Guest Hubert Rétif Posted September 15, 2008 Posted September 15, 2008 Hello, On many PCs (XP Pro SP2) by one of my customer and also by one of mines, I have shortly discovered the Trojan Zlob. By most of them it seems to be "inactive". Only on one PC, it has launch Popups trying to sell an "XP Security suite". Some of these PCs have no data exchange together. All are inside a VPN network. A scan with McAfee does not see it. I could only removed it with SpyHunter from Enigma Software company. Looking for more information about this trojan (from where is it mostly coming from, is it really dangerous), I did not found very much. Perhaps can someone tells more here. My main question: is Windows Defender a good solution for this kind of situation? Does it not need to much performance from the PC? Regards, Hubert Retif Quote
Guest Kayman Posted September 15, 2008 Posted September 15, 2008 On Mon, 15 Sep 2008 09:42:34 +0200, Hubert Rétif wrote: <span style="color:blue"> > Hello, > On many PCs (XP Pro SP2) by one of my customer and also by one of mines, I > have shortly discovered the Trojan Zlob. > > By most of them it seems to be "inactive". Only on one PC, it has launch > Popups trying to sell an "XP Security suite". Some of these PCs have no data > exchange together. All are inside a VPN network. > > A scan with McAfee does not see it. I could only removed it with SpyHunter > from Enigma Software company. > > Looking for more information about this trojan (from where is it mostly > coming from, is it really dangerous), I did not found very much. Perhaps can > someone tells more here. > > My main question: is Windows Defender a good solution for this kind of > situation? Does it not need to much performance from the PC?</span> No, WinDef wouldn't be able to remove this trojan. Don't know much about SpyHunter but David H. Lipman's MULTI_AV Tool can remove this rogue application... http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe http://www.pctipp.ch/downloads/dl/35905.asp English: http://www.raymond.cc/blog/archives/2008/0...virus-for-free/ Additional Instructions: http://pcdid.com/Multi_AV.htm ....as can: Malwarebytes© Corporation - Anti-Malware http://www.malwarebytes.org/mbam/program/mbam-setup.exe As a follow-up: Download and execute HiJack This! (HJT) http://www.trendsecure.com/portal/en-US/to...ckthis/download Please, do not post HJT logs to this newsgroup. Fora where you can get expert advice for HiJack This! (HJT) logs. NOTE: Registration is required in any of the below fora before posting a HJT log and read the 'stickies' (instructions/guidelines) for the respective HJT forum. http://www.theeldergeek.com/forum/index.php?showforum=29 http://forums.whatthetech.com/HijackThis_L...emoval_f27.html http://www.5starsupport.com/ipboard/index.php?showforum=18 http://www.bleepingcomputer.com/forums/forum22.html http://www.spywarewarrior.com/viewforum.php?f=5 http://www.thespykiller.co.uk/index.php?board=3.0 http://castlecops.com/forum67.html Once you system is considered 'clean' consider this: Routinely practice Safe-Hex. http://www.claymania.com/safe-hex.html Good luck style_emoticons/ Quote
Guest Leythos Posted September 15, 2008 Posted September 15, 2008 In article <OtYpcawFJHA.2456@TK2MSFTNGP06.phx.gbl>, retifhubert@remove.this.intergga.ch says...<span style="color:blue"> > My main question: is Windows Defender a good solution for this kind of > situation? Does it not need to much performance from the PC? > </span> Windows Defender has never been good for any reasonable protection. Use a quality full-time/resident scanner, unload/uninstall defender, and download MalwareBytes Anti-Malware From http://www.bleepingcomputer.com/ http://download.bleepingcomputer.com/malwa.../mbam-setup.exe -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam999free@rrohio.com (remove 999 for proper email address) Quote
Guest Hubert Rétif Posted September 15, 2008 Posted September 15, 2008 Thanks a lot Kayman and Leythos. If I have right understood what I have read, this trojan may not make much damage if the PCs are in a LAN, behind a good Firewall? So I have some time to remove it quietly... "Leythos" <void@nowhere.lan> schrieb im Newsbeitrag news:1221492271_2723@news.usenet.com...<span style="color:blue"> > In article <OtYpcawFJHA.2456@TK2MSFTNGP06.phx.gbl>, > retifhubert@remove.this.intergga.ch says...<span style="color:green"> >> My main question: is Windows Defender a good solution for this kind of >> situation? Does it not need to much performance from the PC? >></span> > > Windows Defender has never been good for any reasonable protection. > > Use a quality full-time/resident scanner, unload/uninstall defender, and > download MalwareBytes Anti-Malware > From http://www.bleepingcomputer.com/ > http://download.bleepingcomputer.com/malwa.../mbam-setup.exe > > -- > - Igitur qui desiderat pacem, praeparet bellum. > - Calling an illegal alien an "undocumented worker" is like calling a > drug dealer an "unlicensed pharmacist" > spam999free@rrohio.com (remove 999 for proper email address) </span> Quote
Guest Peter Foldes Posted September 15, 2008 Posted September 15, 2008 Hubert NO NO NO. You will have to remove it. It WILL make a lot (beacoup) of damage. Do not leave it on your computer -- Peter Please Reply to Newsgroup for the benefit of others Requests for assistance by email can not and will not be acknowledged. "Hubert Rétif" <retifhubert@remove.this.intergga.ch> wrote in message news:%23ynT740FJHA.4176@TK2MSFTNGP05.phx.gbl...<span style="color:blue"> > Thanks a lot Kayman and Leythos. > > If I have right understood what I have read, this trojan may not make much > damage if the PCs are in a LAN, behind a good Firewall? > > So I have some time to remove it quietly... > > > "Leythos" <void@nowhere.lan> schrieb im Newsbeitrag > news:1221492271_2723@news.usenet.com...<span style="color:green"> >> In article <OtYpcawFJHA.2456@TK2MSFTNGP06.phx.gbl>, >> retifhubert@remove.this.intergga.ch says...<span style="color:darkred"> >>> My main question: is Windows Defender a good solution for this kind of >>> situation? Does it not need to much performance from the PC? >>></span> >> >> Windows Defender has never been good for any reasonable protection. >> >> Use a quality full-time/resident scanner, unload/uninstall defender, and >> download MalwareBytes Anti-Malware >> From http://www.bleepingcomputer.com/ >> http://download.bleepingcomputer.com/malwa.../mbam-setup.exe >> >> -- >> - Igitur qui desiderat pacem, praeparet bellum. >> - Calling an illegal alien an "undocumented worker" is like calling a >> drug dealer an "unlicensed pharmacist" >> spam999free@rrohio.com (remove 999 for proper email address) </span> > ></span> Quote
Guest Leythos Posted September 15, 2008 Posted September 15, 2008 In article <#ynT740FJHA.4176@TK2MSFTNGP05.phx.gbl>, retifhubert@remove.this.intergga.ch says...<span style="color:blue"> > Thanks a lot Kayman and Leythos. > > If I have right understood what I have read, this trojan may not make much > damage if the PCs are in a LAN, behind a good Firewall? > > So I have some time to remove it quietly... > </span> NO NO NO NO - REMOVE IT NOW! Anything on your computer is now exposed to the malware creator and those that control it - everything is compromised until and possibly after you remove it and clean the computer. Only download software you can validate as uncompromised - in the case of non-vendor site you have no guarantee that the files are unmodified or uncompromised. Anyone providing a link to a non-vendors site with a direct download should not be trusted, the vendors sites are the safest place to download their application. No person of sound mind would download files from a hack site that requires a password to access the unknown files when they are available directly from the vendors. Always remember - only download files from Trusted Sites. The following links will take you to vendors sites for Spy Ware / Ad ware removal tools and also for Antivirus tools. After you install any of these applications and update them, run them in SAFE MODE to allow them to properly clean your system. First, make sure that your Java is updated to the latest version: http://www.java.com/en/download/index.jsp These sites are for downloading Anti-Malware and Anti-Spyware tools, in order that I would use them myself: Dave Lipman's tools: Download MULTI_AV.EXE from the URL -- http://www.pctipp.ch/downloads/dl/35905.asp MalwareBytes Anti-Malware From http://www.bleepingcomputer.com/ http://download.bleepingcomputer.com/malwa.../mbam-setup.exe -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam999free@rrohio.com (remove 999 for proper email address) Quote
Guest Hubert Rétif Posted September 15, 2008 Posted September 15, 2008 OK, I have understood the message. Merci! "Leythos" <void@nowhere.lan> schrieb im Newsbeitrag news:1221508074_2742@news.usenet.com...<span style="color:blue"> > In article <#ynT740FJHA.4176@TK2MSFTNGP05.phx.gbl>, > retifhubert@remove.this.intergga.ch says...