Announcement

**foq** · 07-31-2007, 02:53 PM

Originally posted by joao93 View Post

Me no comprendo

**scar3crow** · 07-31-2007, 03:30 PM

Kill the BHO with HiJackThis, remove any occurrences of it from your startup list in msconfig, and if need be, killbox the actual dll?

Or you can just run Adaware in safe mode, go back into normal and see if its still happening. If it is, HiJackThis it (and if you've not used HJT before, it does not show you everything that is potentially wrong on your pc, it just gives you a lot of info. Look for a bho pointing to that dll).

**Canadian*Sniper** · 07-31-2007, 08:20 PM

Originally posted by unknown

The process belongs to the software ddayy.dll by unknown.

Description: File ddayy.dll is located in the folder C:\Windows\System32. Known file sizes on Windows XP are 692276 bytes (19% of all occurrence), 573492 bytes, 528404 bytes, 281652 bytes, 263220 bytes, 577588 bytes, 569396 bytes, 581684 bytes, 565300 bytes, 36877 bytes, 544788 bytes, 688180 bytes, 12813 bytes, 282164 bytes, 27661 bytes, 280608 bytes.
This .dll file is a Browser Helper Object (BHO) that runs automatically every time you start your Internet browser. BHOs are not stopped by personal firewalls, because they are identified by the firewall as your browser itself. BHOs are often used by adware and spyware. The unique ID of this BHO is 6DD0BC06-4719-4BA3-BEBC-FBAE6A448152 or 52B1DFC7-AAFC-4362-B103-868B0683C697 or 00DBDAC8-4691-4797-8E6A-7C6AB89BC441 or EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D or 75DC57F8-D831-4AB8-86B7-4F826F4A0873 or 67F5CF1D-2967-412C-8AF2-C2D6FEFEE36A or 6D33B121-5C4C-4450-9D1F-7B67085CC199 or 6F6BA872-FDB3-4C35-844B-CBE14CBA8187 or 7767B523-1FF6-4405-BF72-46F8057EF556 or 8202A279-097F-4DCF-8CDC-F8BD2B944545 or C5936F5C-EFFD-4304-B205-74E9175E410F or CD80F79E-675D-46B3-BEE2-21B1D37BC24D or F4ACBCF4-DE2B-4E21-844B-EBBB2D18EE9A or BCF8BF4C-6202-471A-AED2-6220423F57CD or E0E26D0F-5CE3-43EE-BC06-C372858112F2 or 1F7E7424-86C3-4043-86B6-081BA09E4001 or 99355A2E-996E-449D-A1EF-364BCBEE1A12 or 3E9FF2C2-F437-4E12-A15E-ABD82D52FEF7 or D10E4270-B826-4B36-A3B8-150FC471373D or F05FC5CB-9E0D-4A01-A85C-4BF5F830CDE3 or B85C4308-1ADB-457F-A81C-C9B6A6E7BDED or 98D1D66D-ED86-4B52-B839-EC39A581EE82 or B5D5CDD5-A817-4DE8-8836-4037E27BB877 or E77160CE-E83E-47B3-9364-76514243BD26 or 79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A or E291663A-2D6F-4B56-B9DF-AE239AEF6A5B or E321ACA5-B12F-4D2C-B786-23B0A559CB21 or A0F52105-E7F8-4760-86B2-7CAEA1AA7CF1 or 2353FCBC-012D-487B-8BF3-865C0929FBEB. There is no information about the maker of the file. The program has no visible window. The service has no detailed description. ddayy.dll is not a Windows core file. File ddayy.dll is an unknown file in the Windows folder. It is able to monitor Internet browser. ddayy.dll is able to monitor applications, manipulate other programs, record inputs. Therefore the technical security rating is 93% dangerous, however also read the users reviews.

Important: Some malware camouflage themselves as ddayy.dll, particularly if they are located in c:\windows or c:\windows\system32 folder. Thus check the ddayy.dll process on your pc whether it is pest. We recommend Security Task Manager for verifying your computer's security. It is one of the Top Download Picks of 2005 of The Washington Post and PC World.

http://www.file.net/process/ddayy.dll.html

**spooker** · 07-31-2007, 08:26 PM

jow you should run both adaware and spybot search and destroy once a month, unless you want to pay $50 for some big clunky piece of software. be careful with hijackthis-- the way to use that program is to have it scan your computer, then post the results on a knowledgeable forum (not here), and have wise people advise you what to do. don't play with hijackthis by yourself

**Baker** · 07-31-2007, 09:31 PM

http://housecall.trendmicro.com <-- kick ass online virus/malware scan from major corporate anti-virus vendor

**Net-Tyme** · 08-01-2007, 08:09 AM

Do what Baker says.. it gets rid of Malware and Spyware and does an anti virus check all at the same time.

**scar3crow** · 08-01-2007, 08:17 AM

Automatic scans like that work alright, but anything harsher than a fly and they generally fail. Like I said before, test it, scan in safe mode, reboot, see if it still shows up. If it doesn't, yay.

**Grim** · 08-06-2007, 02:00 PM

You could always "say no to porn".

**foq** · 08-06-2007, 02:13 PM

Originally posted by Grim View Post

You could always "say no to porn".

