Trojan/Riskware Help

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi,
I went to a website (popdose.com) and it seems the website is infected with
a trojan which now has infected my computer. It has installed the following
components and I run Kaspersky and when i scan it doesn't come up with
anything, yet the results below still remain. Also one of the icons in my
toolbar (bottom right hand corner) has an icon now which keeps asking to
"your computer is now infected and windows will download special
anti-spyware tools to prefent data loss", please help and advise what I need
to do to remove this/

detected: virus Heur.Trojan.Generic (modification) URL:
http://knocklis.com/img/uet.php//uet


detected: riskware Hidden install Running process: C:\Documents and
Settings\Owner\Local Settings\Temporary Internet
Files\Content.IE5IY72SH5\installb[1].exe



Re: Trojan/Riskware Help

Starman wrote:

Quoted text here. Click to load it

and multi-posted. Please don't do that. Look for a good answer in
alt.privacy.spyware

--
   -bts
   -Friends don't let friends drive Windows

Re: Trojan/Riskware Help

The Fake Truth Not-an-MVP wrote:

Quoted text here. Click to load it

Not a good answer.

--
   -bts
   -Friends don't let friends use PCButtface's stolen script

Re: Trojan/Riskware Help

Quoted text here. Click to load it

Why?

Is it not safe to use?

Quoted text here. Click to load it



Re: Trojan/Riskware Help

Starman wrote:

Quoted text here. Click to load it

Buttface stole the script (it's only a batch file) from a reputable
author, put his own name on it, and claims it is his. He doesn't know
how it works either, as he's never found the hidden markers the real
author puts in it to prove it is stolen.

Google for:  pcbutts1 fraud

--
   -bts
   -Friends don't let friends drive Windows

Re: Trojan/Riskware Help

On Fri, 10 Jul 2009 20:35:43 -0700, "The Real Truth MVP"

Quoted text here. Click to load it

After all this time, do you still have people falling for this, or has
the word pretty much gotten out about you?


Re: Trojan/Riskware Help

On Sat, 11 Jul 2009 11:42:47 -0700, "The Real Truth MVP"

Quoted text here. Click to load it

You have MVP status?? Wasn't that debunked long ago? Is this something
new then?


Quoted text here. Click to load it

I guess because their side of the story is far more believable than
yours.


Re: Trojan/Riskware Help

The Fake Truth Not-an-MVP wrote:

Quoted text here. Click to load it

..which redirects directly to your same old shite at:
hXXp://209.237.163.173/downloads/tools/tools.htm

..written by you and you alone. Who would believe it?

Quoted text here. Click to load it

The proof is overwhelmingly in favor of what those people have been
saying for years. And just because you *can* purchase a domain name with
the letters "mvp" in it, is no proof whatsoever that you are one.

No sane, ethical MVP would ever act like you do.

--
   -bts
   -Friends don't let friends drive Windows

Re: Trojan/Riskware Help


| The Fake Truth Not-an-MVP wrote:

Quoted text here. Click to load it

| ..which redirects directly to your same old shite at:
| hXXp://209.237.163.173/downloads/tools/tools.htm

| ..written by you and you alone. Who would believe it?

Quoted text here. Click to load it

| The proof is overwhelmingly in favor of what those people have been
| saying for years. And just because you *can* purchase a domain name with
| the letters "mvp" in it, is no proof whatsoever that you are one.

| No sane, ethical MVP would ever act like you do.

The proof IS overwhelming.

The liar and thief can't tell 'ya what malware the following line is from...

IF EXIST "%UserProfile%\local settings\temp\obatssrsghde.exe"

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Trojan/Riskware Help

"The Really Fake MVP" wrote:

Quoted text here. Click to load it


He knows and so do I. All you know is from where you copied it.



Re: Trojan/Riskware Help - PCBUTTS can't prove he's coded anything

says...
Quoted text here. Click to load it

The liar and thief can't tell 'ya what malware the following line is
from...

