Replies

Hi Jim :

It seems wise to me to try and determine IF it is legitimate or malware ;
Previous to this Post I have never referred anyone to “Yahoo Answers”,
but the info at http://answers.yahoo…09155529AAs6GwN
seems the Best Couse of Action .

I use Yahoo Email and that “exe” is NOT in my Task Manager; however,
I never have done an “Attachment” .

Since this is likely a Yahoo issue, I think Yahoo Answers is an excellent resource to cite. Good answer!

-- rc primak

I have to agree that if you need information or support on how Malwarebytes detects and scans hidden drives, the best bet is to submit a question or incident report through Malwarebytes’ forums. I have no insider or technical information about this program, although I use it on my computer. Malwarebytes does not see my Hidden Recovery Partition, but that partition is in a non-Windows file system (some sort of Xenix derivative).

-- rc primak

Check the size of your full image backups. They are probably getting larger. There is a certain amount of cleanup you can do, but Windows is always adding to such areas as the control sets, the Registry, Windows Side By Side (Win SxS) and in 64-bit editions, Windows On Windows (WoW), among other areas. So the size of the used space on the C:Windows drive would also show some increase, corresponding to the increase in time and size of backups. There’s not much, short of a Windows reinstall, that you can do about this. Just clean up as much as you can, and do keep deleting old System Restore Points. 64-bit Vista does expand its disk usage greatly more than 32-bit Vista, if that is relevant.

-- rc primak

MP3 is already a compressed format. You could not get much benefit from further compression. And reducing the bitrate significantly affects playback quality. The best bet is just to copy the MP3 files as-is. Even copying and recopying them will degrade playback quality, as MP3 is not a lossless format. But that’s your best bet. Today’s large hard drives are so cheap that space should not really be an issue. Just get a bigger drive or several smaller drives. If using DVD or CD as a backup medium, just bite the bullet and use more disks.

-- rc primak

The Facebook, Hotmail and related security/privacy issues did not so much involve account hacking, as phishing from address books. Addresses were harvested, and then used to phish others through fake invites and e-mails. Those responding got their own address books phished, and so on. This is unfortunately a widespread and so far unsolved issue with Facebook.

EDIT: To be fair, G-Mail and MySpace also have suffered from similar problems. G-Mail even has had the troubling practice of offering password hints for the ALTERNATIVE e-mail address (the one that they said was only for their use!). I don’t know whether these practices have been remedied, but G-Mail is a very likely source of hijacked info.

Full disclosure: I do have a G-Mail account of my own, because I had to get one in order to use Google BlogSpot for my own blog.

-- rc primak

Use ZoneAlarm as your firewall, and Malwarebytes for spyware, and you’re all set. Scan with MBAM immediately and get back to us as to what was found..

Hi Paul :

There are many security programs that are superior to Norton,
including the FREE Avast Antivirus Home Edition, available at
http://www.avast.com .

However, for your specific problem, I recommend you use the FREE
Version of “SUPERAntiSpyware”, available at
http://www.superantispyware.com .

This type of brand advocacy is irrelevant to the problem here, and is not appreciated.

What the issue is, is that we want to figure out whether the e-mail account was actually hijacked, or whether its address was “harvested” (or phished) somehow. If the address was not harvested, the e-mail account may have been compromised, and the owner of that account should contact the e-mail provider or close the account and open a new account. Which security program was used on the local computer is probably not an issue, as the e-mail address is already out there, unless it was the actual e-mail account which got hijacked.

However, do check for any possible keylogger or Trojan Horse on your local computer. Any good antivirus or anti-spyware program will do the trick. Probably scanning with two or more scanners is a good idea. If nothing shows up, report to your e-mail provider what has happened. If they do not find evidence of a hijacked account, there is no technical solution — you have been phished. Closing the account could stop its address from being used — eventually. But the e-mails will probably continue to be sent until that e-mail address is no longer valid. Maybe longer.

-- rc primak

If it’s only some sites and not others, I’d have you consider how recently you updated Java or JRE on your computer. The current version is JRE 6 or Java SE 6, Update 20. Some sites have not yet updated to be compatible with Update 20, or even the recent Update 19. Give them a week or so, and things may clear up. In any event, for security reasons, your Java should be Update 20 on your computer. Also double-check that Javascript is enabled in Firefox, and that the No Script add on is not an issue.

-- rc primak

I don’t know what the solution is, but it looks like your History items are not being properly saved. Check your History button after going to a few different web pages, and post back if anything — or nothing — is listed.

-- rc primak

We need to know how Java was disabled. Was it through the Java Control Panel or Console? Or through the browser controls? It makes a difference, as Java itself (through its Control Panel or Console) has controls which include disabling it entirely. The IE Java controls (through the browser) are many and do different things. Perhaps you could give us a rundown (or even a screen shot) of your current settings for Java and Java script in your Internet Zone? Then I can post with how my IE 8 Internet Zone is configured. Mine works. (Windows XP Pro, 32-bit, SP-3)

-- rc primak

Did you also remove the Adobe Download Manager? It’s a separate program in Add/Remove Programs. I think the messages may be coming from the Download Manager.

