| View previous topic :: View next topic |
| Author |
Message |
Spartacus
Guest
|
 Posted: Sun Jul 13, 2008 6:31 am Post subject: Google keeps redirecting to other websites |
 |
|
For about 3 weeks now, everytime I open google and click on a site, about
50% of the time I get redirected to some form of advertisement site. The
sites are always different. This is happening on two of my machines. One's
got XP Pro, the other's got Vista Home. I'm using Enternet Explorer on
both. I've got Kaspersky 7, but it's not picking up anything. I've dumped
my cookies and have even installed and used a program called "fixwareout",
but still have the problem.
Here's a copy of my Hijack This:
Logfile of HijackThis v1.99.1
Scan saved at 6:24:56 PM, on 7/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Eraser\eraser.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Garmin\gStart.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\honestech\honestech TVR\scheduleTV.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
G:\Hijack This.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://signonsandiego.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer -
{3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program
Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} -
C:\WINDOWS\system32\IETie.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program
Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software
Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive
Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Kaspersky] C:\Documents and Settings\All Users\Dati
applicazioni\Kaspersky Lab\KAV Personal Pro\5.0\Save Kaspersky.bat
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows
Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus
7.0\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero
BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
/background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Evidence Eliminator] C:\Program Files\Evidence
Eliminator\ee.exe /m
O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft
ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME
2\HOMERunner.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe"
ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft
Office\Office\OSA.EXE
O4 - Global Startup: Scheduler for OEM.lnk = C:\Program
Files\honestech\honestech TVR\scheduleTV.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics -
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Create Mobile Favorite -
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1132130850109
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: xejabwjw - {4f2c9005-b80e-42ec-8568-9bebf7606ad9} -
C:\Documents and Settings\All Users\Application Data\xejabwjw.dll
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program
Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. -
C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development
a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program
Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - Unknown owner - C:\Program
Files\ewido\security suite\ewidoguard.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe |
|
| Back to top |
|
 |
| |
Ads |
Advertising
Sponsor
|
|
Leythos
Guest
|
| Posted: Sun Jul 13, 2008 6:38 am Post subject: Re: Google keeps redirecting to other websites |
|
|
In article <cWcek.6228$VN1.3997@newsfe11.phx>, not@real.com says...
| Quote: |
For about 3 weeks now, everytime I open google and click on a site, about
50% of the time I get redirected to some form of advertisement site. The
sites are always different. This is happening on two of my machines. One's
got XP Pro, the other's got Vista Home. I'm using Enternet Explorer on
both. I've got Kaspersky 7, but it's not picking up anything. I've dumped
my cookies and have even installed and used a program called "fixwareout",
but still have the problem.
|
Why have you not run Adware or SpyBot Search and Destroy?
http://www.download.com/Ad-Aware-2008/3000-8022_4-10045910.html?hhTest=1
http://www.safer-networking.org/en/download/index.html
Ignore anything or anyone pointing to/from pcbutts1.com: Do you really
want to trust someone that was banned from posting directly to Microsoft
Usenet servers, someone that has posted links to pornographic materials
on HIS WEBSITE, who's website is in the MVP HOST Block list, and who
provides a tool for your use that will block access to reputable anti-
malware sites without telling you he's doing it?
And do you really want to trust someone that has had to change their
posting identity after being busted by MS as a fake MVP?
--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address) |
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
The Real Truth MVP
Guest
|
| Posted: Sun Jul 13, 2008 7:12 am Post subject: Re: Google keeps redirecting to other websites |
|
|
For the XP box:
Have HJT fix the following line by placing a check in the box next to the
line and clicking on the fix checked button on the bottom.
O21 - SSODL: xejabwjw - {4f2c9005-b80e-42ec-8568-9bebf7606ad9} -
C:\Documents and Settings\All Users\Application Data\xejabwjw.dll
Next navigate to this location and delete the file xejabwjw.dll
C:\Documents and Settings\All Users\Application Data\xejabwjw.dll
Next download and run my Remove-it software, choose yes for all options when
prompted. Download it here http://pcbutts1.com/downloads/tools/tools.htm
You also may want to re-install your antivirus software as it appears to be
disabled.
For the Vista box:
Use my free FixIE Tool. Download it here
http://pcbutts1.com/downloads/tools/tools.htm
--
Ignore posts made by the person called Leythos, he is a stalker who's been
obsessed with me for years ever since I spurned his advances towards me.
