I just had a look around a site called 791224(dot)com and it's got 3 iframes with exploits at the moment. One of those has a CLSID of...
Hey - I'm sorry - the image wasn't showing the first time I looked at this one.
Patch to OpenBSD current - but I don't always follow my own advice. [img]
I'm not sure I understand your question
Perhaps the issue with not staying current is that the descriptions offered don't always seem to be the full story. There is a concern over what...
I'm less 'hot' on the idea of an overwritten ntkrnlpa after what you've said. I think it's probably there for this: (from the PAE link above)...
I notice that you have an AMD and might have hardware-enforced DEP as a result. Here's a PAE link...
The reason I asked, is that I think of ntkrnlpa.exe as the image for x86 systems with more than 4 GB of physical memory (PAE). It is possible, I...
Do you have a PAE system with more than 4G of memory? Have you noticed anything with the input method editor in the past? There has been some...
Here's a doc which atempts to explain disk arrangement on BSD systems...
It's not all that user friendly I guess - but what I've tended to use is http://www.cgsecurity.org/wiki/TestDisk There are several turotials...
http://www.openoffice.org/product/base.html is part of the package http://www.openoffice.org/index.html
If it's working correctly as indicated in http://www.danasoft.com/aboutdanasoft.php then you should actually be the only one seeing that
Re: Anything to this "Gromozon Rootkit" stuff? There's certainly something to it. I don't know if anyone is using blocklists on the gbeb. At...
I can't guess how it happened - but one of the things you could consider doing - is creating a user.js as an override for some of your prefs.js...
For windows XP or 2k the newer betas mention the card http://www.nzone.com/object/nzone_downloads_winxp_2k_32bit_91.33.html
Have you tried chkdsk /R ? (BartPE has a chkdsk somewhere in the menu) or is this something which will delete from a BartPE boot but reappears later?
the strings you mention look normal
I was musing elsewhere that perhaps the suggestion of a heavy-handed approach was initiated by the advertising arm of MSFT? [img] Without such a...
No, that doesn't look normal. It looks terminal :) That particular folder is one with a bogus view of the actual file structure (in explorer)...
Is there also a .pac file on the machine (eg. proxy.pac) ?
I guess that one has to wonder about the nature of verification and malware evolution. Does anybody think that in addition to breaking windows...
The mc21.tmp file is indicative of an older rootkit type of driver (Vanquish) but you have to watch out for the fact that there are actually a few...
[img]
Excuse me if it's already posted - didn't read the entire thread - but do you want a course in it?...
Separate names with a comma.