<span style="color:green"> >> Thanks a lot Kayman and Leythos. >> >> If I have right understood what I have read, this trojan may not make >> much >> damage if the PCs are in a LAN, behind a good Firewall? >> >> So I have some time to remove it quietly... >></span> > > NO NO NO NO - REMOVE IT NOW! > > Anything on your computer is now exposed to the malware creator and > those that control it - everything is compromised until and possibly > after you remove it and clean the computer. > > > Only download software you can validate as uncompromised - in the case > of non-vendor site you have no guarantee that the files are unmodified > or uncompromised. Anyone providing a link to a non-vendors site with a > direct download should not be trusted, the vendors sites are the safest > place to download their application. > > No person of sound mind would download files from a hack site that > requires a password to access the unknown files when they are available > directly from the vendors. > > Always remember - only download files from Trusted Sites. > > The following links will take you to vendors sites for Spy Ware / Ad > ware removal tools and also for Antivirus tools. After you install any > of these applications and update them, run them in SAFE MODE to allow > them to properly clean your system. > > First, make sure that your Java is updated to the latest version: > http://www.java.com/en/download/index.jsp > > These sites are for downloading Anti-Malware and Anti-Spyware tools, in > order that I would use them myself: > > Dave Lipman's tools: > Download MULTI_AV.EXE from the URL -- > http://www.pctipp.ch/downloads/dl/35905.asp > > MalwareBytes Anti-Malware > From http://www.bleepingcomputer.com/ > http://download.bleepingcomputer.com/malwa.../mbam-setup.exe > -- > - Igitur qui desiderat pacem, praeparet bellum. > - Calling an illegal alien an "undocumented worker" is like calling a > drug dealer an "unlicensed pharmacist" > spam999free@rrohio.com (remove 999 for proper email address) </span> Quote
Guest David H. Lipman Posted September 15, 2008 Posted September 15, 2008 From: "Hubert Rétif" <retifhubert@remove.this.intergga.ch> | Hello, | On many PCs (XP Pro SP2) by one of my customer and also by one of mines, I | have shortly discovered the Trojan Zlob. | By most of them it seems to be "inactive". Only on one PC, it has launch | Popups trying to sell an "XP Security suite". Some of these PCs have no data | exchange together. All are inside a VPN network. | A scan with McAfee does not see it. I could only removed it with SpyHunter | from Enigma Software company. | Looking for more information about this trojan (from where is it mostly | coming from, is it really dangerous), I did not found very much. Perhaps can | someone tells more here. | My main question: is Windows Defender a good solution for this kind of | situation? Does it not need to much performance from the PC? | Regards, | Hubert Retif OK, others have answerecabout ZLob. Now I'll detail about SpyHunter. There are many questions about Enigm and its affiliates and their actions. Numerous web sites have cropped up with so called removal instructions for known and unknown malware. When they are known these site's removal instruction are often incomplete are there only to goad you into downloading the installer of SpyHunter which does a scan, finds stuff and then the software tells you if you want to remove them you have to but there products. Then there was the situation where affiliates were spamming the various malware removal forums. Basically they would create and account, invade a thread and do nothing more then suggest installing SpyHunter. There are very good and reputable products out there such as SuperAntiSpyware and Malware-Bytes Anti Malware. Both provide fre versions to remove malware and have a more advanced version which you pay for. While I won't say their actions are malicious, I will say their practices lean towards unethical practices all to bolster their bottom line of Enigma which is a publicly traded company. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest jen Posted September 16, 2008 Posted September 16, 2008 "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:uRQaH23FJHA.4176@TK2MSFTNGP05.phx.gbl...<span style="color:blue"> > OK, others have answerecabout ZLob. Now I'll detail about SpyHunter. > There are many questions about Enigm and its affiliates and their > actions. > Numerous web sites have cropped up with so called removal instructions > for known and > unknown malware. When they are known these site's removal instruction > are often > incomplete are there only to goad you into downloading the installer > of SpyHunter which > does a scan, finds stuff and then the software tells you if you want > to remove them you > have to but there products. > Then there was the situation where affiliates were spamming the > various malware removal > forums. Basically they would create and account, invade a thread and > do nothing more then > suggest installing SpyHunter. > There are very good and reputable products out there such as > SuperAntiSpyware and > Malware-Bytes Anti Malware. Both provide fre versions to remove > malware and have a more > advanced version which you pay for. > While I won't say their actions are malicious, I will say their > practices lean towards > unethical practices all to bolster their bottom line of Enigma which > is a publicly traded > company.</span> Enigma Software Group: Tracking the Hunter Part 2 By Steven Burn(mysteryfcm) - August 31st 2008: http://mysteryfcm.co.uk/?mode=Articles&date=31-08-2008 -jen Quote
