Guest Chris2T Posted April 25, 2009 Posted April 25, 2009 Norton Anti-Virus scan (Updates downloaded today) found a Trojan Horse that it didn't find last week. It's in "christmasjoy.exe" which is a screensaver I downloaded last Xmas. Can't seem to delete the file with Norton: how to get it ALL out? Quote
Guest David H. Lipman Posted April 25, 2009 Posted April 25, 2009 From: "Chris2T" <Chris2T@discussions.microsoft.com> | Norton Anti-Virus scan (Updates downloaded today) found a Trojan Horse that | it didn't find last week. It's in "christmasjoy.exe" which is a screensaver | I downloaded last Xmas. Can't seem to delete the file with Norton: how to | get it ALL out? Give the following pair a shot at it... Malwarebytes Anti-Malware http://www.malwarebytes.org/mbam/program/mbam-setup.exe SuperAntiSpyware http://www.superantispyware.com/downloadfi...ANTISPYWAREFREE -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest Chris2T Posted April 26, 2009 Posted April 26, 2009 OK! I downloaded the SuperAntiSpyware, ran it, then re-ran Norton Anti-Virus -- and NO viruses -- so it worked! Maybe: the computer (previous owner) also has Spyware Doctor -- so I ran THAT -- says it still has 3 instances of "FlashGet" browser redirector and 1 of "Net Ratings"! So how do I get rid of those -- or do I have to pay $30 to have the Spyware Dr. people do it for me? Plus I have "Aluria Security" in this computer too! Do I really need that TOO? (Along with current Norton Anti-Virus and their Symantec's Firewall, all of which I use!) And also while we're at it, just HOW do I remove a screensaver (the suspicious one)anyway? I can't find it by the filename in "Find" and right-clicking on it in "Display" doesn't give me a "Delete" option and it's not on the list of "Add/Delete" choices to make either. (I'm in Windows 98SE on a ten-year old IBM Thinkpad). BTW, thanks Dave! "David H. Lipman" wrote: <span style="color:blue"> > From: "Chris2T" <Chris2T@discussions.microsoft.com> > > | Norton Anti-Virus scan (Updates downloaded today) found a Trojan Horse that > | it didn't find last week. It's in "christmasjoy.exe" which is a screensaver > | I downloaded last Xmas. Can't seem to delete the file with Norton: how to > | get it ALL out? > > Give the following pair a shot at it... > > Malwarebytes Anti-Malware > http://www.malwarebytes.org/mbam/program/mbam-setup.exe > > SuperAntiSpyware > http://www.superantispyware.com/downloadfi...ANTISPYWAREFREE > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > > </span> Quote
Guest David H. Lipman Posted April 26, 2009 Posted April 26, 2009 From: "Chris2T" <Chris2T@discussions.microsoft.com> | OK! I downloaded the SuperAntiSpyware, ran it, then re-ran Norton Anti-Virus | -- and NO viruses -- so it worked! Maybe: the computer (previous owner) | also has Spyware Doctor -- so I ran THAT -- says it still has 3 instances of | "FlashGet" browser redirector and 1 of "Net Ratings"! So how do I get rid of | those -- or do I have to pay $30 to have the Spyware Dr. people do it for me? | Plus I have "Aluria Security" in this computer too! Do I really need that | TOO? (Along with current Norton Anti-Virus and their Symantec's Firewall, all | of which I use!) | And also while we're at it, just HOW do I remove a screensaver (the | suspicious one)anyway? I can't find it by the filename in "Find" and | right-clicking on it in "Display" doesn't give me a "Delete" option and it's | not on the list of "Add/Delete" choices to make either. (I'm in Windows 98SE | on a ten-year old IBM Thinkpad). | BTW, thanks Dave! You said... "previous owner" -- This is a used PC ? If yes then the BEST advice is to wipe it and re-install the OS form scratch. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest Chris2T Posted April 26, 2009 Posted April 26, 2009 That was neither very kind -- nor helpful! Anybody else out there willing to simply answer my questions? I've managed pretty well so far with just your help and not all of us can AFFORD the latest and grreatest these days!! Thanks, Chris "David H. Lipman" wrote: <span style="color:blue"> > From: "Chris2T" <Chris2T@discussions.microsoft.com> > > | OK! I downloaded the SuperAntiSpyware, ran it, then re-ran Norton Anti-Virus > | -- and NO viruses -- so it worked! Maybe: the computer (previous owner) > | also has Spyware Doctor -- so I ran THAT -- says it still has 3 instances of > | "FlashGet" browser redirector and 1 of "Net Ratings"! So how do I get rid of > | those -- or do I have to pay $30 to have the Spyware Dr. people do it for me? > > | Plus I have "Aluria Security" in this computer too! Do I really need that > | TOO? (Along with current Norton Anti-Virus and their Symantec's Firewall, all > | of which I use!) > > | And also while we're at it, just HOW do I remove a screensaver (the > | suspicious one)anyway? I can't find it by the filename in "Find" and > | right-clicking on it in "Display" doesn't give me a "Delete" option and it's > | not on the list of "Add/Delete" choices to make either. (I'm in Windows 98SE > | on a ten-year old IBM Thinkpad). > > | BTW, thanks Dave! > > > You said... > > "previous owner" -- This is a used PC ? > > If yes then the BEST advice is to wipe it and re-install the OS form scratch. > > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > > </span> Quote