IF EXIST "%UserProfile%\local settings\temp\obatssrsghde.exe"

Come on Chris, even I was able to google that one, and if I can find it
in google then you should at least be able to explain it - since you
claim you wrote it.

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.  
Trust yourself.
spam999free@rrohio.com (remove 999 for proper email address)

Re: Trojan/Riskware Help - PCBUTTS can't prove he's coded anything


| says...

Quoted text here. Click to load it

| The liar and thief can't tell 'ya what malware the following line is
| from...

| IF EXIST "%UserProfile%\local settings\temp\obatssrsghde.exe"

| Come on Chris, even I was able to google that one, and if I can find it
| in google then you should at least be able to explain it - since you
| claim you wrote it.

You KNOW he'll weasle out of answering it.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Trojan/Riskware Help - PCBUTTS can't prove he's coded anything

says...
Quoted text here. Click to load it
[removed non-responsive answer]

The liar and thief can't tell 'ya what malware the following line is
from...

IF EXIST "%UserProfile%\local settings\temp\obatssrsghde.exe"

Come on Chris, even I was able to google that one, and if I can find it
in google then you should at least be able to explain it - since you
claim you wrote it.



--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.  
Trust yourself.
spam999free@rrohio.com (remove 999 for proper email address)

Re: Trojan/Riskware Help - PCBUTTS can't prove he's coded anything

says...
Quoted text here. Click to load it

And yet you still can't explain the line:

IF EXIST "%UserProfile%\local settings\temp\obatssrsghde.exe"

You claim you wrote it and yet you have no idea what it removes.

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.  
Trust yourself.
spam999free@rrohio.com (remove 999 for proper email address)

Re: Trojan/Riskware Help - PCBUTTS can't prove he's coded anything

Quoted text here. Click to load it

Chris, everyone knows who the thief is. Only the terminally stupid would use
one of your stolen tools.

(BTW, "mute" means something entirely different from "moot." Look it up.)

--
"...if there is any principle of the Constitution that more
imperatively calls for attachment than any other it is the principle of
free thought--not free thought for those who agree with us but freedom
for the thought that we hate." Mr. Justice Holmes, 279 U.S. 644 (1929)



Re: Trojan/Riskware Help - PCBUTTS can't prove he's coded anything


On Tue, 14 Jul 2009 06:00:55 -0400, "David H. Lipman"

Quoted text here. Click to load it

Gulp! She's more of a man hater than Laura.


Re: Trojan/Riskware Help - PCBUTTS can't prove he's coded anything

On Tue, 14 Jul 2009 06:00:55 -0400, "David H. Lipman"
PCBUTTS can't prove he's coded anything:

Quoted text here. Click to load it

Wow! How did you manage to find that photo on it's original site?
--
I filter all messages from google groups.

Re: Trojan/Riskware Help - PCBUTTS can't prove he's coded anything

says...
Quoted text here. Click to load it

And yet you still can't explain the line:

IF EXIST "%UserProfile%\local settings\temp\obatssrsghde.exe"

You claim you wrote it and yet you have no idea what it removes.

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.  
Trust yourself.
spam999free@rrohio.com (remove 999 for proper email address)

Re: Trojan/Riskware Help

On Sat, 11 Jul 2009 14:19:53 -0700, "The Real Truth MVP"

Quoted text here. Click to load it

I believe your MVP status was never bestowed in the first place.
That's why it was never revoked.

Quoted text here. Click to load it

The real MVP's don't consider you to be an MVP, and the web site above
is not authoritative. Where does that leave you?


Re: Trojan/Riskware Help

Amini wrote:

Quoted text here. Click to load it

<lol!>

Quoted text here. Click to load it

It leaves him being a Crybaby. He's never able to dispute the
overwhelming evidence against him.

--
   -bts
   -Friends don't let friends drive Windows

Site Timeline