Zaire

Members
  • Content count

    28
  • Joined

  • Last visited

About Zaire

  • Rank
    New Member
  1. This one is an odd... I was on my mac (iMac running the latest OS) and working away when I decided to check facebook. When randomly instead of seeing the usual Google listing for Facebook I was taken to a page of searches for the facebook pages of Dickey's Barbacue Pit. Having long used windows I suspected some kinda malware of adware. Especially as this had never happened before and I figured a blog post I read earlier may have had something infected in the background. Thing is I keep a pretty tidy browser (Firefox) and have noscript, adblock, and wot going. I did a sweet of my mac using assorted advice since macs don't really have services like Malwarebytes that anywhere near as reliable. Nothing came up. So I began to reload searches for Facebook in Firefox using google and...sure enough the same page filled with Dickey's Barbacure Pit would pop up. I tried it in Safari...and sure enough it happened. Given I had not used Safari at all save for downloading Firefox...I suspected something beyond a browser issue was going on. So I loaded up my window machine and ran a Malwarebytes scan as usual with nothing coming up. I tried to replicate this issue and sure enough it happened again. I suspected maybe a weird DNS issue...but it loosk clean and proper. So is this just a weird bug I'm getting via my ISP at the moment or something else? Cause at this point I'm at a loss of what to do. I checked browser plug ins, security scans, etc.
  2. Thank you for the help! I did a full scan and eveything came up clean. Seems it was a false positive. I restored the file did a quick MB scan and nothing came up. Seems the file is used by the network card on my laptop. It was located in the temp folder with the set up files for it. I'd disabled the card in the past due to issues with the software. This had happened before now that I think back only with a different part of the set up package. The file also looks to be associated with IP Camera software apparently. My guess is the file is just a part of certain set up packages for particular hardware. I checked the file on virus tool also. The detection ration was 0/46...so it seems the file is clean. https://www.virustotal.com/en/file/142e61f3cd4775648902b0eed5567e697f2d39c76d0aaedf6cfb282922ad61c4/analysis/1366749083/
  3. Hello, I did a typical quick scan and DevFind.exe came up in a temp folder. I ran a scan earlier and nothing came up. So I assume I got this via some site I visited (my guess it was a blog post I got a link to that turned out to be a conspiracy theory site....) Anyhow I let malwarebytes do its thing, quarantined it, rebooted and did another quick scan - nothing came up. I'm running a full scan now. Thing is I can't find ANYTHING credible about what this actually is. All that comes up are redflagged sites that WOT has in the red and all of them sound like infected sites themseleves. Has anyone heard of this?
  4. So as it all a false positive?
  5. I finished the full scan and Spyware.Password popped up again though it was related to Adobe Air and looks to be a false positive. Still I ran DDS just to be on the safe side. dds.txt attach.txt
  6. malwarebytes detected Sypware.Password earlier today. I let it clean the system and ran a quick scan right after. Seems to have done the job and I'm running a full scan now just to see if anything is left. I also updated java which I suspect was the root cause of allowing this problem to rise up. Is there anything I should doublecheck or do on top of letting malwarebyte's do it's thing?
  7. System - Win 7, Avast, Malwarebyte's PRO, Windows Firwall Earlier in the week I had some strange behaviour within Steam. It was a weird phishing attempt and I worried my system was infected by something. After numerous scans and search through setting nothing malicious has come up. Today another odd behaviour occured within Steam in which as I played one game another way trying to be downloaded. It took considerable effort to get the program to stop. Being it was Modern Warfare 3 a popular game account hackers want I got worried. I've gone through Steam Support and all those channels to resolve this. What I want to be sure of is that my system doesn't have some backdoor program or other compromising issue that may be allowing this to happen. Call it parinoia but I'd rather be sure my system isn't compromised as that could make any other efforts to quell these oddities pointless. I've already run full scans with nothing popping up so I'm a bit at a loss on where to begin.
  8. It may seem an unorthodox question at first but please bear with me. This is the only community I trust enough to get if not an answer a good theory. System: Win 7, running Malwarebytes and Avast with the default windows firewall. Recently I had a bizarre encounter with what I assume was a phishing attempt via Steam. I have gone through Steam help channels, but no help yet. First off my account wasn't stolen or hacked as I still retain control over it. I’m simply trying to get an idea what this could have been. This is what occured: I'd downloaded and played a bit of Deus Ex: Human Revolution. Upon exiting the game, the area within the Steam application (under the Store tab) normally displaying the games on sale was replaced by a strange "Account Warning" page. It was blue, white, and displayed worryingly enough the name on the credit card I'd last used to buy something. It was asking me to call or contact steam about my account. Having been a member since 2004 I'd never seen or heard of a page like this let alone such a warning. I didn’t click on anything within this strange page and my account does not currently have a credit card linked to it. Refreshing the