Guest The Real Truth MVP Posted September 16, 2008 Posted September 16, 2008 The truth about the David Lipman Troll http://www.google.com/search?sourceid=navc...Extraordinaire+ The Troll has gone crazy http://pcbutts1-therealtruth.blogspot.com/ -- Ignore any posts made by the Stalker Leythos, he's still in love with me. He started stalking me after I spurned his advances towards me. He said he would stop Stalking me If I stopped mentioning his name. As you can see that does not work. He is a sick obsessive STALKER. "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:uRQaH23FJHA.4176@TK2MSFTNGP05.phx.gbl...<span style="color:blue"> > From: "Hubert Rétif" <retifhubert@remove.this.intergga.ch> > > | Hello, > | On many PCs (XP Pro SP2) by one of my customer and also by one of mines, > I > | have shortly discovered the Trojan Zlob. > > | By most of them it seems to be "inactive". Only on one PC, it has launch > | Popups trying to sell an "XP Security suite". Some of these PCs have no > data > | exchange together. All are inside a VPN network. > > | A scan with McAfee does not see it. I could only removed it with > SpyHunter > | from Enigma Software company. > > | Looking for more information about this trojan (from where is it mostly > | coming from, is it really dangerous), I did not found very much. Perhaps > can > | someone tells more here. > > | My main question: is Windows Defender a good solution for this kind of > | situation? Does it not need to much performance from the PC? > > | Regards, > | Hubert Retif > > > > OK, others have answerecabout ZLob. Now I'll detail about SpyHunter. > > There are many questions about Enigm and its affiliates and their actions. > > Numerous web sites have cropped up with so called removal instructions for > known and > unknown malware. When they are known these site's removal instruction are > often > incomplete are there only to goad you into downloading the installer of > SpyHunter which > does a scan, finds stuff and then the software tells you if you want to > remove them you > have to but there products. > > Then there was the situation where affiliates were spamming the various > malware removal > forums. Basically they would create and account, invade a thread and do > nothing more then > suggest installing SpyHunter. > > There are very good and reputable products out there such as > SuperAntiSpyware and > Malware-Bytes Anti Malware. Both provide fre versions to remove malware > and have a more > advanced version which you pay for. > > While I won't say their actions are malicious, I will say their practices > lean towards > unethical practices all to bolster their bottom line of Enigma which is a > publicly traded > company. > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > </span> Quote
Guest Malke Posted September 16, 2008 Posted September 16, 2008 The Real Truth MVP wrote: <span style="color:blue"> > The truth about the David Lipman Troll ></span> http://www.google.com/search?sourceid=navc...Extraordinaire+<span style="color:blue"> > The Troll has gone crazy > http://pcbutts1-therealtruth.blogspot.com/ > </span> I'm so sorry you are still feeling ill and need to stoop to this slander. I'm also sorry you are still calling yourself an MVP. It's been almost 4 years since your accident and I guess you never got over it. It must have damaged more than just your body, otherwise why would you do this sort of thing? Only someone really hurt in the soul would act the way you do. Malke -- MS-MVP Elephant Boy Computers - Don't Panic! FAQ - http://www.elephantboycomputers.com/#FAQ Quote