You should write a guide on smart browsing, I know you said something about not having a firewall on either tltq or singed.

**Grim** · 08-06-2007, 02:52 PM

Originally posted by the_f0qer View Post

You should write a guide on smart browsing, I know you said something about not having a firewall on either tltq or singed.

I did and still don't. I run a ven server w/out issues.

Even the most savy people can get scammed. Take for example, Cingular is now AT&T. Cingular has been famous for sending an email telling you that your bill is now available to be reviewed online. ATT hasn't sent anyone a customized emails regarding your bill. It still comes as Cingular, at least for me it does.

Some bright individual copied everything from Cingular's monthly email and put ATT logo with a click here to view your bill. Looks authentic enough that in your haste you click on it. You suddenly get brought back to earth when you realize what you just did. With one click, you've installed 3 nasties.

As far as joao93 is concerned, it could have come from anywhere, but this trojan would probably find it's way through an outdated Java app. Java Download if you think you need it. The java site has a "test if you think you have the latest installed blahblah" on the right hand side.

Fatal mistake people make when thinking they have it licked is they don't reset their System Restore Point then they wonder why this thing has creeped back on their machine.

Reset and Re-enable your System Restore to remove bad files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing them. This is the only way to clean these files. You will lose all previous restore points which are likely to be infected.

To reset your restore points, note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

Windows XP. I don't know about any others cause that's all I use.

1. Turn off System Restore.

*On the Desktop, right-click My Computer.
*Click Properties.
*Click the System Restore tab.
*Check Turn off System Restore.
*Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.

*On the Desktop, right-click My Computer.
*Click Properties.
*Click the System Restore tab.
*UN-Check *Turn off System Restore*.
*Click Apply, and then click OK..

Create a Restore point:
Click Start, point to All Programs, point to Accessories, point to System Tools, and then click System Restore.
In the System Restore dialog box, click Create a restore point, and then click Next.
Type a description for your restore point, such as "After Cleanup", then click Create.

Of course I partition my drive into 2. C & D. Only the system get's put on C and the data/games gets put on D. At any given time I can format my C drive and re-install the system w/out screwing up my data. After that I re-install games for registry purposes.

I'd continue but it's after 4:00 and time for me to go home. If I missed something I'll edit/proof read this tomorrow.

**Canadian*Sniper** · 08-06-2007, 03:39 PM

If you protect your computer very proficiently and people notice, they'll spend more time trying to crack into it. Take your house for example. You have a door leading to inside your house and you have a lock for it. Maybe two. Now picture a house with 5 locks, home security, etc. Makes you think there's something in there that the person wants to protect right? Whether that person does or doesn't but that's not the point. It gets the thief interested. Maybe that's a bad example but that's the whole mindset of a cracker.

The worst thing a company can ever do is publicly announce that they are 100% secure.

^ just adding on to grim's no firewall story. Of course I'd have to disagree with that decision because there are a lot of assholes out there that would notice and take advantage of it. You play WOW right? They could capture your account password and delete your characters

**spooker** · 08-06-2007, 08:07 PM

i see your argument snipes, but the analogy is a poor one. robers dont try to break in to more secure houses. they are in it to make a living, unlike hackers, who are in it just for fun/hobby/kicks/ego. a better comparison would be a kleptomaniac. i used to love stealing stuff for the challenge; ehh but its been awhile since i stole anything really good

**Baker** · 08-06-2007, 09:26 PM

Originally posted by Canadian*Sniper View Post

If you protect your computer very proficiently and people notice, they'll spend more time trying to crack into it. Take your house for example. You have a door leading to inside your house and you have a lock for it. Maybe two. Now picture a house with 5 locks, home security, etc. Makes you think there's something in there that the person wants to protect right? Whether that person does or doesn't but that's not the point. It gets the thief interested. Maybe that's a bad example but that's the whole mindset of a cracker.

Well, what's the expression -- nothing is ever fully secure but that doesn't mean you don't lock the front door. If the front door is locked and the windows are locked, most people move on.

The worst thing a company can ever do is publicly announce that they are 100% secure.

I guess that's true, because it sounds more like a challenge, but at the same time Macs and Linux have virtually zero exploits.

And most of the exploits for FireFox are silly like "if you drag drop such and such on a https site with such and such enabled in javascript with xxx plug-in".

grim's no firewall story.

If you have an NAT router, like a Linksys, until you have some sort of server setup or other inbound software, you have total in-bound protection.

Security exists, it is real and while there are few average people that really know enough to be sufficiently protected, if you have an elementary knowledge of how to secure a machine, it can be done.

I've set some people I know up and it basically takes them installing a tainted application (or running an exe email attachment out of ignorance) to have a problem.

Security by design/intent exists, just not in Microsoft products

**spooker** · 08-06-2007, 10:46 PM

Originally posted by Baker View Post

but at the same time Macs and Linux have virtually zero exploits.

despite this, it doesnt necessarily mean that macs and linux are more secure than windows in any objective sense. just the fact that theres so much more to be gained from hacking windows means that people will try to hack it harder. greater rewards leads to greater endeavor. im not sure about this argument

Announcement

Help (non-quake related)

Help (non-quake related)

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment