Trojan Horse (unspecified)

Discussion in 'Virus Information' started by Chris2T, Apr 25, 2009.

  1. Chris2T

    Chris2T Guest

    Norton Anti-Virus scan (Updates downloaded today) found a Trojan Horse that
    it didn't find last week. It's in "christmasjoy.exe" which is a screensaver
    I downloaded last Xmas. Can't seem to delete the file with Norton: how to
    get it ALL out?
     
    Chris2T, Apr 25, 2009
    #1
    1. Advertisements

  2. From: "Chris2T" <>

    | Norton Anti-Virus scan (Updates downloaded today) found a Trojan Horse that
    | it didn't find last week. It's in "christmasjoy.exe" which is a screensaver
    | I downloaded last Xmas. Can't seem to delete the file with Norton: how to
    | get it ALL out?

    Give the following pair a shot at it...

    Malwarebytes Anti-Malware
    http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    SuperAntiSpyware
    http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
     
    David H. Lipman, Apr 25, 2009
    #2
    1. Advertisements

  3. Chris2T

    Chris2T Guest

    OK! I downloaded the SuperAntiSpyware, ran it, then re-ran Norton Anti-Virus
    -- and NO viruses -- so it worked! Maybe: the computer (previous owner)
    also has Spyware Doctor -- so I ran THAT -- says it still has 3 instances of
    "FlashGet" browser redirector and 1 of "Net Ratings"! So how do I get rid of
    those -- or do I have to pay $30 to have the Spyware Dr. people do it for me?

    Plus I have "Aluria Security" in this computer too! Do I really need that
    TOO? (Along with current Norton Anti-Virus and their Symantec's Firewall, all
    of which I use!)

    And also while we're at it, just HOW do I remove a screensaver (the
    suspicious one)anyway? I can't find it by the filename in "Find" and
    right-clicking on it in "Display" doesn't give me a "Delete" option and it's
    not on the list of "Add/Delete" choices to make either. (I'm in Windows 98SE
    on a ten-year old IBM Thinkpad).

    BTW, thanks Dave!
     
    Chris2T, Apr 26, 2009
    #3
  4. From: "Chris2T" <>

    | OK! I downloaded the SuperAntiSpyware, ran it, then re-ran Norton Anti-Virus
    | -- and NO viruses -- so it worked! Maybe: the computer (previous owner)
    | also has Spyware Doctor -- so I ran THAT -- says it still has 3 instances of
    | "FlashGet" browser redirector and 1 of "Net Ratings"! So how do I get rid of
    | those -- or do I have to pay $30 to have the Spyware Dr. people do it for me?

    | Plus I have "Aluria Security" in this computer too! Do I really need that
    | TOO? (Along with current Norton Anti-Virus and their Symantec's Firewall, all
    | of which I use!)

    | And also while we're at it, just HOW do I remove a screensaver (the
    | suspicious one)anyway? I can't find it by the filename in "Find" and
    | right-clicking on it in "Display" doesn't give me a "Delete" option and it's
    | not on the list of "Add/Delete" choices to make either. (I'm in Windows 98SE
    | on a ten-year old IBM Thinkpad).

    | BTW, thanks Dave!


    You said...

    "previous owner" -- This is a used PC ?

    If yes then the BEST advice is to wipe it and re-install the OS form scratch.
     
    David H. Lipman, Apr 26, 2009
    #4
  5. Chris2T

    Chris2T Guest

    That was neither very kind -- nor helpful!

    Anybody else out there willing to simply answer my questions? I've managed
    pretty well so far with just your help and not all of us can AFFORD the
    latest and grreatest these days!!

    Thanks, Chris
     
    Chris2T, Apr 26, 2009
    #5
  6. From: "Chris2T" <>

    | That was neither very kind -- nor helpful!

    | Anybody else out there willing to simply answer my questions? I've managed
    | pretty well so far with just your help and not all of us can AFFORD the
    | latest and grreatest these days!!

    | Thanks, Chris

    I'm sorry, it is NOT about being kind. It is about being SAFE.

    Anybody here worth a grain of salt and sees a thread about malware or the possibility of
    malware on a PC that had been previously used will tell you the same thing. Wipe the PC
    and re-install the OS from scratch.

    *NEVER* accept a previously used PC without wiping the hard disk and re-installing the OS
    from scratch.
     
    David H. Lipman, Apr 26, 2009
    #6
  7. Chris2T

    Chris2T Guest

    The machine came from an IT Professional who's no longer available and was
    especially set up for me. So what can I do but "make do" now?

    Plus the Trojan in question (is the ONLY one I've EVER had!) JUST appeared
    yesterday on a regular weekly Anti-Virus scan and the software it's in is
    identified; I'm just trying to remove it! (So I AM being a responsible
    user.) Next month I'll just have to pay SpyDoctor to get rid of the browser
    rediretors and NetRatings since you're too superior to lower yourself any
    further.
     
    Chris2T, Apr 26, 2009
    #7
  8. OOOhh you did it now, you've pissed off the Usenet god, that's who David
    thinks he is. Watch out now he is going to flood your email with spam. It is
    well documented how he got caught doing that with me, See
    http://pcbutts1-therealtruth.blogspot.com under the heading David Lipman
    troll. If SAS says you are clean then you are clean.


    --
    The Real Truth http://pcbutts1-therealtruth.blogspot.com/
    *WARNING* Do NOT follow any advice given by the people listed below.
    They do NOT have the expertise or knowledge to fix your issue. Do not waste
    your time.
    David H Lipman, Malke, PA Bear, Beauregard T. Shagnasty, Leythos.
     
