Uh, excuse me for existing, but I'm still looking for an answer

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Okay, I'm really, really, really sorry that I started another thread with
this, after it was made clear that it is an unpardonable sin to move a
subject to another thread, but I did this to resolve another unpardonable
sin, which was a very unintentional cross-posting.  You see, I thought I was
being a good little boy, by hitting the reply button to keep it in the
thread, but little did I know until getting screamed at, that the reply went
to other newsgroups.

Those who are throwing flames, please throw them at the hijackers instead of
those of us who merely wish to fix it.  Y'all must be following the examples
of politicians . . l

Okay, now that that's off my chest . . .

Quoted text here. Click to load it
To be honest, I never went there.  I posted it so that you, or others, could
investigate.  That's why I said "DON'T CLICK" afterward, as I didn't know
what clicking on this URL would do.

Quoted text here. Click to load it

Actually I didn't follow any diagnostic tree -- anything that got where it
is was installed for me, by the internet hijacker.

So -- it appears this link in the "favorites" list is only a link to the
malicious website and nothing else, so I'll simply delete it.  I can also
say, and thank you to everyone by the way, that with the help of several
people here I've located and deleted what appears to be just about
everything.  However there's one item left, and that's the yellow shield at
the bottom right corner of the desktop.  It shows up about two minutes after
booting the computer, and displays a message "Updates are ready for your
computer.  Click here to install these updates."  My assumption is that
clicking this would either take me to a malicious website, or run some sort
of batch file or program that may still be lurking and none of my virus and
spyware programs have been able to detect.  My question is, does anyone here
have a clue as to where to find this "desktop shield" so I can manually
delete it from the desktop?


--
Gary E. Tayman/Tayman Electrical
Sound Solutions For Classic Cars
http://www.taymanelectrical.com



Re: Uh, excuse me for existing, but I'm still looking for an answer



| Actually I didn't follow any diagnostic tree -- anything that got where it
| is was installed for me, by the internet hijacker.
|
| So -- it appears this link in the "favorites" list is only a link to the
| malicious website and nothing else, so I'll simply delete it.  I can also
| say, and thank you to everyone by the way, that with the help of several
| people here I've located and deleted what appears to be just about
| everything.  However there's one item left, and that's the yellow shield at
| the bottom right corner of the desktop.  It shows up about two minutes after
| booting the computer, and displays a message "Updates are ready for your
| computer.  Click here to install these updates."  My assumption is that
| clicking this would either take me to a malicious website, or run some sort
| of batch file or program that may still be lurking and none of my virus and
| spyware programs have been able to detect.  My question is, does anyone here
| have a clue as to where to find this "desktop shield" so I can manually
| delete it from the desktop?
|

It means you are infected and it is prompting you to get further infected !

Phil was a little over exuberant in his reply about excessive cross-posting.
You were
following the thread and all were On Topic (well Symantec is On Topic if you use
their
software).  Six News Groups is about the max.  Any more than six is considered
excessive.

Either take the steps that have been provided to you or...



Download and execute HiJack This! (HJT)
http://www.spywareinfo.com/~merijn/files/HijackThis.exe

Create a HJT log file and post it in one of the below locations...

Forums where you can get expert advice for HiJack This! (HJT) logs.
NOTE: Registration is REQUIRED before posting a log
NOTE: Web sites NOT listed in any particular order

http://aumha.net/viewforum.php?f=30
http://www.bleepingcomputer.com/forums/forum22.html
http://www.dslreports.com/forum/security
http://castlecops.com/forum67.html
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://www.malwarebytes.org/forums/index.php?showforum=7



--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Uh, excuse me for existing, but I'm still looking for an answer


Quoted text here. Click to load it

Again, thank you for getting back with me.

The computer dealer originally recommended that I DL and run Hijack this,
and I tried this running Mozilla and it wouldn't work.  And at the time IE
was unusable.

Will Hijack this find and remove it?  Or will it give me a log that a guru
can decipher to tell me where to delete it?  I'm sorry about asking such
questions repeatedly, but I hate buying one program after another to fix a
stupid problem, only to find that after paying for it I don't get complete
resolution.  Plus I'm sure others are following along, and don't want to ask
the same questions themselves.


--
Gary E. Tayman/Tayman Electrical
Sound Solutions For Classic Cars
http://www.taymanelectrical.com



Re: Uh, excuse me for existing, but I'm still looking for an answer



| Again, thank you for getting back with me.
|
| The computer dealer originally recommended that I DL and run Hijack this,
| and I tried this running Mozilla and it wouldn't work.  And at the time IE
| was unusable.
|
| Will Hijack this find and remove it?  Or will it give me a log that a guru
| can decipher to tell me where to delete it?  I'm sorry about asking such
| questions repeatedly, but I hate buying one program after another to fix a
| stupid problem, only to find that after paying for it I don't get complete
| resolution.  Plus I'm sure others are following along, and don't want to ask
| the same questions themselves.
|

HiJack This!  is NOT a anti malware program.  It is a utility to collate certain
aspects of
the OS into a log file in which an expert can narrow down where malware may be
located/loaded.  While it is a good tool, it does not show all the locations
where malware
may be loaded.  But again, it does not remove malware.  It takes specific
knowledege and a
user's manual actions.

The forums I posted have experts that can examine the log file and  give you the
feedback
you need.  They will also guide you through a complete cleaning process.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Uh, excuse me for existing, but I'm still looking for an answer

<Gary Tayman> typed:
Quoted text here. Click to load it

HijackThis logs should be analysed by a guru but they are quick to respond
with an answer.

Post the log in a forum where gurus hang out:
http://aumha.net

Please read about prevention protection:
http://boards.cexx.org/viewtopic.php?t=11523

Install SiteAdvisor that will show you if you are visiting a bad site:
http://www.siteadvisor.com
--
YoKenny
See CoU at least weekly:
http://www.dozleng.com/updates/index.php?&act=calendar
I support the right to arm bears


Re: Uh, excuse me for existing, but I'm still looking for an answer

Run Hijackthis save the log file and post your log to this group so I can
analyze it. I am the only Guru in this group that will do that for you.

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system  W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



Quoted text here. Click to load it



Re: Uh, excuse me for existing, but I'm still looking for an answer


Quoted text here. Click to load it



No - you are the obly one moronic enough to demand that people break all
rules of good sense!
You are NOT a Guru - in any way, shape, or form., and none of the *real*
Gurus' (who would deny the title anyhow) would make such a  request in a
Usenet newsgroup.

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's



Re: Uh, excuse me for existing, but I'm still looking for an answer

Useless unhelpful drivel coming from a fake MVP.

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system  W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



Quoted text here. Click to load it



Re: Uh, excuse me for existing, but I'm still looking for an answer

Spam is Drivel, accompanied by Advertising.

Drivel can be helpful advice, mindless babble, abusive cursing, obvious deceit,
or even malicious larceny.

Advertising will always be advertising.
http://alttrolls.blogspot.com/2006/04/truth.html

Re: Uh, excuse me for existing, but I'm still looking for an answer

Spam is Drivel, accompanied by Advertising.

Drivel can be helpful advice, mindless babble, abusive cursing, obvious deceit,
or even malicious larceny.

Advertising will always be advertising.
http://alttrolls.blogspot.com/2006/04/truth.html

Re: Uh, excuse me for existing, but I'm still looking for an answer

pcbutts1 - 29.04.2006 17:40 :

Quoted text here. Click to load it

a real "guru" would never nominated itself but by others. If you are
the only "guru" to help in this case, why not recommend to send the log
directly to you via email? This way you possibly get more friends in
this ng. Your way is only for confrontation.

And: A real "guru" would demonstrate a much more sparkling example in
usenet behavior. Your always fullquoting, and more, placing your
fullquotings always after your sig line (should be onla max. 4 lines as
every newbie in usenet should learn/know) is NO sparkling example given
by a true guru. You are not a "guru" but more an unlearnable ignorant
only searching for confrontions.

--
by(e) NOcop PS
spam will be killed




Re: Uh, excuse me for existing, but I'm still looking for an answer

wrote:

Quoted text here. Click to load it

Peter,

http://pcbutts1.blogspot.com/2006/04/truth_07.html

OT: Cross posts Re: Uh, excuse me for existing, but I'm still looking for an answer

David H. Lipman wrote:
Quoted text here. Click to load it

Practically speaking, more than two almost always means someone is
trying to start a cross ng flame war, so I filter them. ("Two" means the
same about half the time.)

But, I have time to hang out in nastier news groups.

Site Timeline