• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
ConfusedMonkey

HELP!

60 posts in this topic

Hi,

Your log is clean again ... good job!

 

Note: yes just simply "overwrite" the existing HOSTS file each time there is a new update, usually weekly. :wave:

Share this post


Link to post
Share on other sites

Thank you for your quick help. I installed the defenses but now am having problems downloading music from download.35mb.com. I have all of the required software and it worked before I installed the defenses but now it loads all the images with a little red x in them and when I click on a link to download an mp3 the little download button no longer appears. Why is this happening? Thank you.

Share this post


Link to post
Share on other sites

Hi,

am having problems downloading music from download.35mb.com
Because 35mb.com is not what it seems! It's listed in my HOSTS file and they are part of the reason your machine was infected. I downloaded their ".cab" file and once loaded it contact another site (impregnable.net) which downloads several other files. I then scanned those files at Jotti's Malware Scanner both files are infected!

 

Remember this:

I am getting a message at startup that states that I already have an updated version of iexplore.exe.

O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\iexplore.exe

Well guess what files were included?

impregnable.net/files/install.exe = TrojanDownloader.Win32.VB.dw

impregnable.net/files/iexplore.exe = Trojan.Win32.StartPage.kk

 

So in not being able to contact 35mb it saved you from being infected again!

 

Have HijackThis "fix" the following:

 

O16 - DPF: {AD8D3C68-0C60-4B53-8A9E-BC654BBB36FE} (download_35mb_com.applet) - http://www.35mb.com/downloadapplet.cab

 

Note: I'll be adding "impregnable.net" to my HOSTS file and it will reflect in the next update ...

Share this post


Link to post
Share on other sites

Wow. Thanks for the information. I deleted that last entry but I was just wondering if the mp3's I downloaded are infected or if they are okay.

Share this post


Link to post
Share on other sites

I was just wondering about the folder found earlier, the one that contained the mru folder. Is that malicious spyware that sends information to other computers or does it just monitor internally? I found out that the file was Big brother.

Share this post


Link to post
Share on other sites

Hi,

I have no idea about any other files you downloaded from there, but I wouldn't trust them ... as for the "mru" folder what else is located there? Try moving them to a Junk folder, then if nothing complain = delete them.

Share this post


Link to post
Share on other sites

Well, the mru folder was deleted but I found out that it was a paid program called big brother that someone purchased and installed off the internet. I was just wondering if this is malicious or since it is purchased if it is safe. Thank you.

Share this post


Link to post
Share on other sites

Glad we could help. :)

 

If you need this topic reopened, please request this by sending the moderating team an email with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0