Removing malware from an infected PC - battling antivirus programs

Discussion in 'Virus Information' started by ~BD~, Jan 20, 2009.

  1. From: "~BD~" <>

    | I appreciate yout honesty on this occasion. Thank you, Mr Lipman.

    | I'll explain my thinking just one more time. Cybercrime has escallated
    | exponentially since 9/11. 'Bad guys' *are* stealing money on the
    | Internet - lots of it!

    | Terrorism requires huge amounts of money to be effective. My bet is that
    | there are many 'bad guys' operating on the Internet (and probably within
    | the Microsoft newsgroups too) whose role is to steal money - not simply
    | to buy fast cars, women and drugs etc - but to fund the acts of
    | terrorism which kill and maim thousands of people each year. I don't
    | approve of that.

    | The clever technical experts have been less than efficient at catching
    | these murderers. Can you think of a better place to hide on the Internet
    | than within groups which purport to be helping out ordinary folk with
    | their computer problems? I can't.

    | Those reading here will probably know that some 'helpers' fail to answer
    | my simple and straight-forward queries. In my book, that is not the
    | reaction I would expect from the 'good guys'. My hope is, truly, that
    | the Police and/or Security Services monitor these messages and will
    | concentrate their efforts by watching those who appear to be reacting
    | suspiciously.

    | HTH
    | --
    | Dave

    This is one of the reasons you are considered a troll.

    Pure FUD and BS.
    David H. Lipman, Feb 1, 2009
    1. Advertisements

  2. ~BD~

    Leythos Guest

    You're nuts BD. The crime is for personal gain and I'm going to bet that
    99.9% of it has little to do with Terrorism as you would define it.

    That it has increased since 9/11 has noting to do with 9/11 or
    terrorism, it's increasing because it's so easy and so many fools fall
    for it.
    Leythos, Feb 1, 2009
    1. Advertisements

  3. ~BD~

    Leythos Guest

    LOL - Nothing I do or say alienates me in the groups, not any of them.
    People have different experiences, some very limited which they believe
    gives them an understanding that they could not possibly have. Others
    are hacks/trolls/pirates, don't really care to have any respect from
    You misunderstand him.
    Leythos, Feb 1, 2009
  4. ~BD~

    ~BD~ Guest

    I enjoy it when you pop in, Pete. Hello again! :)

    You might be interested to know that I installed Prevx when it was first
    launched - early in 2005 I think.

    Hmmm. It wasn't long afterwards that £245 was fraudulently taken, in my
    name, from Paypal - asserting that I had bought a mobile 'phone through
    eBay! There couldn't have been any connection - could there?!!! <s>


    PS I've still not decoded your siggy - any help/clues?
    ~BD~, Feb 1, 2009
  5. ~BD~

    ~BD~ Guest

    In line

    I'll go with being nuts! :)

    It does not, though, mean that I'm wrong about this!

    As I understand things, even 0.1% could well be $millions! (and your
    'guesstimate' may well be inaccurate!)

    I used 9/11 for effect. However, there is no denying that losses have
    dramatically increased over the last 6/7 years. An item of some
    interest, perhaps, here:
    ~BD~, Feb 1, 2009
  6. From: "~BD~" <>

    | I enjoy it when you pop in, Pete. Hello again! :)

    | You might be interested to know that I installed Prevx when it was first
    | launched - early in 2005 I think.

    | Hmmm. It wasn't long afterwards that £245 was fraudulently taken, in my
    | name, from Paypal - asserting that I had bought a mobile 'phone through
    | eBay! There couldn't have been any connection - could there?!!! <s>

    | Dave

    There is NO connection and stop making blind insinuations.

    You do that over and over and again that is why you are a deemed a troll.
    David H. Lipman, Feb 1, 2009
  7. ~BD~

    Leythos Guest

    You would do well to not visit the sites where people wearing metal for
    head covering write.