-- rc primak

Sounds like Freddie updated his video driver.

-- rc primak

First, when you look into the Windows Task Manager for CPU usage, you need to be in the Performance Tab. This will show a graphic of the total amount of CPU capacity which is being used. The Processes Tab shows the percentage of this amount of use which is being taken up by each process. System Idle will normally be the largest Process, at about 90 percent of the total CPU usage. But there’s nothing showing up here which indicates any processes taking up inordinate amounts or percentages of CPU capacity. So this is not the problem area.

Shutting down unnecessary processes seems not to have helped very much, so now we go on to drivers and hardware. Refreshing the CD/DVD driver in the Device Manager was suggested by Clint in Reply # 7. If that didn’t do the trick, we might look into your Registry for one of the common causes of CD/DVD related Windows XP problems . Please refer to my post in another thread about the “CDGone” articles. (This post) Especially important is the Microsoft “Fix It” link, as they will have you run a full diagnostic tool, which can catch a lot of different problems with the device, its drivers, or the Registry, all in one or two runs.

If anything in that series of fix-its works, what happened was that either VLC Player or some previous media burning program, has left behind in the Registry some bad values. There are also some Windows services which need to be turned on in order to burn media, but your problem happens when playing a DVD, so let’s not go there just yet. The correct Registry values will be restored by using one of the methods in my post. Post back if any of this helps.

-- rc primak

You need a pdf reader, not necessarily Adobe. Use Foxit Reader and skip all of Adobe’s security problems and constant updates.

OOPs, thought you said Adobe Acrobat. I lied

Rochelle, there’s no rule in the Lounge against just deleting your own posts, if this doesn’t disrupt the thread. Or, a Moderator can delete both posts for you.

I’ve deleted all or parts of my own posts on occasions.

-- rc primak

The reasons given at AskWoody.com for waiting to apply Microsoft patches do not include trying to run a “lean and clean” Windows XP. There are sometimes a few patches which are doing more harm than good, and there are times when some patches do not have in the wild exploits, so waiting for any bugs to show up may be prudent. But there is no reason to skip patches tom save hard drive space. And patches do not usually cause the type of bloat or “slow computer” problems users complain about. A “clean” and original and unpatched Windows XP computer will definitely not run faster than a fully-patched computer, if the patched PC is kept clean and defragmented, and if data are kept on a partition other than the C:Windows partition. The Windows Registry may benefit from the occasional cleanup, but this and system cleanup can be handled with CCleaner. Also, limit startups and your computer will run faster for longer.

All of the Microsoft patches ever issued for Windows XP would not cover more than a few gigabytes, if that. And most of us do not have them all, as only certain ones relate to our Windows configurations. Again, with hard drives running into the hundreds of gigabytes on even cheap laptops and netbooks, I see no reason to skip updates “to save space” or to “run a clean copy” of Windows XP.

-- rc primak

I recently ran fowl of Yahoo mail by running my Trillian Chat program in Kaspersky’s Sand Box, hehe, Trillian notifies new mail in Yahoo and had been opening yahoo from that notice. The other day Yahoo would no longer load correctly and thought showed Inbox it wouldn’t load so have since had to open new browser not running in Sand Box. I run IE in the sand box but have Firefox set as default, opening Firefox from within Trillian loads FireFox in Sand Box, seems can’t do that any more. Yahoo is surely the worst free mail service, have thought that since they deleted all my photo they had promised could have free upload for them, YAHOO Yahoo

Have you raised this issue with Yahoo? You may not be the only person using that combination of programs.

Both of you are apparently not aware of Yahoo’s policy about proxy servers. You are not allowed to access free Yahoo accounts via a proxy. That is to block Y-POPS and other pseudo-POP-3 clients from stealing POP-3 access to Yahoo free accounts (which do not have POP-3 access). You have to pay for a Mail Plus Account (like mine) to get POP-3 access legitimately. But even with paid Mail Plus accounts, proxy servers may still be blocked, especially ones which do not transfer the Yahoo ads along with the mail. Maybe Trillian Chat is also preventing Yahoo from fingerprinting your “browser” through which their services are being accessed. This information is being used now to target ads to free Yahoo customers. Still, I think the problem is that the ads are being blocked when Trillian Chat is used in this way.

I seriously doubt that the Yahoo Mail Team will improve their behaviors on these points anytime soon. The company is still hemorrhaging money, and the prospects for a friendly merger or takeover are looking pretty dim right now. Bing has not proven to be a profitable search partner, so we can all just hope we continue to get anything from Yahoo for a little while longer.

But, making our discontent heard is always our right, especially we who are paying for premium accounts.

If you want better Web Mail and POP-3 services, try an e-mail specialist. I’m using Fastmail.fm. They have free IMAP access and paid POP-3 access. And no ads and thus no games with browsers or add-ons. But the company is being merged or taken over, so prices may go up soon, and the free accounts may disappear.

-- rc primak