Guest David H. Lipman Posted April 26, 2009 Posted April 26, 2009 From: "Chris2T" <Chris2T@discussions.microsoft.com> | That was neither very kind -- nor helpful! | Anybody else out there willing to simply answer my questions? I've managed | pretty well so far with just your help and not all of us can AFFORD the | latest and grreatest these days!! | Thanks, Chris I'm sorry, it is NOT about being kind. It is about being SAFE. Anybody here worth a grain of salt and sees a thread about malware or the possibility of malware on a PC that had been previously used will tell you the same thing. Wipe the PC and re-install the OS from scratch. NEVER accept a previously used PC without wiping the hard disk and re-installing the OS from scratch. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest Chris2T Posted April 26, 2009 Posted April 26, 2009 The machine came from an IT Professional who's no longer available and was especially set up for me. So what can I do but "make do" now? Plus the Trojan in question (is the ONLY one I've EVER had!) JUST appeared yesterday on a regular weekly Anti-Virus scan and the software it's in is identified; I'm just trying to remove it! (So I AM being a responsible user.) Next month I'll just have to pay SpyDoctor to get rid of the browser rediretors and NetRatings since you're too superior to lower yourself any further. "David H. Lipman" wrote: <span style="color:blue"> > From: "Chris2T" <Chris2T@discussions.microsoft.com> > > | That was neither very kind -- nor helpful! > > | Anybody else out there willing to simply answer my questions? I've managed > | pretty well so far with just your help and not all of us can AFFORD the > | latest and grreatest these days!! > > | Thanks, Chris > > I'm sorry, it is NOT about being kind. It is about being SAFE. > > Anybody here worth a grain of salt and sees a thread about malware or the possibility of > malware on a PC that had been previously used will tell you the same thing. Wipe the PC > and re-install the OS from scratch. > > NEVER accept a previously used PC without wiping the hard disk and re-installing the OS > from scratch. > > > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > > </span> Quote
Guest The Real Truth [MS MVP] Posted April 26, 2009 Posted April 26, 2009 OOOhh you did it now, you've pissed off the Usenet god, that's who David thinks he is. Watch out now he is going to flood your email with spam. It is well documented how he got caught doing that with me, See http://pcbutts1-therealtruth.blogspot.com under the heading David Lipman troll. If SAS says you are clean then you are clean. -- The Real Truth http://pcbutts1-therealtruth.blogspot.com/ WARNING Do NOT follow any advice given by the people listed below. They do NOT have the expertise or knowledge to fix your issue. Do not waste your time. David H Lipman, Malke, PA Bear, Beauregard T. Shagnasty, Leythos. "Chris2T" <Chris2T@discussions.microsoft.com> wrote in message news:02CB8734-9F96-47AD-8D27-E5A99E8FCF3F@microsoft.com...<span style="color:blue"> > The machine came from an IT Professional who's no longer available and was > especially set up for me. So what can I do but "make do" now? > > Plus the Trojan in question (is the ONLY one I've EVER had!) JUST appeared > yesterday on a regular weekly Anti-Virus scan and the software it's in is > identified; I'm just trying to remove it! (So I AM being a responsible > user.) Next month I'll just have to pay SpyDoctor to get rid of the > browser > rediretors and NetRatings since you're too superior to lower yourself any > further. > > > > "David H. Lipman" wrote: ><span style="color:green"> >> From: "Chris2T" <Chris2T@discussions.microsoft.com> >> >> | That was neither very kind -- nor helpful! >> >> | Anybody else out there willing to simply answer my questions? I've >> managed >> | pretty well so far with just your help and not all of us can AFFORD the >> | latest and grreatest these days!! >> >> | Thanks, Chris >> >> I'm sorry, it is NOT about being kind. It is about being SAFE. >> >> Anybody here worth a grain of salt and sees a thread about malware or the >> possibility of >> malware on a PC that had been previously used will tell you the same >> thing. Wipe the PC >> and re-install the OS from scratch. >> >> NEVER accept a previously used PC without wiping the hard disk and >> re-installing the OS >> from scratch. >> >> >> >> -- >> Dave >> http://www.claymania.com/removal-trojan-adware.html >> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp >> >> >> </span></span> Quote