Guest The Real Truth MVP Posted September 16, 2008 Posted September 16, 2008 Something tells me that as holes like you don't know what you are talking about, you think you do but you don't. Please visit http://pcbutts1.com/downloads/fu.htm you might learn more about yourself. -- Ignore any posts made by the Stalker Leythos, he's still in love with me. He started stalking me after I spurned his advances towards me. He said he would stop Stalking me If I stopped mentioning his name. As you can see that does not work. He is a sick obsessive STALKER. "Malke" <malke@invalid.invalid> wrote in message news:eBY5F95FJHA.828@TK2MSFTNGP03.phx.gbl...<span style="color:blue"> > The Real Truth MVP wrote: ><span style="color:green"> >> The truth about the David Lipman Troll >></span> > http://www.google.com/search?sourceid=navc...Extraordinaire+<span style="color:green"> >> The Troll has gone crazy >> http://pcbutts1-therealtruth.blogspot.com/ >></span> > > I'm so sorry you are still feeling ill and need to stoop to this slander. > I'm also sorry you are still calling yourself an MVP. > > It's been almost 4 years since your accident and I guess you never got > over > it. It must have damaged more than just your body, otherwise why would you > do this sort of thing? Only someone really hurt in the soul would act the > way you do. > > Malke > -- > MS-MVP > Elephant Boy Computers - Don't Panic! > FAQ - http://www.elephantboycomputers.com/#FAQ > </span> Quote
Guest David H. Lipman Posted September 16, 2008 Posted September 16, 2008 From: "jen" <jen@example.com> | Enigma Software Group: Tracking the Hunter Part 2 | By Steven Burn(mysteryfcm) - August 31st 2008: | http://mysteryfcm.co.uk/?mode=Articles&date=31-08-2008 | -jen Thanx Jen. :-) -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest David H. Lipman Posted September 16, 2008 Posted September 16, 2008 From: "Malke" <malke@invalid.invalid> | I'm so sorry you are still feeling ill and need to stoop to this slander. | I'm also sorry you are still calling yourself an MVP. | It's been almost 4 years since your accident and I guess you never got over | it. It must have damaged more than just your body, otherwise why would you | do this sort of thing? Only someone really hurt in the soul would act the | way you do. Yeah he needs to see a doctor. http://en.wikinews.org/wiki/NASA_van_rolls...fornia_mountain http://groups.google.com/group/24hoursuppo...c09e346e00d408e 1. pcbutts1 Jul 28, 12:14 pm Newsgroups: 24hoursupport.helpdesk From: "pcbutts1" <pcbutts1@seedsv.com> Date: Thu, 28 Jul 2005 17:14:27 GMT Local: Thurs, Jul 28 2005 12:14 pm I knew the guy fell asleep http://www.nbc4.tv/news/4777728/detail.html 6. pcbutts1 Jul 28, 2:55 pm show options Newsgroups: 24hoursupport.helpdesk From: "pcbutts1" <pcbutts1@seedsv.com> Date: Thu, 28 Jul 2005 19:55:31 GMT Local: Thurs, Jul 28 2005 2:55 pm Subject: Re: Report out I was the last one they got out. They had to remove the roof. That was me in those pictures being air lifted. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest ---Fitz--- Posted September 16, 2008 Posted September 16, 2008 "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:Od3bHk6FJHA.2252@TK2MSFTNGP02.phx.gbl...<span style="color:blue"> > From: "Malke" <malke@invalid.invalid> > > | I'm so sorry you are still feeling ill and need to stoop to this > slander. > | I'm also sorry you are still calling yourself an MVP. > > | It's been almost 4 years since your accident and I guess you never got > over > | it. It must have damaged more than just your body, otherwise why would > you > | do this sort of thing? Only someone really hurt in the soul would act > the > | way you do. > > Yeah he needs to see a doctor.</span> Way, way too late for that. Quote
Guest Leythos Posted September 16, 2008 Posted September 16, 2008 In article <80Ezk.636$yr3.229@nlpi068.nbdc.sbc.com>, toidi@tpap.com says...<span style="color:blue"> > Ignore any posts made by the Stalker Leythos, he's still in love with me. > He started stalking me after I spurned his advances towards me. > He said he would stop Stalking me If I stopped mentioning his name. > As you can see that does not work. He is a sick obsessive STALKER. > </span> Do you really want to trust someone that was banned from posting directly to Microsoft Usenet servers, someone that has posted links to pornographic materials on HIS WEBSITE, who's website is in the MVP HOST Block list, and who provides a tool for your use that will block access to reputable anti-malware sites without telling you he's doing it? And do you really want to trust someone that has had to change their posting identity after being busted by MS as a fake MVP? Stalking, even in usenet is a crime, there are enough pages from your filthy site to prove you're stalking me in your posts, I have them documented and certified authentic - it's your call now Stalker. -- Leythos - spam999free@rrohio.com (remove 999 to email me) Public Service Warning: Learn about PCButts before you trust: http://www.velocityreviews.com/forums/t513...f-removeit.html http://www.google.com/search?hl=en&q=pcbutts1+thief Quote
