Guest abarcus@kent.edu Posted June 18, 2008 Posted June 18, 2008 When i run my spybot a message comes up that says warning it can't finish because I have a tojanC.sbi virus....can someone help please Quote
Guest abarcus@kent.edu Posted June 18, 2008 Posted June 18, 2008 here is my hijack log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:06:27 PM, on 6/18/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin \AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\SiteAdvisor\6261\SAService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform \VCSW\VCSW.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform \VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform \VzCdb\VzFw.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Mcafee\MWL\MwlSvc.exe C:\Program Files\Mcafee\MWL\MwlGui.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Apoint\Apntex.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\SiteAdvisor\6261\SiteAdv.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe c:\PROGRA~1\mcafee\msc\mcuimgr.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Ares\Ares.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://flashline.kent.edu/cp/home/loginf R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aim.com/get_aim/win/latest_win.adp R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxy.kent.edu/ F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C: \Program Files\SiteAdvisor\6261\SiteAdv.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53- A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C: \PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C: \Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C: \Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: (no name) - {F656101D-620F-43A4-BDB8-E334FF44B3C1} - C: \WINDOWS\system32\ssqpp.dll (file missing) O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor \6261\SiteAdv.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield \AzMixerSel.exe O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility \ISBMgr.exe O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery \PartSeal.exe O4 - HKLM\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS \W32X86\3\LXCFtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [iSUSPM Startup] C: \PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files \InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 - k O4 - HKLM\..\Run: [siteAdvisor] "C:\Program Files\SiteAdvisor \6261\SiteAdv.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime \QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes \iTunesHelper.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Policies\Explorer\Run: [{94CE46A6-06C0-1033-1130-050407200001}] "C:\Program Files\Common Files \{94CE46A6-06C0-1033-1130-050407200001}\Update.exe" mc-110-12-0000272 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF- AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C: \Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2- BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204 O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://games.pogo.com/online2/pogo/bejewel...aploader_v6.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: winosz32 - winosz32.dll (file missing) O22 - SharedTaskScheduler: {03413bf7-e34c-445b-bfc0-a2b127255871} - incestuously - (no file) O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files \Common Files\Apple\Mobile Device Support\bin \AppleMobileDeviceService.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel \Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver \11\Intel 32\IDriverT.exe O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin \iPodService.exe O23 - Service: lxcf_device - Unknown owner - C:\WINDOWS \system32\lxcfcoms.exe O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK \MBackMonitor.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C: \PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c: \program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C: \PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c: \PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C: \PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C: \PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel \Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files \SiteAdvisor\6261\SAService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C: \Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager \VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files \Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform- IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony \VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform- IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform- IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile- Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \Program Files\Viewpoint\Common\ViewpointService.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- End of file - 13208 bytes Quote