Guest Leythos Posted April 26, 2009 Posted April 26, 2009 In article <016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com>, Chris2T@discussions.microsoft.com says...<span style="color:blue"> > That was neither very kind -- nor helpful! > </span> Actually, it was very helpful and very kind. A USED PC can have any type of malware and other nasty things on it. If you bought/were given a used PC then the very first thing you should do it wipe it and install from scratch. The key point being that if the machine was already infected, how do you know you got all of it? You don't. The only certain way to clean a machine is to wipe it and reinstall from scratch. -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam999free@rrohio.com (remove 999 for proper email address) Quote
Guest Leythos Posted April 26, 2009 Posted April 26, 2009 In article <02CB8734-9F96-47AD-8D27-E5A99E8FCF3F@microsoft.com>, Chris2T@discussions.microsoft.com says...<span style="color:blue"> > > The machine came from an IT Professional who's no longer available and was > especially set up for me. So what can I do but "make do" now? </span> There are many "IT Professionals" and most of them are not worth the weight of the hair on their heads. <span style="color:blue"> > Plus the Trojan in question (is the ONLY one I've EVER had!) JUST appeared > yesterday on a regular weekly Anti-Virus scan and the software it's in is > identified; I'm just trying to remove it! (So I AM being a responsible > user.) Next month I'll just have to pay SpyDoctor to get rid of the browser > rediretors and NetRatings since you're too superior to lower yourself any > further.</span> If your IT Professional setup the PC properly there would be little way for you to have been compromised, clearly not a "professional" job as far as security and training of you. Any respectable person looking to clean a machine can easily search google to find hundreds of ways to clean infected machines, and there are even unreputable people that pretend to be MVP's that will have you download pirated software to fix your machine - while they also block access to quality and reputable anti-malware sites with your pirated fixes. The key you need to understand is that your machine was not secured, it's still not secure, and just because you removed what you can find doesn't mean that there are not a dozen other malware that you missed. If the "IT Professional" was a good person they also provided you with all of the media (CD/DVD for the software they installed) and you should be able to wipe it and be back up and running in 2-3 hours from the time you start. -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam999free@rrohio.com (remove 999 for proper email address) Quote
Guest Leythos Posted April 26, 2009 Posted April 26, 2009 In article <sD0Jl.30953$ZP4.16391@nlpi067.nbdc.sbc.com>, trt@void.com says...<span style="color:blue"> > If SAS says you are clean then you are clean. > </span> And there you have it, another lie from PCBUTTS1. No anti-malware application will tell you that you are "Clean", only "Clean from known malware that it's capable of detecting". -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam999free@rrohio.com (remove 999 for proper email address) Quote
Guest David H. Lipman Posted April 26, 2009 Posted April 26, 2009 From: "Chris2T" <Chris2T@discussions.microsoft.com> | The machine came from an IT Professional who's no longer available and was | especially set up for me. So what can I do but "make do" now? | Plus the Trojan in question (is the ONLY one I've EVER had!) JUST appeared | yesterday on a regular weekly Anti-Virus scan and the software it's in is | identified; I'm just trying to remove it! (So I AM being a responsible | user.) Next month I'll just have to pay SpyDoctor to get rid of the browser | rediretors and NetRatings since you're too superior to lower yourself any | further. A PC especially setup for you is NOT a used PC and doesn't match with "previous owner". If the previous owner wiped the PC and setup the OS specifically for you then that is totally different. I go only go by the words the you provide. BTW: Please ignore the fake MS MVP and software plagiarizer