    The increase is because more and more people are only and doing online
    purchasing - the increase is directly related to the number of online
    people and the number of criminals that see them as easy targets.
    Leythos, Feb 1, 2009
  8. ~BD~

    ~BD~ Guest

    Did you *ever* have a sense of humour, David Lipman?

    You say that as if you have absolute knowledge - but it is either a
    guess on your part ......... or you may, of course, be part of the
    problem. No-one can know for sure, can they?

    You may deem me whatever you wish. It will not stop me having an opinion
    ........ or voicing same.
    ~BD~, Feb 1, 2009
  9. David lost his sense of humor a few years ago during his failed campaign to
    shut me down. it made him crazy and he still is.


    *WARNING* Do NOT follow any advise given by the people listed below.
    They do NOT have the expertise or knowledge to fix your issue.
    Do not waste your time.
    David H Lipman, Malke, PA Bear, Beauregard T. Shagnasty, Leythos
    The Real Truth MVP, Feb 1, 2009
  10. ~BD~

    Leythos Guest

    Do you really want me to start exposing you again.

    Your signature denotes that you're STALKING ME AGAIN Chris, do you
    really want to start that again?
    Leythos, Feb 1, 2009
  11. Take your meds, Chris, and don't forget your appointment at the shrink on
    PA Bear [MS MVP], Feb 1, 2009
  12. ~BD~

    ~BD~ Guest

    I'll not argue with you! I also look here
    ~BD~, Feb 1, 2009
  13. ~BD~

    ~BD~ Guest

    You are entitled to your opinion, Mr Lipman.

    That does *not* mean that my supposition is incorrect!
    ~BD~, Feb 1, 2009
  14. From: "~BD~" <>

    | You are entitled to your opinion, Mr Lipman.

    | That does *not* mean that my supposition is incorrect!
    | --
    | B.Dave

    No, it means that your a paranoid dillusionist.
    David H. Lipman, Feb 2, 2009
  15. ~BD~

    1PW Guest

    On 02/01/2009 05:46 AM, ~BD~ sent:

    Snip, snip...
    Hello Dave:
    Some evidence exists that Prevx goes back to 2002. However, I believe I
    stumbled upon them about the time you did.
    I fail to see the connection. I trust you successfully defended your
    family's name and honor.
    I wonder if a clue lies within the last bracket pair? Report your
    findings, in a protected manner, for intellectual credit...

    1PW, Feb 2, 2009
  16. ~BD~

    ~BD~ Guest

    They'd have been here after you for sure, FTR - had it not been for the
    snow today! ;)

    Just for a moment - totally hypothetically - if one suspected that a
    product such as Prevx was being offered by the 'bad guys' - are you
    aware of any organisation which might be willing to look at same in
    detail .............. just to rule it out, so to speak?
    ~BD~, Feb 2, 2009
  17. No. I'm reasonably sure that there are enough individuals doing so
    that word would soon spread if anything untoward was found. A
    cyber-friend of mine just loved to do things like that - not out of
    suspicion, just out of curiosity - and publish his results. Since one
    such disclosure got him in legal trouble, and labeled as a terrorist,
    I'm not sure he publishes his findings anymore.

    I bet he still does the reverse engineering for his own edification.'s sad really when the law helps the bad guys more than the
    good guys.
    FromTheRafters, Feb 3, 2009
  18. ~BD~

    ~BD~ Guest

    Thanks, FTR.

    The bad guys *always* make mistakes (good guys do too - but they simply
    say "Ooops! Sorry")

    I am NOT saying that Prevx isn't bonio fido, but please look here

    You will note a charge for VAT of 19%.

    It is mistakes like that which arouse my curiosity! <smile>
    ~BD~, Feb 3, 2009
  19. ~BD~

    ~BD~ Guest

    Hello Pete - my apology for the delay in responding.

