mbyuser
-
Posts
270 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by mbyuser
-
-
i am going to ask someone else to help you understand about the yahoo. part
best wishes.
-
i do have a yahoo adddy.for at least 10yrs.its just new seciurty mesures imo.
if you are seriously worried contact yahoo.
-
well they shouldnt for sure ask for any passwords.if so thats deff a scam.
you dont need to read that email.its just a notice.
change your password if you wish,then you will recive a e.maill witch again you dont need to read.
if you think your acc has been hacked then report it to yahoo,theres addys for that.
imo thats just yahoo.nothing sinister.
-
there was no asking off any passwords was there?
yahoo would never do that.
more info on who is cc.yahoo-inc.com
-
oh i know know what your talking about now.
yahoo did update there info request,you could choose a q and give a awaser,two q`s all in all.
i rejected it myself until i was locked out for not doing so.
then i awansered the two questions and was allowed back in,i wasnt forced to give a 2nd e.mail addy thou,that was just a option.the two securtiy q`s wernt.
-
-
ive seen the e.mail from yahoo you decribe but i`ve never be forced to give a alternative e.mail addy.
the option yes but not forced.the e.mail from yahoo is normal thou if you do give a alternative addy.
-
thats good to know chimpy,as no dout i will be having a massive headache when my daughter brings her laptop around again.her mum just doesnt understand the need for security,alought shes her mum and i wont say a bad thing about her just simply i get dumped with a infected laptop about every two-four mths,and thats a good tool for cleaning out the rubbish before i start,thanks for the info.
-
i like this AFT for cleaning out temp files,also cleans out other files.with no harm.
it can be got from Atribune.org
direct link ; http://www.atribune.org/index.php?option=c...5&Itemid=25
a update is on the way btw version now stands at 3.0.0.2 supports I.E firefox opera
atm its still a solid program.
xp and windows 2000 only.
-
a rabbit goes into a pub and asks for a tosted cheese sanrnie,and a pint off ale.
the landlord brings out his ale and his toasted sarnie.
next day the rabbit goes back to the pub and asks for a toasted cheese and tomato sarnie,and a pint off ale.
well this goes on for about 7 days each time the rabbit asks for a differnt type toasted sarnie,and a pint off ale.
on the 8th day he drops dead,the landlord worries he gave him food poisoning and calls the vet.
its ok says the vet he died off mixatoasties.
-
it was on your comp executed or not it was there and was dected by malwarebytes.
you cant blame malwayrebytes for your friends actions.
really why are you blameing malwarebyes because you had a priate version on your comp.
thats your own fault,no one eleses.
if you hadnt let him put pirate stuff on your comp then you would never have had this problem.
-
any improvement is good news.
(think we all are in some way exile.)
-
i no longer need a reply to this question.
-
search and destroy is producing a 216 run time error,so i decided to to a online scan.
ive unilstalled search and destroy atm (tried reinstalling/checkdisk to no avail)
(however a few pps are saying the same thing since its latest updates,been waiting for a reply for 5 days,hence unistalling till i know more)
still panda online scanner found;
found;Bck/IRCBot.CPW Virus Latent
1. C:\WINDOWS\system32\bingoo.exe
Adware/Cres Adware Latent
1. C:\WINDOWS\STK02N\STK02NK.exe
i also installed java to check but nothing came up with kaspery after removing the trojan.
however panda did find entries in my system restore point witch kaspery didnt.
i since removed java.
the adaware comes with my cam software (ArcSoft\PhotoImpression) i forgot to remove it when i installed it,i ussaly do,but this time i forgot.
i was given the chance to "disinfect" C:\WINDOWS\system32\bingoo.exe
basicly it removed the file,dont think it removed the reg entries.
the adaware i would of had to pay for its removal so i simply removed the file,and delted the system restore points,because there was traces of the adaware there witch again i would have to pay for its removal.
my hi-jack logs looks clean still best post it.
where do i go from here?
ive used a online scanner and bar any reg entries i dont think i have probs however i am no expert at all,and dont know how much damage this has done,appertly it changes the hosts file,so i cant goto sites like kaspery however i could after removing the trojan,not sure if i could or couldnt before so i dont know about if the hosts file was changed or not.