known as PCBUTTS1. http://www.viruslist.com/en/weblog?weblogid=197597102 http://www.nutnworks.com/forums/showthread.php?p=10097 http://www.besttechie.net/2006/09/07/pcbutts1-back-at-it/ Softwaredieb zensiert Schweizer PC-Magazin (06 Oct-08) http://www.tagesanzeiger.ch/digital/Softwa.../story/27917275 Google translation: http://translate.google.com/translate?hl=e...microsoft:en-US -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest FromTheRafters Posted April 26, 2009 Posted April 26, 2009 It may have been a false positive detection - now corrected. If you are happy that you may be okay, then okay. If you would like more confidence than " may " gives you - then David's advice is appropriate (as well as kind and helpful). "Chris2T" <Chris2T@discussions.microsoft.com> wrote in message news:016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com...<span style="color:blue"> > That was neither very kind -- nor helpful! > > Anybody else out there willing to simply answer my questions? I've > managed > pretty well so far with just your help and not all of us can AFFORD > the > latest and grreatest these days!! > > Thanks, Chris > > "David H. Lipman" wrote: ><span style="color:green"> >> From: "Chris2T" <Chris2T@discussions.microsoft.com> >> >> | OK! I downloaded the SuperAntiSpyware, ran it, then re-ran Norton >> Anti-Virus >> | -- and NO viruses -- so it worked! Maybe: the computer (previous >> owner) >> | also has Spyware Doctor -- so I ran THAT -- says it still has 3 >> instances of >> | "FlashGet" browser redirector and 1 of "Net Ratings"! So how do I >> get rid of >> | those -- or do I have to pay $30 to have the Spyware Dr. people do >> it for me? >> >> | Plus I have "Aluria Security" in this computer too! Do I really >> need that >> | TOO? (Along with current Norton Anti-Virus and their Symantec's >> Firewall, all >> | of which I use!) >> >> | And also while we're at it, just HOW do I remove a screensaver (the >> | suspicious one)anyway? I can't find it by the filename in "Find" >> and >> | right-clicking on it in "Display" doesn't give me a "Delete" option >> and it's >> | not on the list of "Add/Delete" choices to make either. (I'm in >> Windows 98SE >> | on a ten-year old IBM Thinkpad). >> >> | BTW, thanks Dave! >> >> >> You said... >> >> "previous owner" -- This is a used PC ? >> >> If yes then the BEST advice is to wipe it and re-install the OS form >> scratch. >> >> >> -- >> Dave >> http://www.claymania.com/removal-trojan-adware.html >> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp >> >> >> </span></span> Quote
Guest Leythos Posted April 26, 2009 Posted April 26, 2009 "Chris2T" <Chris2T@discussions.microsoft.com> wrote in message news:016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com...<span style="color:blue"> > That was neither very kind -- nor helpful!</span> Just to add to my last post, anyone who does what you do is an idiot. And David Lipman is a god and I love him so leave him alone. -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam9999fre@rohio.com (remove 999 for proper email address) Quote
Guest FromTheRafters Posted April 26, 2009 Posted April 26, 2009 "Leythos" <spam9999free@rrohio.com> wrote in message news:jr4Jl.72019$_R4.54962@newsfe11.iad...<span style="color:blue"> > "Chris2T" <Chris2T@discussions.microsoft.com> wrote in message > news:016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com...<span style="color:green"> >> That was neither very kind -- nor helpful!</span> > > Just to add to my last post, anyone who does what you do is an idiot. > And David Lipman is a god and I love him so leave him alone.</span> Any guesses who this might be? Quote
Guest Leythos Posted April 26, 2009 Posted April 26, 2009 Re: Trojan Horse (unspecified) - PCButts impersonating again In article <jr4Jl.72019$_R4.54962@newsfe11.iad>, spam9999free@rrohio.com says...<span style="color:blue"> > Path: news.astraweb.com!border2.newsrouter.astraweb.com!newshub.sdsu.edu!border1.nntp.dca.giganews.com!nntp.giganews.com!npeer02.