Guest jen Posted June 18, 2008 Posted June 18, 2008 <abarcus@kent.edu> wrote in message news:7505760d-d570-43f5-83da-4acf754020c4@p25g2000hsf.googlegroups.com...<span style="color:blue"> > When i run my spybot a message comes up that says warning it can't > finish because I have a tojanC.sbi virus....can someone help please</span> "You seem to be using a dated version of Spybot-S&D. Please download our current version Spybot - Search & Destroy 1.5.2. That should fix it. You will find links to several download locations for this new version on our web site: http://www.safer-networking.org/en/mirrors/index.html Please search for new updates after installing Spybot-S&D 1.5.2." http://forums.spybot.info/showthread.php?t=23527 DO NOT POST HijackThis LOGS IN NEWSGROUPS! -jen Quote
Guest David H. Lipman Posted June 18, 2008 Posted June 18, 2008 From: <abarcus@kent.edu> Either it is a Trojan or it is a virus, it is NOT both. Posting HJT this is not allowed in the Microsoft. hierarchy and is frowned upon in general on all Usenet News Groups. There are specialty, expert, forums geared towards the interpretation of HJT logs. You have two choices. The first is to run my Multi AV Scanning Tool. The second is to follow the directions in posting to an expert forum. #1 ------ Download MULTI_AV.EXE from the URL -- http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe http://www.pctipp.ch/downloads/dl/35905.asp English: http://www.raymond.cc/blog/archives/2008/0...virus-for-free/ To use this utility, perform the following... Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS } Choose; Unzip Choose; Close Execute; C:\AV-CLS\StartMenu.BAT { or Double-click on 'Start Menu' in C:\AV-CLS } NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your FireWall to allow it to download the needed AV vendor related files. C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS} This will bring up the initial menu of choices and should be executed in Normal Mode. This way all the components can be downloaded from each AV vendor's web site. The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC. You can choose to go to each menu item and just download the needed files or you can download the files and perform a scan in Normal Mode. Once you have downloaded the files needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key during boot] and re-run the menu again and choose which scanner you want to run in Safe Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode. When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help file. Additional Instructions: http://pcdid.com/Multi_AV.htm Please report back your results #2 ------ 1. Download and execute HiJack This! (HJT) http://www.trendsecure.com/portal/en-US/th.../HJTInstall.exe 2. Disable Notepad's word wrap: In Notepad.exe; Format --> uncheck; "Word wrap" 3. Download/run Deckard's System Scanner: http://www.techsupportforum.com/sectools/Deckard/dss.exe 4. Save the scan results (Main.txt and Extra.txt) 5. And then post the contents of Main.txt and Extra.txt in your post in one of the below expert forums... { Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! } Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner Logs. NOTE: Registration is REQUIRED in any of the below before posting a log Suggested primary: http://www.thespykiller.co.uk/index.php?board=3.0 Suggested secondary: http://www.bleepingcomputer.com/forums/forum22.html http://castlecops.com/forum67.html http://www.malwarebytes.org/forums/index.php?showforum=7 Suggested tertiary: http://www.dslreports.com/forum/cleanup http://www.cybertechhelp.com/forums/forumdisplay.php?f=25 http://www.atribune.org/forums/index.php?showforum=9 http://www.geekstogo.com/forum/Malware_Rem...o_Here-f37.html http://gladiator-antivirus.com/forum/index.php?showforum=170 http://forum.networktechs.com/forumdisplay.php?f=130 