"Spartacus" <not@real.com> wrote in message
news:cWcek.6228$VN1.3997@newsfe11.phx...
| Quote: |
For about 3 weeks now, everytime I open google and click on a site, about
50% of the time I get redirected to some form of advertisement site. The
sites are always different. This is happening on two of my machines.
One's got XP Pro, the other's got Vista Home. I'm using Enternet Explorer
on both. I've got Kaspersky 7, but it's not picking up anything. I've
dumped my cookies and have even installed and used a program called
"fixwareout", but still have the problem.
Here's a copy of my Hijack This:
Logfile of HijackThis v1.99.1
Scan saved at 6:24:56 PM, on 7/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
|
|
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
David H. Lipman
Guest
|
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
Leythos
Guest
|
| Posted: Sun Jul 13, 2008 5:56 pm Post subject: Re: Google keeps redirecting to other websites |
|
|
In article <mvdek.5198$cn7.4669@flpi145.ffdc.sbc.com>, toidi@tpap.com
says...
| Quote: |
Ignore posts made by the person called Leythos, he is a stalker who's been
obsessed with me for years ever since I spurned his advances towards me.
|
Do you really want to trust someone that was banned from posting
directly to Microsoft Usenet servers, someone that has posted links to
pornographic materials on HIS WEBSITE, who's website is in the MVP HOST
Block list, and who provides a tool for your use that will block access
to reputable anti-malware sites without telling you he's doing it?
And do you really want to trust someone that has had to change their
posting identity after being busted by MS as a fake MVP?
--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address) |
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
Spartacus
Guest
|
| Posted: Mon Jul 14, 2008 12:20 am Post subject: Re: Google keeps redirecting to other websites |
|
|
If I would have "bothered to ask"??? Nice attitude Dave. Who made you king
of this site?
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:1MOdnUgEk96Aa-TVnZ2dnUVZ_sednZ2d@giganews.com...
|
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
Beauregard T. Shagnasty
Guest
|
| Posted: Mon Jul 14, 2008 1:45 am Post subject: Re: Google keeps redirecting to other websites |
|
|
Spartacus wrote:
| Quote: |
If I would have "bothered to ask"??? Nice attitude Dave.
|
Posting HJT logs to Usenet pollutes the searching for the bits of
malware in your log. In fact, so many of you n00bs have posted logs, it
has become nearly impossible to use google group searches for anything
worthwhile any more.
| Quote: |
Who made you king of this site?
|
Site? <lol> This is not a site. It's Usenet.
Stop top-posting.
--
-bts
-Friends don't let friends drive Windows |
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
Wolf Kirchmeir
Guest
|
| Posted: Mon Jul 14, 2008 1:48 am Post subject: Re: Google keeps redirecting to other websites |
|
|
Spartacus wrote:
| Quote: |
If I would have "bothered to ask"??? Nice attitude Dave. Who made you king
of this site?
|
DHL posted good advice, and you pick on his (very mild IMO) chiding? You
done fergot the manners yer Pa taught you, sonny.
[...]
--
wolf k. |
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
The Real Truth MVP
Guest
|
| Posted: Mon Jul 14, 2008 1:57 am Post subject: Re: Google keeps redirecting to other websites |
|
|
That's pure unadulterated Bullsh*t BTS asshole. Google searches have never
been "clogged" up by HJT logs coming from these NG, never has and never
will. That stupid excuse was made up by people, like the idiot David Lipman,
who are not smart enough to analyze the logs so they made up an excuse not
to have read them. HJT logs are text just like every post in this NG and the
"are" allowed. David the idiot knows that because he tried to file a
complain about it a few years ago, my ISP told him to kiss their ass. Google
searches brings up forum posts and what difference does it make anyway. Now
fuckoff.
--
Ignore posts made by the person called Leythos, he is a stalker who's been
obsessed with me for years ever since I spurned his advances towards me.
"Beauregard T. Shagnasty" <a.nony.mous@example.invalid> wrote in message
news:g5dpgp$2em$1@registered.motzarella.org...
| Quote: |
Spartacus wrote:
If I would have "bothered to ask"??? Nice attitude Dave.
Posting HJT logs to Usenet pollutes the searching for the bits of
malware in your log. In fact, so many of you n00bs have posted logs, it
has become nearly impossible to use google group searches for anything
worthwhile any more.
Who made you king of this site?
Site? <lol> This is not a site. It's Usenet.
Stop top-posting.