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!post01.iad.highwinds-media.com!newsfe11.iad.POSTED!4b08191c!not-for-mail > From: "Leythos" <spam9999free@rrohio.com> > Newsgroups: microsoft.public.security.virus > References: <7F7086F5-31B0-489F-8E6C-FCF47C2A288E@microsoft.com> <OsqHu8exJHA.1196@TK2MSFTNGP03.phx.gbl> <999B56DD-3D9B-4AC6-95B9-A221D9471EA1@microsoft.com> <#anOmtgxJHA.1096@TK2MSFTNGP06.phx.gbl> <016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com> > In-Reply-To: <016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com> > Subject: Re: Trojan Horse (unspecified) > Lines: 16 > MIME-Version: 1.0 > Content-Type: text/plain; format=flowed; charset="UTF-8"; reply-type=original > Content-Transfer-Encoding: 7bit > X-Priority: 3 > X-MSMail-Priority: Normal > X-Newsreader: Microsoft Windows Mail 6.0.6001.18000 > X-MIMEOLE: Produced By Microsoft MimeOLE V6.0.6001.18049 > X-Antivirus: avast! (VPS 090426-0, 04/26/2009), Outbound message > X-Antivirus-Status: Clean > Message-ID: <jr4Jl.72019$_R4.54962@newsfe11.iad> > X-Complaints-To: abuse@teranews.com > NNTP-Posting-Date: Sun, 26 Apr 2009 21:34:07 UTC > Organization: TeraNews.com > Date: Sun, 26 Apr 2009 14:34:07 -0700 > > "Chris2T" <Chris2T@discussions.microsoft.com> wrote in message > news:016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com...<span style="color:green"> > > That was neither very kind -- nor helpful!</span> > > Just to add to my last post, anyone who does what you do is an idiot. And > David Lipman is a god and I love him so leave him alone.</span> As you can see, PCButts is impersonating people again, this time me. The headers reflect those that Butts has been known to post from and clearly show that the above post was not from myself. Anyone that would trust a person of such immoral character is a fool. -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam999free@rrohio.com (remove 999 for proper email address) Quote
Guest FromTheRafters Posted April 26, 2009 Posted April 26, 2009 Re: Trojan Horse (unspecified) - PCButts impersonating again "Leythos" <spam999free@rrohio.com> wrote in message news:MPG.245eb5929fead4e3989b7d@us.news.astraweb.com... <span style="color:blue"> > As you can see, PCButts is impersonating people again, this time me. > The > headers reflect those that Butts has been known to post from and > clearly > show that the above post was not from myself. > > Anyone that would trust a person of such immoral character is a fool.</span> So David is a mere mortal and you only like him a little? Quote
Guest David H. Lipman Posted April 26, 2009 Posted April 26, 2009 Re: Trojan Horse (unspecified) - PCButts impersonating again From: "FromTheRafters" <erratic @nomail.afraid.org> | "Leythos" <spam999free@rrohio.com> wrote in message | news:MPG.245eb5929fead4e3989b7d@us.news.astraweb.com... <span style="color:blue"><span style="color:green"> >> As you can see, PCButts is impersonating people again, this time me. >> The >> headers reflect those that Butts has been known to post from and >> clearly >> show that the above post was not from myself.</span></span> <span style="color:blue"><span style="color:green"> >> Anyone that would trust a person of such immoral character is a fool.</span></span> | So David is a mere mortal and you only like him a little? Extremely mortal with all life's frailties :-) { Damn, I left the cigarettes at the GoGo bar... } -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest Leythos Posted April 27, 2009 Posted April 27, 2009 Re: Trojan Horse (unspecified) - PCButts impersonating again In article <uDaOAhsxJHA.1092@TK2MSFTNGP06.phx.gbl>, erratic @nomail.afraid.org says...<span style="color:blue"> > > "Leythos" <spam999free@rrohio.com> wrote in message > news:MPG.245eb5929fead4e3989b7d@us.news.astraweb.com... > <span style="color:green"> > > As you can see, PCButts is impersonating people again, this time me. > > The > > headers reflect those that Butts has been known to post from and > > clearly > > show that the above post was not from myself. > > > > Anyone that would trust a person of such immoral character is a fool.</span> > > So David is a mere mortal and you only like him a little? </span> LOL, the only people that think they are gods would be PCButts and his socks. -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam999free@rrohio.com (remove 999 for proper email address) Quote
Guest Troll Buster Posted April 27, 2009 Posted April 27, 2009 Re: Trojan Horse (unspecified) - PCButts impersonating again You say the headers match her previous posts yet you don't posts those headers. You expect everyone to believe that you can memorize, letter by letter number by number of her headers because that's essentially what you are saying. If you had a copy of those matching headers you would have posted them. You are a troll and a liar. Post those incredibly incriminating headers that you say match and I will leave you alone. I know you are a liar and won't do it. I know you will have an excuse. Don't ignore this post like you did in the other group when I called you out on your lies. -- Too many Trolls in this NG bashing each other. The Information I post has been verified by me and is Authentic. "Leythos" <spam999free@rrohio.com> wrote in message news:MPG.245eb5929fead4e3989b7d@us.news.astraweb.com...