|
Posted by Heather on December 14, 2005, 1:03 am
If you were Registered and logged in, you could reply and use other advanced thread options
fits...he is one royal PITA!! Lies, steals and now tries to pull a fast one
re your favourite program, which has helped more people than he ever has!!
Night....Figgs
>
> | Here is a partial log of David's crappy, intrusive, uncontrollable, slow
> | program.
> |
> | E:\download\afgan\WindowsXP Product Key Viewer.exe ... Found potentially
> | unwanted program Crack-StyleXP.
> | The file or process has been deleted.
> | E:\download\Bing\Serv-U4.exe\SERVUDAEMON.EXE ... Found potentially
> unwanted
> | program ServU-Daemon.
> | E:\download\Bing\Serv-U4.exe\SERVUADMIN.EXE ... Found potentially
> unwanted
> | program ServU-Daemon.
> | E:\download\xpsp1.zip\WINDOWSXP PRODUCT KEY VIEWER.EXE ... Found
> potentially
> | unwanted program Crack-StyleXP.
> |
> | The above programs are not viruses, now the user can no longer use them.
> Why
> | don't you tell him how he can restore those files from backup......oh
> thats
> | right there is no backup or quarantine. Your program is crap.
> |
> | You tell people to use my stolen program from the thief and in the same
> post
> | you have them use yours which deletes mine. Your program is crap.
> | E:\download\smitfraud\smitRem\Process.exe ... Found potentially unwanted
> | program PrcViewer.
> | The file or process has been deleted.
> |
>
> Shows how little you know !
>
> What you call "crap" is a highly effective anti malware scan.
>
> Your excerpts were from the McAfee Command Line Scanner set to search for
> "potentially
> unwanted programs" This can bet set in the Corp/Enterprise software via
> the checkbox in the
> GUI or by the command line switch; /program
>
> The same way the following was detected and removed...
>
> C:\WINDOWS\SYSTEM32\kvdhu1.dll ... Found potentially unwanted program
> Adware-Look2Me.
> The file or process has been deleted.
> C:\WINDOWS\SYSTEM32\lrflt09.dll ... Found potentially unwanted program
> Adware-Look2Me.
> The file or process has been deleted.
> C:\WINDOWS\SYSTEM32\mkaatext.dll ... Found potentially unwanted program
> Adware-Look2Me.
> The file or process has been deleted.
> C:\WINDOWS\SYSTEM32\mporc32r.dll ... Found potentially unwanted program
> Adware-Look2Me.
> The file or process has been deleted.
> C:\WINDOWS\SYSTEM32\mrafd.dll ... Found potentially unwanted program
> Adware-Look2Me.
> The file or process has been deleted.
> C:\WINDOWS\timessquare.exe ... Found potentially unwanted program
> Adware-DCToolbar.
> The file or process has been deleted.
> C:\Documents and Settings\Default User\My
> Documents\Data\Data\MemWatcher.exe ... Found
> potentially unwanted program Adware-MemWatcher.
> The file or process has been deleted.
> C:\Documents and Settings\Default User\My Documents\Data\MemWatcher.exe
> ... Found
> potentially unwanted program Adware-MemWatcher.
> The file or process has been deleted.
> C:\Program Files\QL\qlink32.dll ... Found potentially unwanted program
> Adware-LinkMaker.
> The file or process has been deleted.
> C:\WINDOWS\toolbar.exe ... Found potentially unwanted program
> Adware-DollarRevenue.
> The file or process has been deleted.
>
> It looks like the affected user was being naughty and trying to "crack"
> the NAV subscription
> and WinXP but instead, got himself infected ! No free lunches !
>
> C:\Documents and
>
Settings\cd23\Desktop\Norton_2005_LiveUpdate_Subscription_Limit_Remover.zip\CRACK.EXE\CRACK.
> EXE ... Found the StartPage-IC trojan !!!
> C:\Documents and Settings\cd23\My Documents\Downloads\norton
> subscription.zip\SETUP.EXE ...
> Found potentially unwanted program Adware-ISTbar.
>
> Crack-StyleXP -- http://vil.nai.com/vil/content/v_124613.htm
> "The Crack-StyleXP program generates random registration keys for the
> Windows Product Key."
>
> As for the Process.exe being declared as "potentially unwanted program
> PrcViewer" by
> Mcafee...
>
> This is detected because, while the utility is not malware in itself, it
> can be used
> directly by malware or in a script in a malicious way. An example would
> be the same
> Process.exe utility could have easily been used to kill the FireWall
> application and/or the
> anti virus application clearing the way for a virus, Trojan or other
> malware to be
> installed.
>
> ServU-Daemon -- http://vil.nai.com/vil/content/v_99901.htm
> "The Serv-U FTP daemon is a popular commercial FTP server. This
> application has been used by
> many trojans for malicious purposes, where files are renamed to try to
> fool people into
> thinking that they are Windows system files. These renamed files will be
> picked up with
> regular detection within the on-access or on-demand scanners. "
>
>
> Total files scanned ~ 309500
> Time: 03:22.53
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
| 
XML site map