| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 106090 | 2009-12-26 04:07:00 | Hijackthis again. | B.M. (505) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 843139 | 2009-12-26 04:07:00 | I have a second hand computer that was given to me because it had all sorts of problems. :rolleyes: Anyway, to cut a long story short it had been onto every dodgy XXX sites available. Ok, I've cleaned out most problems but I'm stuck with a Hijackthis problem of site 206.161.125.149 having parked itself in a safe zone and Hijackthis is unable to remove it. Hijack this insists it's "Very Bad" and I'm inclined to believe it. :lol: So, has anybody else experienced this problem? Yes, if it was one I was going to use myself I'd have just formatted it before now but I'm interested is seeing just how good the various Virus/Malware/Add-ware programmes are. :D |
B.M. (505) | ||
| 843140 | 2009-12-26 06:57:00 | www.cybertechhelp.com Read from post 13 onwards :) |
Renmoo (66) | ||
| 843141 | 2009-12-26 18:03:00 | Thanks for that link Jamuz very interesting. :thumbs: In the end I figured I would try something myself so using regedit I found 206.161.125.149 and deleted it from there. Job done. :) Can't work out why Hijackthis couldn't fix it though. :confused: |
B.M. (505) | ||
| 843142 | 2009-12-26 21:49:00 | 206.161.125.149 is genuine it belongs to these: OrgName: Beyond The Network America, Inc. OrgID: BNA-42 Address: 450 Springpark PL Address: Suite 100 City: Herdon StateProv: VA PostalCode: 20170 Country: US |
Pancake (6359) | ||
| 843143 | 2009-12-26 22:08:00 | 206.161.125.149 is genuine it belongs to these: OrgName: Beyond The Network America, Inc. OrgID: BNA-42 Address: 450 Springpark PL Address: Suite 100 City: Herdon StateProv: VA PostalCode: 20170 Country: US That’s interesting. :confused: Hijackthis labelled it “Very Bad” must be removed. :confused: Wonder what goes on here given the number of other infestations in the computer. :rolleyes: |
B.M. (505) | ||
| 843144 | 2009-12-26 22:36:00 | When it comes to assessing malware HJT is is not a tool for removing it.Its only an indicator,and a small one at that,at to what is running at startup only.Even removing it from that log does not always stop things running.A lot of us who work malware forums dont even use it now. | Pancake (6359) | ||
| 843145 | 2009-12-26 23:09:00 | When it comes to assessing malware HJT is is not a tool for removing it.Its only an indicator,and a small one at that,at to what is running at startup only.Even removing it from that log does not always stop things running.A lot of us who work malware forums dont even use it now. What do you use now then |
Roger Hunt (13648) | ||
| 843146 | 2009-12-27 00:49:00 | We get the user to run DDS Deckard Scanner and from that log we see what, if any, program will be needed to remove the malware. | Pancake (6359) | ||
| 843147 | 2009-12-27 01:27:00 | We get the user to run DDS Deckard Scanner and from that log we see what, if any, program will be needed to remove the malware. Very interesting Pancake. Ok, what would your DDS programme have done with this 206.161.125.149? I appears to be a legitimate address, but what why would hijackthis declare it very dangerous? It’s gone now without any ill effects so far, but I'm curious as to what to trust and what not to. :confused: |
B.M. (505) | ||
| 843148 | 2009-12-27 02:11:00 | Very interesting Pancake. Ok, what would your DDS programme have done with this 206.161.125.149? It would have done nothing to it.Its all down to the analyst to assese the log and with his knowledge remove any offending files. |
Pancake (6359) | ||
| 1 | |||||