--
-bts
-Friends don't let friends drive Windows |
|
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
Leythos
Guest
|
| Posted: Mon Jul 14, 2008 2:32 am Post subject: Re: Google keeps redirecting to other websites |
|
|
In article <FZtek.17632$Ri.15146@flpi146.ffdc.sbc.com>, toidi@tpap.com
says...
| Quote: |
That's pure unadulterated Bullsh*t BTS asshole. Google searches have never
been "clogged" up by HJT logs coming from these NG, never has and never
will.
|
More BS from the master of lies and incompetence.
Google provides search functions, if you enter something there is a good
chance that one of the Usenet mirrors will be picked in the google
results, it's very common. Any competent IT person knows this and that's
why they don't encourage posting of HJ Logs to Usenet.
--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address) |
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
Leythos
Guest
|
| Posted: Mon Jul 14, 2008 2:32 am Post subject: Re: Google keeps redirecting to other websites |
|
|
In article <FZtek.17632$Ri.15146@flpi146.ffdc.sbc.com>, toidi@tpap.com
says...
| Quote: |
Ignore posts made by the person called Leythos, he is a stalker who's been
obsessed with me for years ever since I spurned his advances towards me.
|
Do you really want to trust someone that was banned from posting
directly to Microsoft Usenet servers, someone that has posted links to
pornographic materials on HIS WEBSITE, who's website is in the MVP HOST
Block list, and who provides a tool for your use that will block access
to reputable anti-malware sites without telling you he's doing it?
And do you really want to trust someone that has had to change their
posting identity after being busted by MS as a fake MVP?
--
Leythos - spam999free@rrohio.com (remove 999 to email me)
Public Service Warning: Learn about PCButts before you trust:
http://www.velocityreviews.com/forums/t513604-author-of-removeit.html
http://www.google.com/search?hl=en&q=pcbutts1+thief |
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
Beauregard T. Shagnasty
Guest
|
| Posted: Mon Jul 14, 2008 2:52 am Post subject: Re: Google keeps redirecting to other websites |
|
|
PCButtface, masquerading as "The Real Truth MVP" wrote:
| Quote: |
That's pure unadulterated Bullsh*t BTS asshole.
|
You are the only one in these groups who wants to see HJT logs. Everyone
else says post them to a proper forum where expert help is available.
| Quote: |
who are not smart enough to analyze the logs so they made up an excuse
not to have read them.
|
Anyone can paste the log into HJT's web page, as you do.
http://hijackthis.de/
--
-bts
-Friends don't let friends drive Windows |
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
David H. Lipman
Guest
|
| Posted: Mon Jul 14, 2008 5:26 am Post subject: Re: Google keeps redirecting to other websites |
|
|
From: "Beauregard T. Shagnasty" <a.nony.mous@example.invalid>
| Spartacus wrote:
| Quote: |
If I would have "bothered to ask"??? Nice attitude Dave.
|
| Posting HJT logs to Usenet pollutes the searching for the bits of
| malware in your log. In fact, so many of you n00bs have posted logs, it
| has become nearly impossible to use google group searches for anything
| worthwhile any more.
The pollution of news group searches is just a small part of the "big picture" as there
are more reasons that are far more important. I will ellaborate...
1. HTTP based forums are moderated and controlled and thus eliminate the troll factor
and misinformation.
2. HJT logs are only a small part of analysis. It only provide an insight to simple
malware. It won't help where there are infections that are using kernel level
capabilities to hide such as drivers (eg., *.SYS files). One might remove a simple BHO
through HJT analysis but the person can still be infected. Usenet responses to such
problems would be infffective in these sistuations. Another exmple would where legitimate
files are Trojanized or replaced. For example take QTTask.exe from quicktime. It may
show up in in a HJT log and thus overlooked. However there are Trojans that will replace
the QTTask.exe with the Trojan EXE and the responder would have no way of knowing that.
3. Helpers in Expert Forums are trained in a malware university of sorts and can't
analyze logs until they graduate and the helpers are monitored by more exprienced
personnel to make sure the right responses and suggestions are provided.
4. Affected forum posters may be asked to submit samples of malware. These samples may
then be dissected and analyzed to provide a more deffinitive response. Addionally these
samples are provided to the various anti malware companies as well may be used for
improvements on anti malware utilities provided by expert forums such as with the
MalwareBytes Anti Malware (MBAM) utility.