<span style="color:blue"> > In article <jr4Jl.72019$_R4.54962@newsfe11.iad>, spam9999free@rrohio.com > says...<span style="color:green"> >> Path: >> news.astraweb.com!border2.newsrouter.astraweb.com!newshub.sdsu.edu!border1.nntp.dca.giganews.com!nntp.giganews.com!npeer02.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!post01.iad.highwinds-media.com!newsfe11.iad.POSTED!4b08191c!not-for-mail >> From: "Leythos" <spam9999free@rrohio.com> >> Newsgroups: microsoft.public.security.virus >> References: <7F7086F5-31B0-489F-8E6C-FCF47C2A288E@microsoft.com> >> <OsqHu8exJHA.1196@TK2MSFTNGP03.phx.gbl> >> <999B56DD-3D9B-4AC6-95B9-A221D9471EA1@microsoft.com> >> <#anOmtgxJHA.1096@TK2MSFTNGP06.phx.gbl> >> <016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com> >> In-Reply-To: <016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com> >> Subject: Re: Trojan Horse (unspecified) >> Lines: 16 >> MIME-Version: 1.0 >> Content-Type: text/plain; format=flowed; charset="UTF-8"; >> reply-type=original >> Content-Transfer-Encoding: 7bit >> X-Priority: 3 >> X-MSMail-Priority: Normal >> X-Newsreader: Microsoft Windows Mail 6.0.6001.18000 >> X-MIMEOLE: Produced By Microsoft MimeOLE V6.0.6001.18049 >> X-Antivirus: avast! (VPS 090426-0, 04/26/2009), Outbound message >> X-Antivirus-Status: Clean >> Message-ID: <jr4Jl.72019$_R4.54962@newsfe11.iad> >> X-Complaints-To: abuse@teranews.com >> NNTP-Posting-Date: Sun, 26 Apr 2009 21:34:07 UTC >> Organization: TeraNews.com >> Date: Sun, 26 Apr 2009 14:34:07 -0700 >> >> "Chris2T" <Chris2T@discussions.microsoft.com> wrote in message >> news:016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com...<span style="color:darkred"> >> > That was neither very kind -- nor helpful!</span> >> >> Just to add to my last post, anyone who does what you do is an idiot. And >> David Lipman is a god and I love him so leave him alone.</span> > > As you can see, PCButts is impersonating people again, this time me. The > headers reflect those that Butts has been known to post from and clearly > show that the above post was not from myself. > > Anyone that would trust a person of such immoral character is a fool. > > > > -- > - Igitur qui desiderat pacem, praeparet bellum. > - Calling an illegal alien an "undocumented worker" is like calling a > drug dealer an "unlicensed pharmacist" > spam999free@rrohio.com (remove 999 for proper email address) </span> Quote
Guest Peter Foldes Posted April 27, 2009 Posted April 27, 2009 Re: Trojan Horse (unspecified) - PCButts impersonating again There you go again and using another posting name. Something is seriously a problem upstairs. Have you had it checked by a professional shrink lately -- Peter Please Reply to Newsgroup for the benefit of others Requests for assistance by email can not and will not be acknowledged. "Troll Buster" <troll@buster.gio> wrote in message news:nf2dna_pLOadgGjUnZ2dnUVZ_t2dnZ2d@giganews.com...<span style="color:blue"> > You say the headers match her > previous posts yet you don't posts those headers. You expect everyone to > believe that you can memorize, letter by letter number by number of her > headers because that's essentially what you are saying. If you had a copy of > those matching headers you would have posted them. You are a troll and a > liar. Post those incredibly incriminating headers that you say match and I > will leave you alone. I know you are a liar and won't do it. I know you will > have an excuse. Don't ignore this post like you did in the other group when > I called you out on your lies. > > > -- > Too many Trolls in this NG bashing each other. The > Information I post has been verified by me and is Authentic. > > > > "Leythos" <spam999free@rrohio.com> wrote in message > news:MPG.245eb5929fead4e3989b7d@us.news.astraweb.com...<span style="color:green"> >> In article <jr4Jl.72019$_R4.54962@newsfe11.iad>, spam9999free@rrohio.com >> says...<span style="color:darkred"> >>> Path: >>> news.astraweb.com!border2.newsrouter.astraweb.com!newshub.sdsu.edu!border1.nntp.dca.giganews.com!nntp.giganews.com!npeer02.