the following into it; make sure that there is no space/blank lines before the 'regedit4' bit. goto file > save, select 'save as type' 'registry file (*.reg)', call it hdfx, and click save. now, double-click on hdfx.reg to merge its contents with your registry. then, run the kaspersky online antivirus scan, save a log from it and post it up so we know what remenants of haxdoor are knocking about the place. and... Download L2mfix from one of these two locations: http://www.atribune.org/downloads/l2mfix.exe http://www.downloads.subratam.org/l2mfix.exe Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop. Double click l2mfix.bat and select option #1 for Run Find Log by typing 1 and then pressing enter. This will scan your computer and it may appear nothing is happening, then, after a minute or 2, notepad will open with a log. Copy the contents of that log and paste it into this thread. Do NOT run option #2 if you receive, while running option #1, an error similar like: ''C:\windows\system32\cmd.exe C:\windows\system32\autoexec.nt the system file is not suitable for running ms-dos and microsoft windows applications. choose close to terminate the application.."...then please use option 5 or the web page link in the l2mfix folder to solve this error condition, and then try running option #1 again.

AFAIK, no-one knows the exact mechanisms... its a pretty safe assumption that the production of multiple HIV viruses kills many CD4+ cells, but it is thought there are probably other mechanisms at work; for example, its possible that failed infection attempts by HIV might leave gp120 on the surface of CD4+ cells, causing them to fuse with other CD4+ cells, rendering both cells inoperable; or that the body makes anti-(anti-gp120-antibody)-antibodys, which bind to CD4+ cells and mark them for attack by macrophages. Whatever the mechanisms, theres a pretty obviouse correlation between HIV infection and AIDS.

http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=PubMed&list_uids=10616359&dopt=Abstract just the first one that I found... HIV virions have definately been found in semen.

nice one herme3 The infection does some damage to your computer, and enteres regstry entries and the like... so theres still a little more to do to completely fix your computer (tho unrootkitting it was the hard part) If you want a hand finishing off, could you post up a new hjt log and a new rootkit revealer log please.

How inconvieniently bizzare... Could you ctrl+alt+delete to bring up the task manager, find the explorer.exe process, and tell me what it says next to it under the 'user name' colum. And your other questions: I dont know, but i have a test machine... if you could PM me the url you were at at the time, then i can check. Not sure im afraid.

Download and Save blacklight to your desktop. F-Secure Blacklight: http://www.f-secure.com/blacklight/try.shtml Double-click blbeta.exe then accept the agreement. if the option is there, leave 'scan through windows explorer' checked, click > scan then > next, You'll see a list of all items found. Don't choose for rename yet! I want to see the log first, because legit items can also be present there... There must be also a log on your desktop with the name fsbl.xxxxxxx.log (the xxxxxxx stand for numbers) Post the contents of the log in your next reply.

Go here and run this scan. Let me know what it finds. Microsoft - Malicious Software Removal Tool http://www.microsoft.com/security/malwareremove/default.mspx

Same as klaynos

Try this: You may want to print out these instructions for reference, since you will have to restart your computer during the fix. Please download AproposFix from here: http://swandog46.geekstogo.com/aproposfix.exe Save it to your desktop but do NOT run it yet. Then please reboot your computer in Safe Mode by doing the following: 1) Restart your computer 2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8. 3) Instead of Windows loading as normal, a menu should appear 4) Select the first option, to run Windows in Safe Mode. Once in Safe Mode, please double-click aproposfix.exe and unzip it to the desktop. Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts. When the tool is finished, please reboot back into normal mode, and post a new HijackThis log, along with the entire contents of the log.txt file in the aproposfix folder. Could I also have a new rootkit revealer log please.

I think this is the variant that you have: http://www.sophos.com/virusinfo/analyses/trojhaxdooram.html No, dont delete everything from the RKR log; some of it might be legit.

Herme3, I think you might have a root-kited variant of haxdoor. Please download rootkit revealer, scan with it, and after the scan has completed goto 'file > save' to save the report. Post the rootkit revealer report up for me to see please. I'd also like to point out that the newer haxdoor variants have a keylogger with them, so I'd advise refraining from online-banking for now.

---Jotti scan of 0.exe AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found BehavesLike:Trojan.WinlogonHook (probable variant) ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found a variant of Win32/Haxdoor Norman Virus Control Found nothing UNA Found nothing VBA32 Found Trojan-Downloader.Agent.87 (probable variant) --- Looks like most AV's are still having trouble with haxdoor. Herme3... I'd suggest downloading HijackThis from here (scroll down and click the button with a flashing green light next to it). Extract the program, run it, and select 'scan system and make a log'. Post the log up in this thread so we can see what we're dealing with.

http://www.scienceforums.net/forums/images/sfn/sfn-logo_old.jpg

oooh can we include bigmoosies jewish one in the randomiser? I dont know why, but it tickles me

Cheers guys. Words cannot express how happy I am that the sentance with the complicated terms included a clause that I dont need to understand them

Sorry; im a bit lost when it comes to hardware Can someone tell me if getting two*256MB, pcp133 SDRAM cards will be ok, or will there be any problems/do i have to make sure i get the correct voltage/anything else Here is some info about my PC: Cheers muchly.

Wow, its up! glad you guys liked it. And: nice jewish version, big moosie! just a thought: how easy would it be to copy the SFN template and whach big-moosie's image up on one template, so that we could chose christmas/hannika at SFN? m$ paint + shaky hands = hard to clip it down to the right size; soz.

All i want to say is that ku's pretty-much hit the nail on the head, imo.

Cheers all... plus, i'v joined the festive hat club m$ paint is teh way.

snow problem

i did just out of curiosity, have you figured out what is causing the curl-in error?