i havent done a online scan in a while as i ive been rembering the webroot of old witch used to be a great product;however ive come to the conculusion its bloatware nowadays as it found nothing and has never alerted me to the adaware let alone finding the trojan.imo think i will change to nod32
does malwarebytes look for this trojan,i.e has my sytem been changed to hide this trojan,i know it uses stealth tactics.
do i have problems beyond this trojan is why i ask.
i know this is spread via e,mail however is it possible to it to attached to a pm?
i ask as i recived a pm (on another forum) witch was very suspected alou i am part of a med listery so it could of easily come from there however that pm was sent to all (piad) members of that forum so if thats possible i would be best to advise the others that also recived it,if its possible.
hijack-log;
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:19:19, on 02/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\lxdncoms.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark 2600 Series\lxdnMsdMon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://*.update.microsoft.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1235536745111
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1236469625250
O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
O23 - Service: lxdn_device - - C:\WINDOWS\system32\lxdncoms.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
--
End of file - 4170 bytes
-
@sho-dan
that explians a lot esp why i somtimes get them and somtimes dont.
also explians why (or seems to) delting them useing hijack this them doesnt result in a system error.
n/p bob~
happy for any input.
-
well i got strung along,thats a totly pointless joke,aint a sharp one am i.
:haha:
~
-
I had the same problem.
hi bob
you had the same problem,meaning you dont anymore?
if you dont can you provide more info?
thanks
-
i have never be able to get a reply to this;
what is this Zone.Identifier that apperars if i scan for ads useing hi-jack this.un-ticking the hide safe sytem entrires and i find a whole host off things ive downloaded with this attched.
what i find strange and confusing is if i use one version off f/fox i dont recive them,then they release a update and i do,then they release another update and i dont and so forth.
here is a example;
C:\Documents and Settings\name\Desktop\folder\AdbeRdr910_en_US.exe : Zone.Identifier (46 bytes)
C:\Documents and Settings\name\Desktop\folder name\ATF-Cleaner.exe : Zone.Identifier (26 bytes)
C
C:\Documents and Settings\name\Desktop\folder name\mrublastersetup.exe : Zone.Identifier (26 bytes)
C:\Documents and Settings\name\Desktop\folder\QuickTimeInstaller.exe : Zone.Identifier (46
now i can remove the Zone.Identifier with apperntly no system errors so i really dont understand what it is.
ive looked but the best i found was this would be resolved in I.E but it wasnt i still find them useing this version of fox or any version of I.E
-
i did wonder about this while drifting asleep;if there was a 3rd part av/firewall installed,i knew the one would be auto updates and wondered why malwarebytes was not recogising the 3rd party av/firewall.
glad you tacled this,your allways on the money as to speak;now i can go bak to sleep~knowing its in good hands~
just didnt like to think i had left a half assed awaser and a new comp was running with no av/firewall.
well i will get out the way and go to sleep.
-
ok,broken pencil who?
-
@ everyone:
Those findings are not actually false\positives or actual infections but rather settings which you have made and in some cases, malware also makes. So we scan those sections of the drive for changes which differ from default settings
Please see the link below for an explanation:
thats excutaly what i was trying to say only i didnt word it as well,will do next time.
-
who`s there?
-
malwarebytes is advising you you have ceratain seciurty functions disabled,by the sounds of it.
-
no m/tree
its a ducth cat that joins me at dinner time,when i am in holland.
just sits there never asking,just looking.
i do have some other ducks pics i need to resize.
do it soon.
host file hi-jack
in Malwarebytes for Windows Support Forum
Posted
i have the hostsman host file wich has mvp/hp hosts/ hp hosts partial/ hp ad and tacking and peter lowes hosts as well as spyblasters hosts and search and destroys hosts.
on a scan with search and destoy (spybot) i am getiing 9 entries flagged as being Microsoft.Windows.RedirectedHosts.
is this a incomplabilty issue with spybot or are theses really hi-jacked?
i dont want to post the entries in case someone whos not knollageble in antimalware decides to look at the sites as the sites might be classed as rouge witch i think they are and this is just spybot playing up and not a hi jack.
one off them really bugs me becuase it relates to the author off hi jack this in its name.
i know the author might have changed sites.
Merijn.nu being the real site.