http://forums.maddoktor2.com/index.php?showforum=17 http://www.spywarewarrior.com/viewforum.php?f=5 http://forums.spywareinfo.com/index.php?showforum=18 http://forums.techguy.org/f54-s.html http://forums.tomcoyote.org/index.php?showforum=27 http://forums.subratam.org/index.php?showforum=7 http://www.5starsupport.com/ipboard/index.php?showforum=18 http://aumha.net/viewforum.php?f=30 http://makephpbb.com/phpbb/viewforum.php?f=2 http://forums.techguy.org/54-security/ http://forums.security-central.us/forumdisplay.php?f=13 -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest jen Posted June 18, 2008 Posted June 18, 2008 "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:O%23LGTAY0IHA.3680@TK2MSFTNGP05.phx.gbl...<span style="color:blue"> > From: <abarcus@kent.edu> > Either it is a Trojan or it is a virus, it is NOT both. > Posting HJT this is not allowed in the Microsoft. hierarchy and is > frowned upon in general > on all Usenet News Groups. There are specialty, expert, forums geared > towards the > interpretation of HJT logs. > You have two choices. The first is to run my Multi AV Scanning Tool. > The second is to > follow the directions in posting to an expert forum.</span> [snip] It's neither... It's a bug in Spybot which can be eliminated by updating Spybot... (see my previous post style_emoticons/ -jen Quote
Guest David H. Lipman Posted June 18, 2008 Posted June 18, 2008 From: "jen" <jen@example.com> | [snip] | | It's neither... It's a bug in Spybot which can be eliminated by | updating Spybot... | (see my previous post style_emoticons/ | | -jen | He, he, he.... Thanx! :-) -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest jen Posted June 18, 2008 Posted June 18, 2008 "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:OQhapyY0IHA.4084@TK2MSFTNGP05.phx.gbl...<span style="color:blue"> > From: "jen" <jen@example.com> > | It's neither... It's a bug in Spybot which can be eliminated by > | updating Spybot... > | (see my previous post style_emoticons/ > He, he, he.... > Thanx! :-)</span> YW, Dave style_emoticons/ -jen Quote
Guest dtaylor696 Posted September 3, 2008 Posted September 3, 2008 This should not be a lesson in language and to be so pedantic regarding a previous post but seemingly unaware that a choice has more than one outcome... so two choices four possible outcomes.. "David H. Lipman" wrote: <span style="color:blue"> > From: <abarcus@kent.edu> > > > Either it is a Trojan or it is a virus, it is NOT both. > > Posting HJT this is not allowed in the Microsoft. hierarchy and is frowned upon in general > on all Usenet News Groups. There are specialty, expert, forums geared towards the > interpretation of HJT logs. > > You have two choices. The first is to run my Multi AV Scanning Tool. The second is to > follow the directions in posting to an expert forum. > > #1 > ------ > > Download MULTI_AV.EXE from the URL -- > http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe > > http://www.pctipp.ch/downloads/dl/35905.asp > > English: > http://www.raymond.cc/blog/archives/2008/0...virus-for-free/ > > To use this utility, perform the following... > Execute; Multi_AV.exe { Note: You must use the default folder C:AV-CLS } > Choose; Unzip > Choose; Close > > Execute; C:AV-CLSStartMenu.BAT > { or Double-click on 'Start Menu' in C:AV-CLS } > > NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your > FireWall to allow it to download the needed AV vendor related files. > > C:AV-CLSStartMenu.BAT -- { or Double-click on 'Start Menu' in C:AV-CLS} > This will bring up the initial menu of choices and should be executed in Normal Mode. > This way all the components can be downloaded from each AV vendor's web site. > The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC. > > You can choose to go to each menu item and just download the needed files or you can > download the files and perform a scan in Normal Mode. Once you have downloaded the files > needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key > during boot] and re-run the menu again and choose which scanner you want to run in Safe > Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode. > > When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help > file. > > Additional Instructions: > http://pcdid.com/Multi_AV.htm > > > Please report back your results > > > #2 > ------ > > > 1. Download and execute HiJack This! (HJT) > http://www.trendsecure.com/portal/en-US/th.../HJTInstall.exe > > 2. Disable Notepad's word wrap: > In Notepad.exe; Format --> uncheck; "Word wrap" > > 3. Download/run Deckard's System Scanner: > http://www.techsupportforum.com/sectools/Deckard/dss.exe > > 4. Save the scan results (Main.txt and Extra.txt) > > 5. And then post the contents of Main.txt and Extra.txt in your post in one of the below > expert forums... > > > { Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! } > > Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner > Logs. > > NOTE: Registration is REQUIRED in any of the below before posting a log > > Suggested primary: > http://www.thespykiller.co.uk/index.php?board=3.0 > > Suggested secondary: > http://www.bleepingcomputer.com/forums/forum22.html > http://castlecops.com/forum67.html > http://www.malwarebytes.org/forums/index.php?showforum=7 > > Suggested tertiary: > http://www.dslreports.com/forum/cleanup > http://www.cybertechhelp.com/forums/forumdisplay.php?f=25 > http://www.atribune.org/forums/index.php?showforum=9 > http://www.geekstogo.com/forum/Malware_Rem...o_Here-f37.html > http://gladiator-antivirus.com/forum/index.php?showforum=170 > http://forum.networktechs.com/forumdisplay.php?f=130 > http://forums.maddoktor2.com/index.php?showforum=17 > http://www.spywarewarrior.com/viewforum.php?f=5 > http://forums.spywareinfo.com/index.php?showforum=18 > http://forums.techguy.org/f54-s.html > http://forums.tomcoyote.org/index.php?showforum=27 > http://forums.subratam.org/index.php?showforum=7 > http://www.5starsupport.com/ipboard/index.php?showforum=18 > http://aumha.net/viewforum.php?f=30 > http://makephpbb.com/phpbb/viewforum.php?f=2 > http://forums.techguy.org/54-security/ > http://forums.security-central.us/forumdisplay.php?f=13 > > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > > </span> Quote
Guest FromTheRafters Posted September 3, 2008 Posted September 3, 2008 "dtaylor696" <dtaylor696@discussions.microsoft.com> wrote in message news:5D9EC495-875F-4DB4-BCF9-3FFBC4B0B0AB@microsoft.com...<span style="color:blue"> > This should not be a lesson in language</span> It isn't, it is a lesson in terminology. It is impossible to have something that doesn't exist i. e. "trojan virus". The sad thing is that it is entirely possible a reputable AV scanner has labeled a detected malware as such. ....and trying to get everyone to use correct terminology is a lesson in futility. style_emoticons/) Quote
Guest David H. Lipman Posted September 4, 2008 Posted September 4, 2008 From: "dtaylor696" <dtaylor696@discussions.microsoft.com> | This should not be a lesson in language and to be so pedantic regarding a | previous post but seemingly unaware that a choice has more than one | outcome... so two choices four possible outcomes.. On the contrary, this is a lesson on malware. When one understands what malware is, one can be better apt at protecting themselves. All Trojans and all Viruses are malware. Howeverm, it is either a trojan or virus, not both. A Honda is a car. A Ford is a car. There are no Honda Fords. Viruses are malware that self-replicate and have some sort of payload. Trojans are malware that do not self-replicate and need assistance of some kind to spead and also have some sore of payload. Now it is possible to have a trojan infected with a virus. Take for example some forms of Zapchest. These IRC Trojans. I have seen the IRC Trojan files infected with the Virut virus. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest Sandy Mann Posted September 4, 2008 Posted September 4, 2008 David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:ers8YsiDJHA.4700@TK2MSFTNGP03.phx.gbl...<span style="color:blue"> > > A Honda is a car. > A Ford is a car. > > There are no Honda Fords.</span> Perhaps not but in the UK where "Hoover" as become a generic name for vacuum cleaner people tell you that they have an Electrolux Hoover! <g> -- Sandy Quote
