Discussion:
Advice needed
(too old to reply)
Milly Staples [MVP - Outlook]
2008-10-03 06:30:32 UTC
Permalink
Not an Outlook issue. Suggest you contact your web host.
--
Milly Staples [MVP - Outlook]

Post all replies to the group to keep the discussion intact.
How to ask a question: http://support.microsoft.com/KB/555375
i need help on my download scam site
the who is dns server is not working with my php database.
can anyone help?
you can email me directly or use this address
Address: Truda 14-1
City: Saint-Petersburg
State: Saint-Petersburg
ZIP: 188934
Country: RU
Phone: +7.9113234634
the site is
www.quicksoftupdate.com
thanks
Milly Staples [MVP - Outlook]
2008-10-03 06:38:00 UTC
Permalink
Then Peter, the responsible thing to do would be to delete the email and
leave the subject with your warning as the message body.
--
Milly Staples [MVP - Outlook]

Post all replies to the group to keep the discussion intact.
How to ask a question: http://support.microsoft.com/KB/555375
--
Peter
Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
Peter Foldes
2008-10-03 10:09:57 UTC
Permalink
I realized it as soon as I hit the send button. In my haste which happens more and more lately you could safely say I was not paying attention as usual.

Thanks Milly
--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
Post by Milly Staples [MVP - Outlook]
Then Peter, the responsible thing to do would be to delete the email and
leave the subject with your warning as the message body.
--
Milly Staples [MVP - Outlook]
Post all replies to the group to keep the discussion intact.
How to ask a question: http://support.microsoft.com/KB/555375
--
Peter
Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
David H. Lipman
2008-10-03 23:02:56 UTC
Permalink
From: "Milly Staples [MVP - Outlook]" <***@ever.com>

| Not an Outlook issue. Suggest you contact your web host.

| --
| Milly Staples [MVP - Outlook]

This wasn't an "email" that you eluded to and it wasn't a query for help.
It was a Social Engineering exploit to get people infected with a fake codec called
LPVideoPlugin and installs a BHO as...