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!post01.iad.highwinds-media.com!newsfe11.iad.POSTED!4b08191c!not-for-mail >>> From: "Leythos" <spam9999free@rrohio.com> >>> Newsgroups: microsoft.public.security.virus >>> References: <7F7086F5-31B0-489F-8E6C-FCF47C2A288E@microsoft.com> >>> <OsqHu8exJHA.1196@TK2MSFTNGP03.phx.gbl> >>> <999B56DD-3D9B-4AC6-95B9-A221D9471EA1@microsoft.com> >>> <#anOmtgxJHA.1096@TK2MSFTNGP06.phx.gbl> >>> <016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com> >>> In-Reply-To: <016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com> >>> Subject: Re: Trojan Horse (unspecified) >>> Lines: 16 >>> MIME-Version: 1.0 >>> Content-Type: text/plain; format=flowed; charset="UTF-8"; reply-type=original >>> Content-Transfer-Encoding: 7bit >>> X-Priority: 3 >>> X-MSMail-Priority: Normal >>> X-Newsreader: Microsoft Windows Mail 6.0.6001.18000 >>> X-MIMEOLE: Produced By Microsoft MimeOLE V6.0.6001.18049 >>> X-Antivirus: avast! (VPS 090426-0, 04/26/2009), Outbound message >>> X-Antivirus-Status: Clean >>> Message-ID: <jr4Jl.72019$_R4.54962@newsfe11.iad> >>> X-Complaints-To: abuse@teranews.com >>> NNTP-Posting-Date: Sun, 26 Apr 2009 21:34:07 UTC >>> Organization: TeraNews.com >>> Date: Sun, 26 Apr 2009 14:34:07 -0700 >>> >>> "Chris2T" <Chris2T@discussions.microsoft.com> wrote in message >>> news:016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com... >>> > That was neither very kind -- nor helpful! >>> >>> Just to add to my last post, anyone who does what you do is an idiot. And >>> David Lipman is a god and I love him so leave him alone.</span> >> >> As you can see, PCButts is impersonating people again, this time me. The >> headers reflect those that Butts has been known to post from and clearly >> show that the above post was not from myself. >> >> Anyone that would trust a person of such immoral character is a fool. >> >> >> >> -- >> - Igitur qui desiderat pacem, praeparet bellum. >> - Calling an illegal alien an "undocumented worker" is like calling a >> drug dealer an "unlicensed pharmacist" >> spam999free@rrohio.com (remove 999 for proper email address)</span> > </span> Quote
Guest Leythos Posted April 27, 2009 Posted April 27, 2009 Re: Trojan Horse (unspecified) - PCButts impersonating again In article <nf2dna_pLOadgGjUnZ2dnUVZ_t2dnZ2d@giganews.com>, troll@buster.gio says...<span style="color:blue"> > > You say the headers match her</span> PCBUTTS1 is not a her, that's already been proven. The picture on the blog site is stolen from a foreign site and that to has already been proven. Chris has also stated he is MALE, over the years, and that's not in dispute except by Chris and you, his sock, anymore. <span style="color:blue"> > previous posts yet you don't posts those headers. You expect everyone to > believe that you can memorize, letter by letter number by number of her > headers because that's essentially what you are saying. If you had a copy of > those matching headers you would have posted them.</span> Actually, I do have a copy of the headers from before, and I have a copy of your headers, and headers can be found ONLINE archived, easily, so you're creating a diversion to hide that you've been exposed. <span style="color:blue"> > You are a troll and a > liar. </span> And yet everything I say can easily be verified with a little effort and has been verified by members of the anti-malware community. <span style="color:blue"> > Post those incredibly incriminating headers that you say match and I > will leave you alone. I know you are a liar and won't do it. I know you will > have an excuse. Don't ignore this post like you did in the other group when > I called you out on your lies.</span> LOL, keep trying chris, your time is short. -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam999free@rrohio.com (remove 999 for proper email address) Quote
Guest Chris2T Posted April 27, 2009 Posted April 27, 2009 Well, thanks everyone -- now I understand both the scope and the ramifications of the situation betterand I appreciate all the (genuine) input since it's been more than 8 years for me with no (known) infections and so I am a VERY strong believer in Symantec. At least I can SAY that they never TOLD me I had an infection in all these years' scans, if I understand what you are all saying! (But you gotta trust SOMEBODY, huh?) And I do believe I DID get a totally clean machine at the outset: it's just that I AM the IDIOT who downloaded the screensaver that Norton AV identified as containing the Trojan it just picked up on last weekend, but couldn't quarantine or remove for about four different reasons I don't remember now. Hence my original approach to you (and Dave's suggestion worked, as least according to the Norton rescan.) (Except that I'd still really like to knowjust HOW to remove that d...d screensaver altogether and I can't find anything on the web to tell me how to do so in Windows 98SE!) Before this an infection had never happened to me with screensavers (that I KNOW of) either so I really didn't think a second thought about downloading at the time... I believe I even "Saved" it first and ran a virus scan on the file before I opened it, as I ususally do this. (And that's all I've ever been told to do to protect myself from downloading suspect material.) So: first time for everything and forewarned it