    The Real Truth [MS MVP], Apr 26, 2009
    #8
  9. Chris2T

    Leythos Guest

    Actually, it was very helpful and very kind.

    A USED PC can have any type of malware and other nasty things on it.

    If you bought/were given a used PC then the very first thing you should
    do it wipe it and install from scratch.

    The key point being that if the machine was already infected, how do you
    know you got all of it? You don't. The only certain way to clean a
    machine is to wipe it and reinstall from scratch.
     
    Leythos, Apr 26, 2009
    #9
  10. Chris2T

    Leythos Guest

    There are many "IT Professionals" and most of them are not worth the
    weight of the hair on their heads.
    If your IT Professional setup the PC properly there would be little way
    for you to have been compromised, clearly not a "professional" job as
    far as security and training of you.

    Any respectable person looking to clean a machine can easily search
    google to find hundreds of ways to clean infected machines, and there
    are even unreputable people that pretend to be MVP's that will have you
    download pirated software to fix your machine - while they also block
    access to quality and reputable anti-malware sites with your pirated
    fixes.

    The key you need to understand is that your machine was not secured,
    it's still not secure, and just because you removed what you can find
    doesn't mean that there are not a dozen other malware that you missed.

    If the "IT Professional" was a good person they also provided you with
    all of the media (CD/DVD for the software they installed) and you should
    be able to wipe it and be back up and running in 2-3 hours from the time
    you start.
     
    Leythos, Apr 26, 2009
    #10
  11. Chris2T

    Leythos Guest

    And there you have it, another lie from PCBUTTS1.

    No anti-malware application will tell you that you are "Clean", only
    "Clean from known malware that it's capable of detecting".
     
    Leythos, Apr 26, 2009
    #11
  12. From: "Chris2T" <>

    | The machine came from an IT Professional who's no longer available and was
    | especially set up for me. So what can I do but "make do" now?

    | Plus the Trojan in question (is the ONLY one I've EVER had!) JUST appeared
    | yesterday on a regular weekly Anti-Virus scan and the software it's in is
    | identified; I'm just trying to remove it! (So I AM being a responsible
    | user.) Next month I'll just have to pay SpyDoctor to get rid of the browser
    | rediretors and NetRatings since you're too superior to lower yourself any
    | further.

    A PC especially setup for you is NOT a used PC and doesn't match with "previous owner".

    If the previous owner wiped the PC and setup the OS specifically for you then that is
    totally different. I go only go by the words the you provide.

    BTW: Please ignore the fake MS MVP and software plagiarizer known as PCBUTTS1.

    http://www.viruslist.com/en/weblog?weblogid=197597102
    http://www.nutnworks.com/forums/showthread.php?p=10097
    http://www.besttechie.net/2006/09/07/pcbutts1-back-at-it/

    Softwaredieb zensiert Schweizer PC-Magazin (06 Oct-08)
    http://www.tagesanzeiger.ch/digital/Softwaredieb-zensiert-Schweizer-PCMagazin/story/27917275

    Google translation:
    http://translate.google.com/translate?hl=en&sl=de&u=http://www.tagesanzeiger.ch/digital/computer/Softwaredieb-zensiert-Schweizer-PCMagazin/story/27917275%3Fprint%3Dyes&ei=753wSeW3LojOyQX10Y28DA&sa=X&oi=translate&resnum=1&ct=result&prev=/search%3Fq%3D%2522Softwaredieb%2Bzensiert%2BSchweizer%2BPC-magazin%2522%26hl%3Den%26safe%3Doff%26rls%3Dcom.microsoft:en-US
     
    David H. Lipman, Apr 26, 2009
    #12
  13. It may have been a false positive detection - now corrected. If you are
    happy that you *may* be okay, then okay. If you would like more
    confidence than "*may*" gives you - then David's advice is appropriate
    (as well as kind and helpful).
     
    FromTheRafters, Apr 26, 2009
    #13
  14. Chris2T

    Leythos Guest

    Just to add to my last post, anyone who does what you do is an idiot. And
    David Lipman is a god and I love him so leave him alone.
     
    Leythos, Apr 26, 2009
    #14
  15. Any guesses who this might be?
     
    FromTheRafters, Apr 26, 2009
    #15
  16. Chris2T

    Leythos Guest

    As you can see, PCButts is impersonating people again, this time me. The
    headers reflect those that Butts has been known to post from and clearly
    show that the above post was not from myself.

    Anyone that would trust a person of such immoral character is a fool.
     
    Leythos, Apr 27, 2009
    #16
  17. So David is a mere mortal and you only like him a little?
     
    FromTheRafters, Apr 27, 2009
    #17
  18. From: "FromTheRafters" <erratic @nomail.afraid.org>


    | So David is a mere mortal and you only like him a little?


    Extremely mortal with all life's frailties :)
    { Damn, I left the cigarettes at the GoGo bar... }
     
    David H. Lipman, Apr 27, 2009
    #18
  19. Chris2T

    Leythos Guest

    LOL, the only people that think they are gods would be PCButts and his
    socks.
     
    Leythos, Apr 27, 2009
    #19
  20. Chris2T

    Peter Foldes Guest

    There you go again and using another posting name. Something is seriously a problem
    upstairs. Have you had it checked by a professional shrink lately
     
    Peter Foldes, Apr 27, 2009
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.