In article <197ci497cvgpsvsrnf16u3k8sksm1dkcft@4ax.com>, h@h.com says...
> On Thu, 20 Nov 2008 18:05:15 -0700, "Buffalo" <Eric@nada.com.invalid>
> wrote:
>
> >
> >
> >h@h.com wrote:
> >[snip]
> >
>
> >Why don't you try the latest MBAM and see what it finds? You don't have to
> >delete anything you find, as you well know.
> >Post back with the results (the log).
> >Hell, it won't cost you anything and it could benefit others.
> >Buffalo
> >
> I did download the latest version. When I tried updating, it told me
> I had the latest update.
>
> It, and all it's parts, are history since I reloaded a prior image
> back onto my C: drive.
>
> As far as I know, my comp is in fine shape. The Sunbelt firewall,
> along with Kaspersky and Spybot have not once warned me of a problem.
> My comp doesn't act strangely, nor does my firewall let anything out
> or in except the programs I'm using. Everything else is blocked. If
> there were something, wrong, I'd be experiencing strange happenings. I
> ain't. So, I'm not worried about it - no matter what some junkware
> proggy says is wrong.
>
> Until my comp starts showing problems, I'll believe it and my own
> judgment.

And if you check with other tools, since you stated MBAM found
something, you are likely to find out that your Personal Firewall and
your other lack of understanding have left you compromised.

I was on a compromised PC two days ago, nothing the user could tell -
the only way to spot it was a registry entry that kept recreating
itself. MBAM, KAS, SAS, Symantec Corp, McAfee, Sophos, nothing could
remove it, but there were no visible (to the operator) signs of it and
what it was doing. I cloned a known clean machine to that drive and it's
running fine.

So, again, your computer was compromised, you restored and image, you
appear to be unwilling to learn if the restored image was also
compromised.....

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)