Joe9T Â Â 10 #61 Posted August 8, 2011 thought rapport was ok and trust worthy? Share this post Link to post Share on other sites Share this content via...
Joe9T Â Â 10 #62 Posted August 8, 2011 Damn, i was enjoying keeping up with this thread, now i'll have to go back to Sheffield/general discussions. Â glad you enjoyed it pal and it proves that Sheffield Forum is the don! :0) Share this post Link to post Share on other sites Share this content via...
waddler8 Â Â 10 #63 Posted August 8, 2011 Â thought rapport was ok and trust worthy? Â Â It is. As Rapport is usually recommended by Banks I assume you bank online. Â Filesharing/torrents are a known avenue for malware distribution. It wouldn't surprise me at all to find that this has come from something you've downloaded. Â I PM'd Russ (RJK3) when I saw the file to say it did look suspect prior to you uploading it to VT. Â "Total lack of information on it available via searches coupled with it being a .dll running from a location where executable code/data shouldn't really be running from." Â As you can see - Avast missed it, MBAM missed it and only 3 vendors picked up on it at VT. PCTools is owned by Symantec so you would expect similar detections as they'll share the same sigs & defs. Â What I meant by "=Trouble" is that downloading & Internet banking isn't something I'd do because the potential for infection is too great. Share this post Link to post Share on other sites Share this content via...
Joe9T Â Â 10 #64 Posted August 8, 2011 was it bad as although it was on my laptop mbytes kept blocking outward attempt to that web address that kept popping up all the time? Share this post Link to post Share on other sites Share this content via...
Joe9T Â Â 10 #65 Posted August 8, 2011 i really do not understand what was going off, but what you have advised has fixed it, whatever it was or was trying to do. Share this post Link to post Share on other sites Share this content via...
waddler8   10 #66 Posted August 8, 2011 It was definately bad. As per the link RJK3 gave: The Trojan monitors both Internet Explorer and Mozilla Firefox Web browsers and redirects searches made using the following URLs: search.live.com google.com yahoo.com bing.com  The threat may redirect these search queries to the following address: http://94.228.209.142  In your case it was attempting to redirect you to 212.95.32.134. MBAM's IP protection has that IP address in it's blocklist so was blocking any connection attempts. Share this post Link to post Share on other sites Share this content via...
Joe9T Â Â 10 #67 Posted August 8, 2011 Thank God that MBAM's protection was good then, but what would've happened if it hadn't blocked the attempts? Was it to gain passwords say for banking and other personal info or to literally crash my computer? Share this post Link to post Share on other sites Share this content via...
Joe9T Â Â 10 #68 Posted August 8, 2011 Good work chaps, i owe u Share this post Link to post Share on other sites Share this content via...
waddler8 Â Â 10 #69 Posted August 8, 2011 Was it to gain passwords say for banking and other personal info or to literally crash my computer? Â You really can't say for sure but I would think it unlikely. Simple search redirects like these are generally to force traffic to certain sites in an attempt to generate revenue for the site owners. Share this post Link to post Share on other sites Share this content via...