Store tab got rid of this "warning" after about 2 quick attempts. I've not seen this warning since or been able to reproduce it. I'd looked around online and on the Steam forums but can find nothing about anything remotely like this. I SHOULD have got a screengrab, but I wasn't thinking clear enough to do that. I was in too much of a "WTF?" confusion about it all. I've since made necessary account changes as preventative measures. I’ve run Malwarebytes and Avast system scans with nothing malicious coming up. I can also access Steam without issue. It seems all is well, but I’m still perplexed and curious about anything like this given the nature of the program. My main question is - Has anyone experienced something like this? Be it with Steam or similar programs? What could cause this to happen? My theories are the following: I’d put the entire Steam directory on an exclusion list inside Avast after the last Steam update. Like many Avast was preventing Steam from updating and running. Unfortunately I’d forgotten about this. Since Steam is essentially a bit of a browser I assume something malicious snuck in causing what I saw. I’ve since removed it from exclusion within Avast. In testing out a mod for Shogun 2, maybe something malicious was in that mod exe.? I ran a scan of that exe. with nothing malicious coming up. It’s a pretty popular mod with many users and found nothing in regards to user complaints/issues. I know this is an odd question, but I really can’t think of another community able to give me an answer about something this bizarre. I'm keeping a watchful eye on my system but it's hard not to feel one is missing something. Thanks for any help. Someone on the Steam forum suggested that I may be a victim of dns poisoning. That I should check my dns settings and hosts file to see if there are any manual redirects. Worth a shot but how would I know exactly what to look for and would it be a good idea to flush my DNS cache?
  9. Hello, I ran dds. and attached the necessary files. I ran Malwarebytes after the initial quick scan that found the Exploit.Drop.3 tmp files. Nothing major came up after but it's better to be safe than sorry. I recently switched to Comodo firewall after having too many system slowdown and lock up issues with online armor and similar but less severe with zone alarm. Comodo seems to work the best on my system but if it allowed this to slip through just 3 days into use,then it has no value to me. Zone Alarm was the lesser evil between it and online armor and seemed to secure things well. Should I switch back now that the latest Malwarebytes seems to have solved its compatibility issues with it? UPDATE: I did a full system scan with Malwarebytes and nothing popped up. Should I assume all is well and this was just a weird tmp. file issue or should I perform deeper scans? attach.txt dds.txt
  10. I've read all the posts and will be trying some of them out to see if I can find a solution that works for me. I can get my system going but the minute I turn the protection module on and try to scan or update, system locks up and I have to do a hard reset. My guess is it's Zone Alarm and frankly I'm not surprised. I will uninstall it and try one of the listed alternatives. That program is a headache anyhow. I will report back to see if changing Zone Alarm fixes the issue. Any chances of the developers working on a firewall? I'd happily pay for a Malwarebytes endorsed firewall!
  11. Hello. I am running Malwarebytes on an XP SP3 system with Zone Alarm & Avast. All was working fine up until the latest Malwarebytes program update. I have uninstalled, run the cleaner exe, installed again - twice. The issue is with the update. Problem - Windows boots and loads malwarebytes then stops. I have to do a hard reset. I have had to go into safe mode to disable the start with windows option. I ran a scan fine in safe mode but am uncertain how well if at all a scan will run normally. I have read the other threads and the suggestions simply don't solve the issue. Any help would be appreciated though I suspect the update itself is the core issue. Thank you for your time.
  12. Hello, Currently I'm replacing my old system (winXP sp3 with ZA, Malwarebytes pro, & Avast as security) with a new Windows 7 system. It's a "gaming laptop" that I pretty much plan to do my 3D work on when I'm on the go. I do not plan to use this as my main system to go online with so I'd rather not bog it down with something like Zone Alarm. It slows too much down and makes even youtube streaming a hassle. If I simply have malwarebytes pro, avast, and the default Windows 7 firewall would that be enough? As I said I plan to use it online sparingly and want to minimize the performance hit some security suites cause. Also is it best to run malwarebytes updates in real time or is hourly or even just daily better? Thanks ahead of time!
  13. I was uninstalling old versions of Java and I got a warning from Malwarebytes that the above threat was trying to perform a malicious operation. So it does seem like this is indeed a false positive...any confirmation though would be appreciated.
  14. Hello. I ran a quick scan upon coming back to my system (WinXP SP3 with Malwarebytes PRO, Zone Alarm, & Avast all doing their thing...) and javacpl.cpl came up as a threat. In the quarantine area the vendor was listed as trojan.Dropper.pws but upon doing a removal and restart (and another quick scan) nothing came up. Doing a basic search about this "threat" it seems to be legit. I'm not really sure what I should do as a result. Should I just leave the file in quarantine or add it to my ignore list as it seems to be related to Java? Also in the log when this occured nothing seems to appear which is bizarre.
  15. Haha woops sorry about that. Im running XP SP3 currently.