NOW forarmed (I HOPE) for the better! Will just keep updating and running scans every week as per usual. (Sorry to have mislead you, Dave; this lingo is new to me too!) Best wishes to all, Chris T. "David H. Lipman" wrote: <span style="color:blue"> > From: "Chris2T" <Chris2T@discussions.microsoft.com> > > | The machine came from an IT Professional who's no longer available and was > | especially set up for me. So what can I do but "make do" now? > > | Plus the Trojan in question (is the ONLY one I've EVER had!) JUST appeared > | yesterday on a regular weekly Anti-Virus scan and the software it's in is > | identified; I'm just trying to remove it! (So I AM being a responsible > | user.) Next month I'll just have to pay SpyDoctor to get rid of the browser > | rediretors and NetRatings since you're too superior to lower yourself any > | further. > > A PC especially setup for you is NOT a used PC and doesn't match with "previous owner". > > If the previous owner wiped the PC and setup the OS specifically for you then that is > totally different. I go only go by the words the you provide. > > BTW: Please ignore the fake MS MVP and software plagiarizer known as PCBUTTS1. > > http://www.viruslist.com/en/weblog?weblogid=197597102 > http://www.nutnworks.com/forums/showthread.php?p=10097 > http://www.besttechie.net/2006/09/07/pcbutts1-back-at-it/ > > Softwaredieb zensiert Schweizer PC-Magazin (06 Oct-08) > http://www.tagesanzeiger.ch/digital/Softwa.../story/27917275 > > Google translation: > http://translate.google.com/translate?hl=e...microsoft:en-US > > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > > </span> Quote
Guest Chris2T Posted April 27, 2009 Posted April 27, 2009 Oh yes I do have all the software you mentioned -- EXCEPT the Symantec Firewall, the Norton AntiVirus and the Diskeeper Executive Software I DO use a lot (as well all the machine's manufacturer's User's Manual and Configuation information.) If I wipe it clean and start over I will lose all THAT too! "Leythos" wrote: <span style="color:blue"> > In article <02CB8734-9F96-47AD-8D27-E5A99E8FCF3F@microsoft.com>, > Chris2T@discussions.microsoft.com says...<span style="color:green"> > > > > The machine came from an IT Professional who's no longer available and was > > especially set up for me. So what can I do but "make do" now? </span> > > There are many "IT Professionals" and most of them are not worth the > weight of the hair on their heads. > <span style="color:green"> > > Plus the Trojan in question (is the ONLY one I've EVER had!) JUST appeared > > yesterday on a regular weekly Anti-Virus scan and the software it's in is > > identified; I'm just trying to remove it! (So I AM being a responsible > > user.) Next month I'll just have to pay SpyDoctor to get rid of the browser > > rediretors and NetRatings since you're too superior to lower yourself any > > further.</span> > > If your IT Professional setup the PC properly there would be little way > for you to have been compromised, clearly not a "professional" job as > far as security and training of you. > > Any respectable person looking to clean a machine can easily search > google to find hundreds of ways to clean infected machines, and there > are even unreputable people that pretend to be MVP's that will have you > download pirated software to fix your machine - while they also block > access to quality and reputable anti-malware sites with your pirated > fixes. > > The key you need to understand is that your machine was not secured, > it's still not secure, and just because you removed what you can find > doesn't mean that there are not a dozen other malware that you missed. > > If the "IT Professional" was a good person they also provided you with > all of the media (CD/DVD for the software they installed) and you should > be able to wipe it and be back up and running in 2-3 hours from the time > you start. > > > -- > - Igitur qui desiderat pacem, praeparet bellum. > - Calling an illegal alien an "undocumented worker" is like calling a > drug dealer an "unlicensed pharmacist" > spam999free@rrohio.com (remove 999 for proper email address) > </span> Quote
Guest RJK Posted April 27, 2009 Posted April 27, 2009 "Chris2T" <Chris2T@discussions.microsoft.com> wrote in message news:016840E7-7046-454D-A92F-1ABE0AAAEB2C@microsoft.com... <span style="color:blue"> > That was neither very kind -- nor helpful! ></span> What an ignorant, rude and ungrateful comment, after one of the foremost authorities, (who freely gives lots of time and help), was giving the usual first class advice !! regards, Richard ...now where is my killfile ....kerr - plunk ! Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.