Guest Leythos Posted September 16, 2008 Posted September 16, 2008 In article <HZEzk.407$be.395@nlpi061.nbdc.sbc.com>, toidi@tpap.com says...<span style="color:blue"> > Ignore any posts made by the Stalker Leythos, he's still in love with me. > He started stalking me after I spurned his advances towards me. > He said he would stop Stalking me If I stopped mentioning his name. > As you can see that does not work. He is a sick obsessive STALKER. > </span> Do you really want to trust someone that was banned from posting directly to Microsoft Usenet servers, someone that has posted links to pornographic materials on HIS WEBSITE, who's website is in the MVP HOST Block list, and who provides a tool for your use that will block access to reputable anti-malware sites without telling you he's doing it? And do you really want to trust someone that has had to change their posting identity after being busted by MS as a fake MVP? Stalking, even in usenet is a crime, there are enough pages from your filthy site to prove you're stalking me in your posts, I have them documented and certified authentic - it's your call now Stalker. -- Leythos - spam999free@rrohio.com (remove 999 to email me) Public Service Warning: Learn about PCButts before you trust: http://www.velocityreviews.com/forums/t513...f-removeit.html http://www.google.com/search?hl=en&q=pcbutts1+thief Quote
Guest jen Posted September 16, 2008 Posted September 16, 2008 "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:ugsKgf6FJHA.4712@TK2MSFTNGP02.phx.gbl...<span style="color:blue"> > From: "jen" <jen@example.com> > | Enigma Software Group: Tracking the Hunter Part 2 > | By Steven Burn(mysteryfcm) - August 31st 2008: > | http://mysteryfcm.co.uk/?mode=Articles&date=31-08-2008 > Thanx Jen. :-)</span> YVW, David style_emoticons/ -jen Quote
Guest David H. Lipman Posted September 16, 2008 Posted September 16, 2008 From: "jen" <jen@example.com> | "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message | news:ugsKgf6FJHA.4712@TK2MSFTNGP02.phx.gbl...<span style="color:blue"><span style="color:green"> >> From: "jen" <jen@example.com> >> | Enigma Software Group: Tracking the Hunter Part 2 >> | By Steven Burn(mysteryfcm) - August 31st 2008: >> | http://mysteryfcm.co.uk/?mode=Articles&date=31-08-2008 >> Thanx Jen. :-)</span></span> | YVW, David style_emoticons/ | -jen Could you drop me an email. TIA -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest Hubert Rétif Posted September 17, 2008 Posted September 17, 2008 SUPERAntiSpyware has done the job. Thanks for this advice. Others is quite unusual for me in a Microsoft Newsgroup. Although, with this problem, I have seen that discussions about virus seems to be like a magnet for other virus... "Hubert Rétif" <retifhubert@remove.this.intergga.ch> schrieb im Newsbeitrag news:OtYpcawFJHA.2456@TK2MSFTNGP06.phx.gbl...<span style="color:blue"> > Hello, > On many PCs (XP Pro SP2) by one of my customer and also by one of mines, I > have shortly discovered the Trojan Zlob. > > By most of them it seems to be "inactive". Only on one PC, it has launch > Popups trying to sell an "XP Security suite". Some of these PCs have no > data exchange together. All are inside a VPN network. > > A scan with McAfee does not see it. I could only removed it with SpyHunter > from Enigma Software company. > > Looking for more information about this trojan (from where is it mostly > coming from, is it really dangerous), I did not found very much. Perhaps > can someone tells more here. > > My main question: is Windows Defender a good solution for this kind of > situation? Does it not need to much performance from the PC? > > Regards, > Hubert Retif > </span> Quote
Guest ~BD~ Posted September 17, 2008 Posted September 17, 2008 "Hubert Rétif" <retifhubert@remove.this.intergga.ch> wrote in message news:uD4lrGJGJHA.5572@TK2MSFTNGP03.phx.gbl...<span style="color:blue"> > SUPERAntiSpyware has done the job. Thanks for this advice. > > Others is quite unusual for me in a Microsoft Newsgroup. Although, with this problem, I have seen > that discussions about virus seems to be like a magnet for other virus...</span> Hi Hubert style_emoticons/ Are you implying/suggesting that by visiting the newsgroups to investigate unusal events occuring on their computers, folk end up with even worse malware on their machines? Dave Quote
Guest Hubert Rétif Posted September 17, 2008 Posted September 17, 2008 > Are you implying/suggesting that by visiting the newsgroups to investigate <span style="color:blue"> > unusal events occuring on their computers, folk end up with even worse > malware on their machines?</span> At least, when I look to the discussion, I feel no more secure to click on that link or another one. It seems to be general when discussion is about virus, not only in this group. Although, I thought first that it would be something else by Microsoft. Quote
