republican-creole
Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Fun with ( ÿþ ) well sort of ?
Search Topic:
Uniqs:
483		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Sandboxes - privacy Yes security ? »
« RootKit Detectors - Not all = !  
AuthorAll Replies


BillPStudios
Premium
join:2004-04-16
Scotia, NY

reply to SpannerITWks
Re: Fun with ( ÿþ ) well sort of ?

Hey Spanner,

As alwaysthank you for your support.

I'm more inclined to think that your ÿþ is just some kind of corruption in either the registry or on the hard drive.
Did you happen to notice if it was located in the Run registry or the Startup?

If you go to the Options page, click on History and it may contain more information.
If all the information isn't displayed you can look at the history file itself.
If you look in the WinPatrol folder there's a text file called "history.txt".

You can open this file with notepad and look at the information on the line with ÿþ you should be able to see if there was a full path or actual file name and also an indication of which Startup entry Scotty found it in.

If you can send a copy of that line from your history.txt file it might help.
Might even post it here so everyone who has offered to help can see what's going on.

Thanks again,
Bill
to forum · permalink · · 2006-09-05 13:59:45 · Reply to this

dave
Premium,MVM
join:2000-05-04
not in ohio
·Verizon Online DSL
·Verizon FIOS

reply to SpannerITWks
said by SpannerITWks See Profile :

Hmm Rusky ? interesting, hope it's not another " Brick in the Wall " lol.
Neither of those two characters are Cyrillic, i.e. "Russian". They're both Latin characters, i.e., as used in most Western European languages.

I'm not sure what languages use y-with-diaresis today, but it's just a 'y' with some punctuation on top.

Thorn is used in Icelandic (and old English, come to that).
to forum · permalink · · 2006-09-05 11:31:53 · Reply to this


SpannerITWks
Premium
join:2005-04-22

reply to SpannerITWks
onDvine

Yes good idea, i'll ask him to take a peek @ this thread.

dadkins

Hmm Rusky ? interesting, hope it's not another " Brick in the Wall " lol.

dave

No connection to another internal PC here, but it could have been an online one i suppose ?

Thanx to all for your insights so far. Any other info would be Very welcome !

Spanner
--
I Only Know What I Know, But I'm Learning all The Time - Stay Safe - Spanner intheWorks
/SpannerITWks
to forum · permalink · · 2006-09-05 11:24:31 · Reply to this

dave
Premium,MVM
join:2000-05-04
not in ohio
·Verizon Online DSL
·Verizon FIOS

reply to SpannerITWks
"Small y with diaresis, lowercase thorn" is ff fe in hex.

fffe and feff are byte sequence that happens to be used for byte-order detection in unicode text (thus facilitating data exchange between machines with different byte sex).

Looks like some bungled programming around some filename generation.

That doesn't exactly rule out malware, but I don't think the filename was deliberate. If legitimate, it's a lousy choice of name. If the intent is to hide, it's a lousy choice of name.
to forum · permalink · · 2006-09-05 10:14:43 · Reply to this


dadkins
Can you do Blu?
Premium,MVM
join:2003-09-26
Hercules, CA
·Comcast

reply to SpannerITWks
ÿþ - 4h in Russian?
to forum · permalink · · 2006-09-05 10:11:01 · Reply to this


onDvine
Premium
join:2005-01-29
So. CA, USA
clubs:
1 edit		reply to SpannerITWks
I don't know what it might be, Spanner, but since WinPatrol flagged it, you could send a message to Bill (at WinPatrol) and ask for his opinion. He got back to me promptly when I sent a question.
to forum · permalink · · 2006-09-05 10:06:31 · Reply to this


SpannerITWks
Premium
join:2005-04-22

 The wierdest thing happened to me yesterday, well maybe not The wierdest, but pretty damn wierd lol !

I got an alert from WinPatol, and Only WinPatol, saying on reboot this file - ÿþ - was due for either a NULL or Deletion, it didn't specify which. I quickly copied the file name down + saved it.

Anyways, that's strange i thought, as you would, so i Googled it. The only things that seemed mildy of any worth were connected with CSS + Outlook. Can't imagine what CSS would have to do with anything i had been doing, and i don't use Outlook or Outlook express either, in fact i have always disabled OE on every fresh install.

I did a full on Windows search for - ÿþ - but no show !

So intrigued by this i rebooted, well i couldn't believe what happened, but it did ! I got a Windows Log on PW prompt box ? that i eliminated ages ago on install, so i ESC out of that. Next " nice " surprise, the desktop appears in 680 x 640 mode ? Err, hello what's occurring here then ?

Didn't know to be honest lol, so i thought **** this 4 a lark + restored to a previous known good config. Did nuuuuuuumerous Scans/Searches/ etc etc + nothing dodgy or unusual etc @ all.

Can't say 100% that the - ÿþ - thingy caused this, but i don't know what else it could have been !

What do you make of that then, and does anybody know Anything about that mysterious file - ÿþ - ?

TIA

Spanner
--
I Only Know What I Know, But I'm Learning all The Time - Stay Safe - Spanner intheWorks
/SpannerITWks
to forum · permalink · · 2006-09-05 09:37:09 · Reply to this
Forums » Up and Running » Security » SecuritySandboxes - privacy Yes security ? »
« RootKit Detectors - Not all = !  

Saturday, 28-Nov 00:31:30 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.republican-creole
page compression OFF
Most commented news this week
· [121] Time Warner Cable Fires Broadside At Broadcasters
· [112] New AT&T Ad Campaign Hits Back At Verizon
· [95] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [70] TiVo Sees Record Customer Losses
· [69] In-Flight Internet Headed For Bumpy Landing?
· [64] Verizon CEO: Hulu Will Be Dead Soon
· [61] Thanksgiving Open Thread
· [43] Weekend Open Thread
· [40] EFF Wages War On Fine Print
Most people now reading
· Hacking.....seriously, how easy is it to get hacked? [Security]
· Why does it take so long? Mail question [General Questions]
· Review of Netgear DGN2000 ADSL/Wireless-N modem/router [Netgear]
· Windows 7 boot manager editing questions [Microsoft Help]
· 5 hour energy for diabetic [General Questions]
· So we need a legitimate reason to use a lot of bandwidth? [TekSavvy]
· HOW-TO: QoS and Tomato (fixes "choppy voice") [MagicJack]
· So! We've been busy the past few... months. [Home Repair & Improvement]
· Cable overbuild(maybe fibre) for Toronto and Surrounding [TekSavvy]
· Leveling to 85 [World of Warcraft]