Guest David H. Lipman Posted September 4, 2008 Posted September 4, 2008 From: "Sandy Mann" <sandymann2@mailinator.com> | David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message | news:ers8YsiDJHA.4700@TK2MSFTNGP03.phx.gbl... <span style="color:blue"><span style="color:green"> >> A Honda is a car. >> A Ford is a car.</span></span> <span style="color:blue"><span style="color:green"> >> There are no Honda Fords.</span></span> | Perhaps not but in the UK where "Hoover" as become a generic name for vacuum | cleaner people tell you that they have an Electrolux Hoover! <g> | -- | Sandy The reason for that is the same way Kleenex lost copy rights to the word as a brand name of a tissue. If a brand name becomes so common place in the public the company who owns the brand name can lose copy rights over said brand name. Instead of saying thaks for the tissue one might say thanks for the kleenex even though it is a different brand. The same goes for Xerox to a certain degree. I may go to a Kyocera copier and tell someone I'll xerox a copy for them. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest kurt wismer Posted September 5, 2008 Posted September 5, 2008 FromTheRafters wrote: [snip]<span style="color:blue"> > ...and trying to get everyone to use correct terminology > is a lesson in futility. style_emoticons/) </span> "correcting wrongs on the internet is like subtracting 1 from infinity"... -- "it's not the right time to be sober now the idiots have taken over spreading like a social cancer, is there an answer?" Quote
Guest FromTheRafters Posted September 5, 2008 Posted September 5, 2008 Thats a good one. Nice to see you post, kurt. "kurt wismer" <kurtw@sympatico.ca> wrote in message news:g9q4d4$3gd$1@registered.motzarella.org...<span style="color:blue"> > FromTheRafters wrote: > [snip]<span style="color:green"> >> ...and trying to get everyone to use correct terminology >> is a lesson in futility. style_emoticons/)</span> > > "correcting wrongs on the internet is like subtracting 1 from infinity"... > > -- > "it's not the right time to be sober > now the idiots have taken over > spreading like a social cancer, > is there an answer?" </span> Quote
Guest David H. Lipman Posted September 5, 2008 Posted September 5, 2008 From: "FromTheRafters" <erratic@ne.rr.com> | Thats a good one. | Nice to see you post, kurt. Certainly is... Kurt's presence on Usenet has been missed. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest Heather Posted September 6, 2008 Posted September 6, 2008 Hey Rafters!!! I was so glad to see you posting on here. This is a voice from the long gone past, lol. Been busy with other things, so lost track of a lot of folks. Hope all is well with you and family......all is OK here. Cheers....Heather "FromTheRafters" <erratic@ne.rr.com> wrote in message news:uRqRnF5DJHA.5316@TK2MSFTNGP04.phx.gbl...<span style="color:blue"> > Thats a good one. > > Nice to see you post, kurt. > > "kurt wismer" <kurtw@sympatico.ca> wrote in message > news:g9q4d4$3gd$1@registered.motzarella.org...<span style="color:green"> >> FromTheRafters wrote: >> [snip]<span style="color:darkred"> >>> ...and trying to get everyone to use correct terminology >>> is a lesson in futility. style_emoticons/)</span> >> >> "correcting wrongs on the internet is like subtracting 1 from >> infinity"... >> >> -- >> "it's not the right time to be sober >> now the idiots have taken over >> spreading like a social cancer, >> is there an answer?"</span> > > </span> Quote
Guest FromTheRafters Posted September 8, 2008 Posted September 8, 2008 How am I doing? style_emoticons/D I came here to learn how to top post! After a brief hiatus (or several even more brief hiatii - hiatuses) Nice to see you too, Heather. Hello. "Heather" <figgyd@nospam.invalid> wrote in message news:eHtUHnFEJHA.768@TK2MSFTNGP05.phx.gbl...<span style="color:blue"> > Hey Rafters!!! I was so glad to see you posting on here. This is a voice > from the long gone past, lol. > > Been busy with other things, so lost track of a lot of folks. Hope all is > well with you and family......all is OK here. > > Cheers....Heather > > "FromTheRafters" <erratic@ne.rr.com> wrote in message > news:uRqRnF5DJHA.5316@TK2MSFTNGP04.phx.gbl...<span style="color:green"> >> Thats a good one. >> >> Nice to see you post, kurt. >> >> "kurt wismer" <kurtw@sympatico.ca> wrote in message >> news:g9q4d4$3gd$1@registered.motzarella.org...<span style="color:darkred"> >>> FromTheRafters wrote: >>> [snip] >>>> ...and trying to get everyone to use correct terminology >>>> is a lesson in futility. style_emoticons/) >>> >>> "correcting wrongs on the internet is like subtracting 1 from >>> infinity"... >>> >>> -- >>> "it's not the right time to be sober >>> now the idiots have taken over >>> spreading like a social cancer, >>> is there an answer?"</span> >> >></span> > > </span> Quote
