Jump to content


Honorary Members
  • Posts

  • Joined

  • Last visited

Everything posted by kpgumbo

  1. Hi, If you want to be sure you should upload the file to virus total.
  2. c:\windows\i386\csrss.exe Combofix deleted this file and after some research I see its called backdoor.ranky. I uploaded it to virustotal from the combofix quarentine and it got 0/41. Any ideas ?
  3. No detection By the way can I delete this file or is it important ?
  4. I just got a hit for it too. 4016 was clear and 4017 it was there !
  5. Ya you are being ignored on purpose !!! Forty minutes and you are complaining. Do you think people have nothing else to do ?
  6. Hi, last week my buddy has a rogue antivirus on his laptop. I managed to get rid of it for him using a guide from bleepingcomputer. I installed avira for him and ran that and it found a few more things. When I was finished with it I was happy enough that he was clean. However he got a phone call from someone claiming to be from onlinecomputerdoctors about an hour ago, who told him he was infected and asked him to open his event viewer. He refused and asked him to ring back again tomorrow. Has anyone ever heard of this before ? I think it must be related to the rogue he had, they must have been insde his computer and got his phone number there. Any Ideas ? I think i will call to him later tonight and post his logs to be on the safe side . Thanks in advance. kev
  7. Cool Ecard sho-dan. I'm already addicted to it How long is it going to take to post it to all my friends on Facebook ?
  8. This is class, the best xmas song ever haha ! No harm to Simon and his BIG ego !!! Its a pity that it wont get much air play though
  9. Ya I know how to do that thanks anyway !
  10. What i'm saying is that it would make it easier for you if you could use canned speeches for your replies. It would save alot of time and the links would be live too. I think it makes sense. thank you
  11. I think it would be a good idea to give volunteers access to canned speeches as well, as then everyone would be singing from the same hymn- sheet. Maybe in the honoury members area.
  12. If I were you I would go to virustotal.com and upload the partner.exe file there. It would only take a few minutes and would most lightly clarify it for you.
  13. @ noknojon As far as I am aware there is never a need to do a full scan with mbam as "a quick scan is a more powerful tool" I might be wrong but I'm sure someone told me that in this forum before !
  14. Thanks exile, I was beginnging to think it was a rootkit hiding from scans and recreating it self
  15. Hi, I Noticed to today that when I open my IE browser files such as this (~DF4B8E.tmp) open in the folder C:\documents and settings\user\local settings\temp. When I close the browser these files dissappear. I tried to upload some of the files to virus total but they are apparently empty. I also tried to scan one of the files with mbam but even though it does scan something I'm not sure if it scans the file because when the scan starts another file with a similar opens next to the one being scanned and closes right after the scan. I could open the file in notepad but only after renaming it. The content was all code so I could not understand it. I dont believe that I am infected as I've had no problems whatsoever. I will upload a screenshot of the folder and the file to see if anyone has any ideas. Thanks in advance screenshot.bmp strange.zip
  16. Hi and welcome, please follow the instructions on the following link. here. If you cant get the tools to work just put a description of the problems you are having . It might take a day or two to get a reply so be patient
  17. LOL, I thaught you meant I could win a holiday
  18. I presume that the malware fighting community will be keeping a close eye on iobit from now on especially as merijn said that they have stolen all the functionality of Hijackthis as well. Good to hear its over for a while at least !!!!!
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.