C:\Program Files\LPVideoPlugin\5378.exe
C:\WINDOWS\system32\LPVideo.dll

HKLM\Software\Classes\AppID\{B90618AA-A0BF-41EE-8BDA-DC965B49042D}
HKLM\Software\Classes\AppID\LPVideo.DLL
HKLM\Software\Classes\LPVideo.XMLDOMDocumentEventsSink.1
HKLM\Software\Classes\LPVideo.XMLDOMDocumentEventsSink.1\CLSID
HKLM\Software\Classes\LPVideo.XMLDOMDocumentEventsSink
HKLM\Software\Classes\LPVideo.XMLDOMDocumentEventsSink\CLSID
HKLM\Software\Classes\LPVideo.XMLDOMDocumentEventsSink\CurVer
HKLM\Software\Classes\CLSID\{BEDA34FB-740D-4975-95DD-003A068CF999}
HKLM\Software\Classes\CLSID\{BEDA34FB-740D-4975-95DD-003A068CF999}\ProgID
HKLM\Software\Classes\CLSID\{BEDA34FB-740D-4975-95DD-003A068CF999}\VersionIndependentProgID
HKLM\Software\Classes\CLSID\{BEDA34FB-740D-4975-95DD-003A068CF999}\Programmable
HKLM\Software\Classes\CLSID\{BEDA34FB-740D-4975-95DD-003A068CF999}\InprocServer32
HKLM\Software\Classes\CLSID\{BEDA34FB-740D-4975-95DD-003A068CF999}\TypeLib
HKLM\Software\Classes\LPVideo.LPVideoPlugin.1
HKLM\Software\Classes\LPVideo.LPVideoPlugin.1\CLSID
HKLM\Software\Classes\LPVideo.LPVideoPlugin
HKLM\Software\Classes\LPVideo.LPVideoPlugin\CLSID
HKLM\Software\Classes\LPVideo.LPVideoPlugin\CurVer
HKLM\Software\Classes\CLSID\{724B80DE-D97A-4384-8960-6AF64CE5BBB3}
HKLM\Software\Classes\CLSID\{724B80DE-D97A-4384-8960-6AF64CE5BBB3}\ProgID
HKLM\Software\Classes\CLSID\{724B80DE-D97A-4384-8960-6AF64CE5BBB3}\VersionIndependentProgID
HKLM\Software\Classes\CLSID\{724B80DE-D97A-4384-8960-6AF64CE5BBB3}\Programmable
HKLM\Software\Classes\CLSID\{724B80DE-D97A-4384-8960-6AF64CE5BBB3}\InprocServer32
HKLM\Software\Classes\CLSID\{724B80DE-D97A-4384-8960-6AF64CE5BBB3}\TypeLib
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{724B80DE-D97A-4384-8960-6AF64CE5BBB3}
HKLM\Software\Classes\TypeLib\{A3433B72-420B-4074-81AA-BD253532C230}
HKLM\Software\Classes\TypeLib\{A3433B72-420B-4074-81AA-BD253532C230}\1.0
HKLM\Software\Classes\TypeLib\{A3433B72-420B-4074-81AA-BD253532C230}\1.0\FLAGS
HKLM\Software\Classes\TypeLib\{A3433B72-420B-4074-81AA-BD253532C230}\1.0\0
HKLM\Software\Classes\TypeLib\{A3433B72-420B-4074-81AA-BD253532C230}\1.0\0\win32
HKLM\Software\Classes\TypeLib\{A3433B72-420B-4074-81AA-BD253532C230}\1.0\HELPDIR
HKLM\Software\Classes\Interface\{F19273AA-BD78-4EEA-A783-6177F6A1A547}
HKLM\Software\Classes\Interface\{F19273AA-BD78-4EEA-A783-6177F6A1A547}\ProxyStubClsid
HKLM\Software\Classes\Interface\{F19273AA-BD78-4EEA-A783-6177F6A1A547}\ProxyStubClsid32
HKLM\Software\Classes\Interface\{F19273AA-BD78-4EEA-A783-6177F6A1A547}\TypeLib
HKLM\Software\Classes\Interface\{F9713375-EC34-4638-8176-7884D5CEF112}
HKLM\Software\Classes\Interface\{F9713375-EC34-4638-8176-7884D5CEF112}\ProxyStubClsid
HKLM\Software\Classes\Interface\{F9713375-EC34-4638-8176-7884D5CEF112}\ProxyStubClsid32
HKLM\Software\Classes\Interface\{F9713375-EC34-4638-8176-7884D5CEF112}\TypeLib


AhnLab-V3 2008.10.3.0 2008.10.02 -
AntiVir 7.8.1.34 2008.10.02 DR/Small.ght.7
AVG 8.0.0.161 2008.10.02 BackDoor.Generic10.MAB
BitDefender 7.2 2008.10.02 Trojan.Downloader.Zlob.ACJY
CAT-QuickHeal 9.50 2008.10.01 Backdoor.Small.fax
eSafe 7.0.17.0 2008.10.02 Win32.Small.ght
F-Secure 8.0.14332.0 2008.10.02 Trojan-Downloader.Win32.Agent.aigp
GData 19 2008.10.02 Trojan.Downloader.Zlob.ACJY
Ikarus T3.1.1.34.0 2008.10.02 Virus.Trojan.Win32.BHO.egw
K7AntiVirus 7.10.481 2008.10.02 Trojan-Downloader.Win32.Agent.hec
Kaspersky 7.0.0.125 2008.10.02 Backdoor.Win32.Small.ght
Microsoft 1.4005 2008.10.03 TrojanDownloader:Win32/Renos.M
NOD32 3490 2008.10.02 Win32/TrojanDownloader.FakeAlert.KG
Norman 5.80.02 2008.10.02 Malware.DJFR
Prevx1 V2 2008.10.03 Malicious Software
SecureWeb-Gateway 6.7.6 2008.10.02 Trojan.Dropper.Small.ght.7
Symantec 10 2008.10.02 Trojan.Dropper
TheHacker 6.3.1.0.098 2008.10.02 Backdoor/Small.foh
TrendMicro 8.700.0.1004 2008.10.02 TROJ_ZLOB.BYO
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Loading...