Jump to content

Chrisssj2

Members
  • Posts

    12
  • Joined

  • Last visited

Everything posted by Chrisssj2

  1. Seems i found the issue haha. I excluded the website i was testing with. Everything works. I tried testing this test page. A difference I noticed is. with this page i get malwarebytes logo and text explanation. But with my website i am testing with. it just is blocked out. i get normal browser error no malwarebytes logo/text. If you know what I mean. But it is blocked regardless and i get a popup from malwarebytes with my website This is what I get with iptestmalwarebytes. This is what I get with my own website My question is, why is there such difference? Both are blocked so functionality is perfect. but why show malware text on one, but not the other?
  2. Thanks for the clarification. When I tested it earlier when using the premium version with these settings on, a website that was blocked and would trigger a malwarebytes page in browser, in an older version i believe it was 3.x something. No longer seemed blocked in the latest version with these functions on. Detection/filters or something different in the new version? Or any cause that might such behavour? What page could i visit to test the function and see if it is actually blocking.?
  3. I dont have any version installed anymore atm. I just installed the latest one like my OP post said and noticed some settings missing. Also previous websites i used to visit that would cause popup no longer seem to cause popup.
  4. I am not using this version. it is just a screenshot of the function I think i am speaking about. (it is what gives the popups in the right corner, right when you visit websites that might contain risk? ) If not plz correct me.
  5. Thank you so if your update package would be up to date but your component package for some reason would not be, this could lead to some stuff not being detected as malware?
  6. I see in the latest version the "malicious website protection" Nowhere to be found. Anyone any idea as to why this is?
  7. This is not really descriptive or telling much.. it is important how? What exactly does this part cover?
  8. I mean malwarebytes version speaks for itself client gui and options i assume. And the update package would be the anti spam malware defintions library. What about the component package though? What does this do?
  9. Can no one help me with this? I can't enter windows XP....
  10. This is the info I managed to save. Yesterday my pc suddenly rebooted and at login screen it had a message from windows, saying Services is shutdown Which is critical for windows etc etc. etc. So It rebooted again and again. I happend to login once quite fast, press ctr alt del and start services and i was saved though every action took 15 minutes... I searched registry for some time didn't see anything( well yeah looking in a hay stack) Then I rebooted and everything was OK again. I scanned and got this: ( or the morning before can't remember ) http://img36.imageshack.us/img36/1541/96877957.png http://img710.imageshack.us/img710/3671/45980645.png I think the morning i removed some, then evening got the reboot, and the next scan resulted nothing I think. Also searched with Spy-bot S&D latest + Housecall Trendmicro Anti_virus No results. Then later that evening my internet dc'ed meaning internet did'nt work (IE8, Firefox) But msn conversations were still ongoing and torrents were still receiving too I believe. So I went to sleep and shut off pc. Nex morning everything was OK untill the evening I got dc again... (did both scans again spybot s&D+ malmware , nothing..) I looked at my event viewer and saw this info: http://img30.imageshack.us/i/disc2c.jpg/ http://img30.imageshack.us/img30/4321/disc3w.jpg http://img710.imageshack.us/img710/531/disc4.jpg http://img684.imageshack.us/img684/3790/discm.jpg http://img268.imageshack.us/img268/5148/disc9.jpg http://img30.imageshack.us/img30/2618/disc67.jpg Hijack this log. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:52:36 PM, on 12/23/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\mmc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe C:\Documents and Settings\chrisssj4.EXPERIEN-18506F\Desktop\Masterbackup of all times\Snelkoppelingen\HiJackThis.exe O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (file missing) O23 - Service: Creative Audio Service (CTAudSvcService) - Unknown owner - C:\Program Files\Creative\Shared Files\CTAudSvc.exe (file missing) O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvsvc32.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 2696 bytes
  11. I know this doesn't contain the necessary information, But the point is, I was building up all my information, and my pc hang while scanning in this step: So I entered reset button on my pc. Download the following GMER Rootkit Scanner from here◦Download the randomly named EXE file to your Desktop. Remember what its name is since it is randomly named. ◦Double click on the new random named exe file you downloaded and run it. If prompted about the Security Warning and Unknown Publisher go ahead and click on Run ◦It may take a minute to load and become available. ◦If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan.. ◦In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ■Sections■IAT/EAT■Drives/Partition other than Systemdrive (typically only C:\ should be checked) ■Show All (don't miss this one) ◦Then click the Scan button & wait for it to finish. ◦Once done click on the [save..] button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post. ◦Save it where you can easily find it, such as your desktop ◦**Caution** Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries ◦Click OK and quit the GMER program. Note: On Firefox you need to go to Tools/Options/Main then under the Downloads section, click on Always ask me where to save files so that you can choose the name and where to save to, in this case your Desktop. So now when I start windows XP3 (the troubled OS) ( I have multi boot select by vistabootpro (im on win7 now) It gets dark and nothing happens, nothing loads, and F8 doesn't work either. So my info(all my scans etc.) is now under a Personalised XP account... I can't enter my files there... or is there a way to get in there still? I can't reformat since there are important files there. Need to recover at least the files if not the windows installation if possible. Any recommondations to try out? Thanks.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.