    Just for fun, I downloaded and installed a new product from Prevx called
    Prevx Edge. The programme scanned all files (it said) and then reported
    that I had a Rootkit. I did not request any further action, but submited
    said file to Virus total. This was the finding:

    File psires.dll received on 02.03.2009 10:01:27 (CET)
    Result: 0/39 (0%)

    Antivirus Version Last Update Result
    a-squared 2009.02.03 -
    AhnLab-V3 2009.02.03 -
    AntiVir 2009.02.03 -
    Authentium 2009.02.03 -
    Avast 4.8.1281.0 2009.02.03 -
    AVG 2009.02.02 -
    BitDefender 7.2 2009.02.03 -
    CAT-QuickHeal 10.00 2009.02.03 -
    ClamAV 0.94.1 2009.02.03 -
    Comodo 961 2009.02.03 -
    DrWeb 2009.02.03 -
    eSafe 2009.02.01 -
    eTrust-Vet 31.6.6338 2009.02.03 -
    F-Prot 2009.02.02 -
    F-Secure 8.0.14470.0 2009.02.03 -
    Fortinet 2009.02.02 -
    GData 19 2009.02.03 -
    Ikarus T3. 2009.02.03 -
    K7AntiVirus 7.10.615 2009.02.02 -
    Kaspersky 2009.02.03 -
    McAfee 5514 2009.02.02 -
    McAfee+Artemis 5514 2009.02.02 -
    Microsoft 1.4306 2009.02.03 -
    NOD32 3820 2009.02.03 -
    Norman 6.00.02 2009.02.02 -
    nProtect 2009.1.8.0 2009.02.03 -
    Panda 2009.02.02 -
    PCTools 2009.02.02 -
    Prevx1 V2 2009.02.03 -
    Rising 2009.02.03 -
    SecureWeb-Gateway 6.7.6 2009.02.03 -
    Sophos 4.38.0 2009.02.03 -
    Sunbelt 3.2.1835.2 2009.01.16 -
    Symantec 10 2009.02.03 -
    TheHacker 2009.02.03 -
    TrendMicro 8.700.0.1004 2009.02.03 -
    VBA32 2009.02.03 -
    ViRobot 2009.2.3.1587 2009.02.03 -
    VirusBuster 2009.02.02 -
    Additional information
    File size: 527360 bytes
    MD5...: ec78986c0eea9d245f5cd615321ea604
    SHA1..: 58509398b213e669d5764acc65f7ef4fbf112825


    PEiD..: -
    TrID..: File type identification
    Generic Win/DOS Executable (49.9%)
    DOS Executable Generic (49.8%)
    Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
    PEInfo: PE Structure information

    ( base data )
    entrypointaddress.: 0x0
    timedatestamp.....: 0x492a6600 (Mon Nov 24 08:29:52 2008)
    machinetype.......: 0x14c (I386)

    ( 3 sections )
    name viradd virsiz rawdsiz ntrpy md5
    .rdata 0x1000 0x8c 0x200 1.93 d407ed06ee16e36eca22325e78a73fa1
    .rsrc 0x2000 0x80288 0x80400 5.20 02226296802d0d6f85a4f9a6039ad3a5
    .reloc 0x83000 0x8 0x200 0.02 2c38765194d27b75f56d0565088a53ee

    ( 0 imports )

    ( 0 exports )

    I did not enjoy the experience of recovering funds from PayPal
    after the fraudulent transaction. At the time, PayPal was an independent
    company but, as I'm sure you are aware, it is now owned by eBay itself.

    I thought I had been careful, yet after the theft I discovered a
    Trojan Downloader - found by Trend Micro!

    Lessons learned.

    Interestingly, all correspondence in relation to my claim against
    PayPal had to be conducted by post - snail mail. They told me the
    Internet could not be trusted! <wink>

    In spite of lots of lateral thinking, neither I nor my wife have
    made progress with your signature - I'm sure it's not meant to be easy
    to decode - just as one might expect from someone whose address is
    !!! <smile>
    ~BD~, Feb 3, 2009
    FromTheRafters, Feb 3, 2009
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.