Guest ~BD~ Posted September 17, 2008 Posted September 17, 2008 Some history for newbies! "Hubert Rétif" <retifhubert@remove.this.intergga.ch> wrote in message news:u0OJWyMGJHA.4460@TK2MSFTNGP06.phx.gbl...<span style="color:blue"><span style="color:green"> >> Are you implying/suggesting that by visiting the newsgroups to investigate unusal events occuring >> on their computers, folk end up with even worse malware on their machines?</span> > At least, when I look to the discussion, I feel no more secure to click on that link or another > one. It seems to be general when discussion is about virus, not only in this group. Although, I > thought first that it would be something else by Microsoft. > ></span> Thank you for your reply, Hubert. style_emoticons/ I strongly suspect that the majority of folk who come to these groups do so when they have a major disaster with their computer. In consequence they will, I'm sure, be focused simply on their own immediate problem and rarely do as I have done - stay and watch for the long term! You may possibly have noted that some here do not like my views! <wink> Methinks it may be that they have something to hide - but who really knows? It was for this reason that I initiated the thread you will find here in full:- http://groups.google.co.uk/group/microsoft...dilemma&lnk=ol& It starts off like this:- How can anyone visiting here for the first time have any idea that they will receive good ........ or bad .......... advice? I thought at first that the TechNet Communities must be monitored by Microsoft staff and therefore be relatively safe. I'm still not sure about that. Having come here (for ease of use, on someone's advice) it appears that no such protection applies and that it really is a 'free-for-all' and is, quite likely, a dangerous place to visit. This may not have always been so - and I do wish to stress that I HAVE received some excellent and helpful advice, much of which has enabled me to help myself more and better understand my PC and its' software. I have also learnt a great deal about 'malware' and how to deal with it. PCButts1 - some while ago now - explained to me how effective it is to run HiJackThis and then copy and paste a specific entry directly into Google. Here's an example - O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" Try it for yourself. I got 66,800 responses which can be reviewed at leisure. <g> What I have NOT found is other people who are trying to find out who perpetrates the 'malware' in the first place - no-one seems to care. I do! So, in spite of comments like that of 'Fitz' elsewhere on this group, and also having been 'warned-off'' having contact with PCButts1 by Kerry Brown and David H Lipman, I'm grateful for PCB's help. Perhaps he's one of the good guys after all, but only experience here will tell. I'm glad I'm not a newbie any more! BD Quote
Guest Tom [Pepper] Willett Posted September 17, 2008 Posted September 17, 2008 Re: Some history for newbies! You are a stark raving mad lunatic!!! "~BD~" <BoaterDave@nospam.invalid> wrote in message news:eTkZUqNGJHA.5664@TK2MSFTNGP04.phx.gbl... : : "Hubert Rétif" <retifhubert@remove.this.intergga.ch> wrote in message : news:u0OJWyMGJHA.4460@TK2MSFTNGP06.phx.gbl... : >> Are you implying/suggesting that by visiting the newsgroups to investigate unusal events occuring : >> on their computers, folk end up with even worse malware on their machines? : > At least, when I look to the discussion, I feel no more secure to click on that link or another : > one. It seems to be general when discussion is about virus, not only in this group. Although, I : > thought first that it would be something else by Microsoft. : > : > : : Thank you for your reply, Hubert. style_emoticons/ : : I strongly suspect that the majority of folk who come to these groups do so when they have a major : disaster with their computer. In consequence they will, I'm sure, be focused simply on their own : immediate problem and rarely do as I have done - stay and watch for the long term! : : You may possibly have noted that some here do not like my views! <wink> : : Methinks it may be that they have something to hide - but who really knows? : : It was for this reason that I initiated the thread you will find here in full:- : http://groups.google.co.uk/group/microsoft...dilemma&lnk=ol& : : It starts off like this:- : How can anyone visiting here for the first time have any idea that they : will receive good ........ or bad .......... advice? : : : I thought at first that the TechNet Communities must be monitored by : Microsoft staff and therefore be relatively safe. I'm still not sure about : that. Having come here (for ease of use, on someone's advice) it appears : that no such protection applies and that it really is a 'free-for-all' and : is, quite likely, a dangerous place to visit. : : : This may not have always been so - and I do wish to stress that I HAVE : received some excellent and helpful advice, much of which has enabled me to : help myself more and better understand my PC and its' software. I have also : learnt a great deal about 'malware' and how to deal with it. : : : PCButts1 - some while ago now - explained to me how effective it is to run : HiJackThis and then copy and paste a specific entry directly into Google. : Here's an example - O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] : "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" : : : Try it for yourself. I got 66,800 responses which can be reviewed at : leisure. <g> : : : What I have NOT found is other people who are trying to find out who : perpetrates the 'malware' in the first place - no-one seems to care. I do! : : : So, in spite of comments like that of 'Fitz' elsewhere on this group, and also having been : 'warned-off'' having contact with PCButts1 by Kerry Brown and David H : Lipman, I'm grateful for PCB's help. Perhaps he's one of the good guys after : all, but only experience here will tell. I'm glad I'm not a newbie any more! : : : BD : : Quote
Guest Peter Foldes Posted September 17, 2008 Posted September 17, 2008 Re: Some history for newbies! You are genially a mentally retarded person Dave. -- Peter Please Reply to Newsgroup for the benefit of others Requests for assistance by email can not and will not be acknowledged. "~BD~" <BoaterDave@nospam.invalid> wrote in message news:eTkZUqNGJHA.5664@TK2MSFTNGP04.phx.gbl...<span style="color:blue"> > > "Hubert Rétif" <retifhubert@remove.this.intergga.ch> wrote in message > news:u0OJWyMGJHA.4460@TK2MSFTNGP06.phx.gbl...<span style="color:green"><span style="color:darkred"> >>> Are you implying/suggesting that by visiting the newsgroups to investigate unusal events occuring >>> on their computers, folk end up with even worse malware on their machines?</span> >> At least, when I look to the discussion, I feel no more secure to click on that link or another >> one. It seems to be general when discussion is about virus, not only in this group. Although, I >> thought first that it would be something else by Microsoft. >> >></span> > > Thank you for your reply, Hubert. style_emoticons/ > > I strongly suspect that the majority of folk who come to these groups do so when they have a major > disaster with their computer. In consequence they will, I'm sure, be focused simply on their own > immediate problem and rarely do as I have done - stay and watch for the long term! > > You may possibly have noted that some here do not like my views! <wink> > > Methinks it may be that they have something to hide - but who really knows? > > It was for this reason that I initiated the thread you will find here in full:- > http://groups.google.co.uk/group/microsoft...dilemma&lnk=ol& > > It starts off like this:- > How can anyone visiting here for the first time have any idea that they > will receive good ........ or bad .......... advice? > > > I thought at first that the TechNet Communities must be monitored by > Microsoft staff and therefore be relatively safe. I'm still not sure about > that. Having come here (for ease of use, on someone's advice) it appears > that no such protection applies and that it really is a 'free-for-all' and > is, quite likely, a dangerous place to visit. > > > This may not have always been so - and I do wish to stress that I HAVE > received some excellent and helpful advice, much of which has enabled me to > help myself more and better understand my PC and its' software. I have also > learnt a great deal about 'malware' and how to deal with it. > > > PCButts1 - some while ago now - explained to me how effective it is to run > HiJackThis and then copy and paste a specific entry directly into Google. > Here's an example - O4 - HKLM..Run: [Adobe Reader Speed Launcher] > "C:Program FilesAdobeReader 8.0ReaderReader_sl.exe" > > > Try it for yourself. I got 66,800 responses which can be reviewed at > leisure. <g> > > > What I have NOT found is other people who are trying to find out who > perpetrates the 'malware' in the first place - no-one seems to care. I do! > > > So, in spite of comments like that of 'Fitz' elsewhere on this group, and also having been > 'warned-off'' having contact with PCButts1 by Kerry Brown and David H > Lipman, I'm grateful for PCB's help. Perhaps he's one of the good guys after > all, but only experience here will tell. I'm glad I'm not a newbie any more! > > > BD > ></span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.