Guest Heather Posted September 8, 2008 Posted September 8, 2008 ROFL!! Remember how you all gave me heck for top posting on acv?? Well, now you see where I got it from. I detest bottom posting, to be honest. Hey, I think of you every time we watch that program with the one Canadian oriented question. You are so right......there is ALWAYS one. I took up designing and making jewellery and that consumes most of my time. Plus buying the bits and pieces on eBay, lol. Take care.....Heather "FromTheRafters" <erratic@ne.rr.com> wrote in message news:ePg1lZUEJHA.4904@TK2MSFTNGP06.phx.gbl...<span style="color:blue"> > How am I doing? style_emoticons/D > I came here to learn how to top post! > After a brief hiatus (or several even more brief hiatii - > hiatuses) > > Nice to see you too, Heather. > Hello. > > "Heather" <figgyd@nospam.invalid> wrote in message > news:eHtUHnFEJHA.768@TK2MSFTNGP05.phx.gbl...<span style="color:green"> >> Hey Rafters!!! I was so glad to see you posting on here. This is a >> voice from the long gone past, lol. >> >> Been busy with other things, so lost track of a lot of folks. Hope >> all is well with you and family......all is OK here. >> >> Cheers....Heather >> >> "FromTheRafters" <erratic@ne.rr.com> wrote in message >> news:uRqRnF5DJHA.5316@TK2MSFTNGP04.phx.gbl...<span style="color:darkred"> >>> Thats a good one. >>> >>> Nice to see you post, kurt. >>> >>> "kurt wismer" <kurtw@sympatico.ca> wrote in message >>> news:g9q4d4$3gd$1@registered.motzarella.org... >>>> FromTheRafters wrote: >>>> [snip] >>>>> ...and trying to get everyone to use correct terminology >>>>> is a lesson in futility. style_emoticons/) >>>> >>>> "correcting wrongs on the internet is like subtracting 1 from >>>> infinity"... >>>> >>>> -- >>>> "it's not the right time to be sober >>>> now the idiots have taken over >>>> spreading like a social cancer, >>>> is there an answer?" >>> >>></span> >> >></span> > > </span> Quote
Guest FromTheRafters Posted September 9, 2008 Posted September 9, 2008 "Heather" <figgyd@nospam.invalid> wrote in message news:O%23CLLJVEJHA.4872@TK2MSFTNGP03.phx.gbl...<span style="color:blue"> > ROFL!! Remember how you all gave me heck for top posting on acv??</span> Who --> me!? <span style="color:blue"> > Well, now you see where I got it from. I detest bottom posting, to be > honest.</span> I prefer inline comments. Things can get kinda jumbled though because of lack of snipping. <span style="color:blue"> > Hey, I think of you every time we watch that program with the one Canadian > oriented question. You are so right......there is ALWAYS one. > > I took up designing and making jewellery and that consumes most of my > time. Plus buying the bits and pieces on eBay, lol.</span> With rogers in your header, I might find your e-mail address on one of my old harddrives mightn't I? ....or are you with the ever so popular nospam.invalid ISP style_emoticons/) Quote
Guest Heather Posted September 9, 2008 Posted September 9, 2008 "FromTheRafters" <erratic@ne.rr.com> wrote in message news:Ofl$SDiEJHA.4960@TK2MSFTNGP05.phx.gbl...<span style="color:blue"> > > With rogers in your header, I might find your e-mail address > on one of my old harddrives mightn't I? ></span> Hmm....still with rogers but changed the first part. I see monad is no longer part of yours. If you spoke spanish, then all you would have to do is translate my last name, lol. However, David Lipman has my rogers one and I can be reached via gmail.....and then I would answer from my rogers one. With gmail, simply use heatherfig plus gmail dot com. Cheers.....Heather (does that address above work?? Nah, just describes your personality, lol) Quote
Guest RJK Posted October 21, 2008 Posted October 21, 2008 ....remember to NEVER buy a Dyson - Hoover <grin> seeing as the sod fired 500 employees and moved manufacturing to Pakistan or Timbucktoo ...or wherever it was ! regards, Richard "Sandy Mann" <sandymann2@mailinator.com> wrote in message news:OlawNZqDJHA.3576@TK2MSFTNGP05.phx.gbl...<span style="color:blue"> > David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message > news:ers8YsiDJHA.4700@TK2MSFTNGP03.phx.gbl...<span style="color:green"> >> >> A Honda is a car. >> A Ford is a car. >> >> There are no Honda Fords.</span> > > Perhaps not but in the UK where "Hoover" as become a generic name for > vacuum > cleaner people tell you that they have an Electrolux Hoover! <g> > > -- > > Sandy > > > </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.