5. Usenet is public and not only do affected individuals read the groups but so do the
malware authors. Expert forums may take a discussion of a particular nasty offline such
that malware authors can't read the responses and modify their malware to thwart their
removal. A pefect example would be the Gromozon malware. In this case the malware
authors were modifying their malware to be more evasive and effective in thwarting their
removal. Those posters who had Gromozon were taken to a private area where the malware
authors could no longer view removal instructions and thus the efficacy of expert forums
in helping the affected person to remove the malware was greatly increased.
So there are many *good* reasons why posting of HJT logs is not allowed on Usenet groups.
The most important is the personal 1-on-1 attention given to the affected poster to make
sure when the poster leaves the thread they are indeed clean of malware.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
The Real Truth MVP
Guest
|
| Posted: Mon Jul 14, 2008 8:34 am Post subject: Re: Google keeps redirecting to other websites |
|
|
Malware University Bwaaaaaaaaaaahaaaaaa! and just where is this university
located? my stomach hurts, where do you come up with this BS?
--
Ignore posts made by the person called Leythos, he is a stalker who's been
obsessed with me for years ever since I spurned his advances towards me.
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:8fidnaJIZ5qlAOfVnZ2dnUVZ_srinZ2d@giganews.com...
| Quote: |
From: "Beauregard T. Shagnasty" <a.nony.mous@example.invalid
| Spartacus wrote:
If I would have "bothered to ask"??? Nice attitude Dave.
| Posting HJT logs to Usenet pollutes the searching for the bits of
| malware in your log. In fact, so many of you n00bs have posted logs, it
| has become nearly impossible to use google group searches for anything
| worthwhile any more.
The pollution of news group searches is just a small part of the "big
picture" as there
are more reasons that are far more important. I will ellaborate...
1. HTTP based forums are moderated and controlled and thus eliminate
the troll factor
and misinformation.
2. HJT logs are only a small part of analysis. It only provide an
insight to simple
malware. It won't help where there are infections that are using kernel
level
capabilities to hide such as drivers (eg., *.SYS files). One might remove
a simple BHO
through HJT analysis but the person can still be infected. Usenet
responses to such
problems would be infffective in these sistuations. Another exmple would
where legitimate
files are Trojanized or replaced. For example take QTTask.exe from
quicktime. It may
show up in in a HJT log and thus overlooked. However there are Trojans
that will replace
the QTTask.exe with the Trojan EXE and the responder would have no way of
knowing that.
3. Helpers in Expert Forums are trained in a malware university of
sorts and can't
analyze logs until they graduate and the helpers are monitored by more
exprienced
personnel to make sure the right responses and suggestions are provided.
4. Affected forum posters may be asked to submit samples of malware.
These samples may
then be dissected and analyzed to provide a more deffinitive response.
Addionally these
samples are provided to the various anti malware companies as well may be
used for
improvements on anti malware utilities provided by expert forums such as
with the
MalwareBytes Anti Malware (MBAM) utility.
5. Usenet is public and not only do affected individuals read the
groups but so do the
malware authors. Expert forums may take a discussion of a particular
nasty offline such
that malware authors can't read the responses and modify their malware to
thwart their
removal. A pefect example would be the Gromozon malware. In this case
the malware
authors were modifying their malware to be more evasive and effective in
thwarting their
removal. Those posters who had Gromozon were taken to a private area
where the malware
authors could no longer view removal instructions and thus the efficacy of
expert forums
in helping the affected person to remove the malware was greatly
increased.
So there are many *good* reasons why posting of HJT logs is not allowed on
Usenet groups.
The most important is the personal 1-on-1 attention given to the affected
poster to make
sure when the poster leaves the thread they are indeed clean of malware.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
|
|
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
Leythos
Guest
|
| Posted: Mon Jul 14, 2008 8:38 am Post subject: Re: Google keeps redirecting to other websites |
|
|
In article <3Ozek.6613$vn7.4849@flpi147.ffdc.sbc.com>, toidi@tpap.com
says...
| Quote: |
Ignore posts made by the person called Leythos, he is a stalker who's been
obsessed with me for years ever since I spurned his advances towards me.
|
Do you really want to trust someone that was banned from posting
directly to Microsoft Usenet servers, someone that has posted links to
pornographic materials on HIS WEBSITE, who's website is in the MVP HOST
Block list, and who provides a tool for your use that will block access
to reputable anti-malware sites without telling you he's doing it?
And do you really want to trust someone that has had to change their
posting identity after being busted by MS as a fake MVP?
--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address) |
|
| Back to top |
|
|
| |
Ads |
Advertising
Sponsor
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
123 Attacks blocked
Powered by phpBB © 2001, 2005 phpBB Group
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
