Banned IP Address, Maybe Trojanss and Worms!
in [Viruses]
|
From: David H. Lipman on 20 May 2010 22:23 From: "dwn" <ddwnns(a)nonet.net> | On Thu, 20 May 2010 11:09:02 GMT, sfdavidkaye2(a)yahoo.com (David Kaye) wrote: >>"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote: >>>If you use Wireless and it is NOT secured and you are the victim of WarDriving, >>> you really >>>are not that innocent as you are responsible for any/all activity on your >>> subscribed IP. >>I'm not convinced of that line of reasoning at all. If it were the case, >>companies such as McDonald's and Starbucks wouldn't have open wi-fi hotspots >>as part of their regular business plan. | It is not likely someone hijack my wireless ADSL. There are no wireless network | within range from my computer, none since I moved into the neighborhood and it | took more than thee weeks for my ISP to find a "PORT" for me. What do you mean... "There are no wireless network within range from my computer..." If you you are connected to DSL and have a DSL Modem+wireless router and the wireless has not ben secured, there does have to be a wireless network within range from your computer. Just someone with a notebook within range. It isn't too hard. Questions: Are you brodcasting your SSID ? Are you using WPA2 ? Are you using AES encryption or TKIP or TKIP and AES ? Are you using a strong pre-shared ASCII key greater than 10 digits ? Are the above questions understood by you ? BTW: You never respondec to your OTHER post. In fact, you really have provided much feedback to key-in the problem. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: David H. Lipman on 20 May 2010 22:26 From: "David Kaye" <sfdavidkaye2(a)yahoo.com> | Dustin Cook <bughunter.dustin(a)gmail.com> wrote: >>It's really not designed to run in safe mode; You should be using it in >>normal mode windows; so that windows loads all the drivers and provides all >>of the registry keys which are not necessarily online while in safe mode. | I have followed the Malwarebytes forums for quite some time and have never | seen anything from anyone at Malwarebytes telling people not to use it in safe | mode. I welcome anybody who works for MBAM to write me and tell me that what | I'm doing in ineffective or violates any intended purpose of the software. | What makes you think that MBAM will scan differently in safe mode than in | normal mode? The files that make up the registry haven't changed. The | drivers haven't changed. | Meanwhile, I have found that MBAM works much better and faster in safe mode | when particularly nasty malware has taken over a machine simply because | Windows is not loading the extra drivers, etc., nor is bogged down by | excessive CPU use. Dustin's response is spot-on. He and I have "insider" knowledge of the utility. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Dustin Cook on 20 May 2010 22:46 sfdavidkaye2(a)yahoo.com (David Kaye) wrote in news:ht46sq$6da$6(a)news.eternal-september.org: > "FromTheRafters" <erratic(a)nomail.afraid.org> wrote: > >>Some of the detection algorithms might involve having active malware >>to look at. Safe mode might not have loaded some aspects of the >>malware, so there would be no activity to observe. I *have* seen >>recommendations to run it in safe mode and *then* in normal mode. > > My impression is that MBAM does not look at activity but at pieces of > code. I have a CD with a bunch of hacking tools on it which I use in > my business. If I happen to have the CD in a machine when I'm doing a > MBAM scan, it'll see those tools as malware, even though they're not > active. MBAM looks at a variety of things; I can't get into specifics due to non- disclosure... but code is only one of them. >>....and no, I'm not employed by Malwarebytes and am looking forward to >>you getting your response from a representative. Please share with us >>whatever information they allow you to. > > Will do. You already did tho, from a former employee who was a researcher. AFAIK, The engine hasn't changed so the normal mode scan methodology still stands. Your ehh, personal opinions aside. -- Sometimes, I can't tell if life is passing me by? Or trying to run me over!
From: FromTheRafters on 20 May 2010 22:51 "dwn" <ddwnns(a)nonet.net> wrote in message news:ht4osb0aa1(a)news2.newsguy.com... > On Wed, 19 May 2010 20:52:46 -0400, "FromTheRafters" > <erratic(a)nomail.afraid.org> > wrote: > >>The reason I asked is because spamming from your IP address is not the >>same thing as spamming from your computer. Someone could possibly have >>been using your wireless access point to send spam from *their* >>computer >>using your IP address. Your detections seem to be for inactive >>malware - >>someones post of a script snippet. To get un-banned you will have to >>contact the entities that banned you. Usually, their web pages tell >>you >>how to do this. >> >>That said, it is *still* a good idea to run some antimalware scanners >>to >>be more confident that your machine is clean. >> > > Ran the following anti virus: > Avest full scan - about 2 hrs. > MS Essential full scan - more than 4 hrs > Stinger 1001896 - (I stopped it after 45 minute) > > The next day: (with both Avest and MS Essential off). > First Malwarebytes - about 45 minutes. > Follow by, SuperAntiSpyware - about 29 minutes That sounds pretty thorough. > Found nothing. I suspected nothing would be found. Do you know how to set up a wireless access point for security? My cable company supplied a wireless modem for me to set up, and made no mention of the fact that it was set with "user" as a username and "admin" as a password. In the setup I could select an encryption method and change from the default password for security. > Earlier, I received so many undelivered mails, > I did not take the time to find out who is blocking my email. > I will read each one carefully and contact them. I contact Surewest, > (paid email server) and wildblueworld administrator neither replied. Anyway, it is they that you will have to deal with. You tell them what you have done to correct the problem. > BTW, I am in a different time zone. So am I. :o)
From: dwn on 21 May 2010 00:35
On Thu, 20 May 2010 22:51:22 -0400, "FromTheRafters" <erratic(a)nomail.afraid.org> wrote: > I suspected nothing would be found. Do you know how to set up a >wireless access point for security? My cable company supplied a wireless >modem for me to set up, and made no mention of the fact that it was set >with "user" as a username and "admin" as a password. In the setup I >could select an encryption method and change from the default password >for security. I dare not make any changes for now. Nope, my ISP did all the settings on site. It's secure enuff for now. No wireless network in the neighborhood. I had too much problems getting a broadband here, so for now I have to assume I am safe. >> Earlier, I received so many undelivered mails, >> I did not take the time to find out who is blocking my email. >> I will read each one carefully and contact them. I contact Surewest, >> (paid email server) and wildblueworld administrator neither replied. > >Anyway, it is they that you will have to deal with. You tell them what >you have done to correct the problem. I will login, chat with Surewest at office hour time zone, if they can unblock me and maybe get others to do the same. I just download and have not install their free Kaspersky security software. I don't think it will be any better than Avest. I will decided after I chat with them, if I ever have the chance :-) thanks. |