Virus Disabled System Restore & Windows Security
in [Anti-Virus]
|
From: David H. Lipman on 27 May 2010 18:00 From: "Doug R" <scootersite(a)NOSPAMhotmail.com> | Duly noted: Cross Post.....GOOD | Multi Post.......BAD :-) -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: ~BD~ on 27 May 2010 18:44 "FromTheRafters" <erratic(a)nomail.afraid.org> wrote in message news:htljju$dev$1(a)news.eternal-september.org... | "~BD~" <.BoaterDave(a)hotmail.co.uk> wrote in message | news:htl7dt$gdj$1(a)news.eternal-september.org... | > | > "FromTheRafters" <erratic(a)nomail.afraid.org> wrote in message | > news:htkjgv$9m3$1(a)news.eternal-september.org... | > | > | He's edited the registry and moved on... | > | > | > Surely that's the *only* way to 'fix' things if malware has caused a | > registry alteration? | | If the program was out of date and perhaps misidentifying a malware | instance, what other settings might it have missed correcting? It would | be better to confirm or deny the use of the most recent version of the | removal program. What if version 'b' edits the registry *and* drops | another malware item and version 'a' gets identified and removed? Sure, | he can manually edit the registry entry he finds amiss back to what it | should be, but it would be better to execute an updated version of MBAM | or another removal tool such as SAS. What if MBAM itself was dropping a malware item after cleaning a machine? Who would ever know? SAS might do likewise! Just a thought! -- Dave
From: David H. Lipman on 27 May 2010 18:54 From: "~BD~" <.BoaterDave(a)hotmail.co.uk> | "FromTheRafters" <erratic(a)nomail.afraid.org> wrote in message | news:htljju$dev$1(a)news.eternal-september.org... || "~BD~" <.BoaterDave(a)hotmail.co.uk> wrote in message || news:htl7dt$gdj$1(a)news.eternal-september.org... || > || > "FromTheRafters" <erratic(a)nomail.afraid.org> wrote in message || > news:htkjgv$9m3$1(a)news.eternal-september.org... || > || > | He's edited the registry and moved on... || > || > || > Surely that's the *only* way to 'fix' things if malware has caused a || > registry alteration? || If the program was out of date and perhaps misidentifying a malware || instance, what other settings might it have missed correcting? It | would || be better to confirm or deny the use of the most recent version of the || removal program. What if version 'b' edits the registry *and* drops || another malware item and version 'a' gets identified and removed? | Sure, || he can manually edit the registry entry he finds amiss back to what it || should be, but it would be better to execute an updated version of | MBAM || or another removal tool such as SAS. | What if MBAM itself was dropping a malware item after cleaning a | machine? | Who would ever know? | SAS might do likewise! | Just a thought! That "thought" is called FUD. Your process is called trolling. You are deliberately introducing Fear Uncertainty and Doubt when there is none. You say "Who would ever know?" There is a large body within the anti malware community that does checks and balances and they "know". MBAM and SAS do *NOT* drop malware! EoD -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: George Orwell on 27 May 2010 19:48 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In article <htmt7f0n78(a)news1.newsguy.com> "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote: > > From: "~BD~" <.BoaterDave(a)hotmail.co.uk> > > > | "FromTheRafters" <erratic(a)nomail.afraid.org> wrote in message > | news:htljju$dev$1(a)news.eternal-september.org... > || "~BD~" <.BoaterDave(a)hotmail.co.uk> wrote in message > || news:htl7dt$gdj$1(a)news.eternal-september.org... > || > > || > "FromTheRafters" <erratic(a)nomail.afraid.org> wrote in message > || > news:htkjgv$9m3$1(a)news.eternal-september.org... > || > > || > | He's edited the registry and moved on... > || > > || > > || > Surely that's the *only* way to 'fix' things if malware has > || > caused a registry alteration? > > || If the program was out of date and perhaps misidentifying a > || malware instance, what other settings might it have missed > || correcting? It > | would > || be better to confirm or deny the use of the most recent version > || of the removal program. What if version 'b' edits the registry > || *and* drops another malware item and version 'a' gets identified > || and removed? > | Sure, > || he can manually edit the registry entry he finds amiss back to > || what it should be, but it would be better to execute an updated > || version of > | MBAM > || or another removal tool such as SAS. > > > | What if MBAM itself was dropping a malware item after cleaning a > | machine? > > | Who would ever know? > > | SAS might do likewise! > > | Just a thought! > > That "thought" is called FUD. Your process is called trolling. > > You are deliberately introducing Fear Uncertainty and Doubt when > there is none. > > You say "Who would ever know?" > There is a large body within the anti malware community that does > checks and balances and they "know". > > MBAM and SAS do *NOT* drop malware! > > EoD > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp As this old fart if he still works for MBAM. As him why they fired only DustyBottoms Krook after finding them both in a closet practicing 'injecting' malware into each other. - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: Raid Ver. 0.4.6 (Raid's I.Q.) Comment: Raid Is A Dangerous Sociopathic Monster mQGiBEv5rOcRBADxvuuWmXxws8jvtc4o1P6eD7yi0bROD2koLkO+3fdtGpSi54tT UMqWJ0iOvs3oDUZsgQ+n4pkwrLCvgrC0rQzq85T3oS/6tzIdqboTj/hsIkwJrvsT RfdrIORMRMrRUQXOcae4A+XVjHR7nYLlVhzfatZcZw0XaLGvdOqdwfYj3QCg/4+j lnraPsboXfnmcpEFabBbxhkEAMUrYAjMzl3cWeFng+TdiAomsQzmiXPnOG8dcB1v OlXCIgNRaKfXM2deNSho11o5I/kYCVBBrpSl/4Ou3yt9HHx5tyMBadVD0lLaOWn4 bxjVPuIVTmJPOUd3X1IEBjmP2qBBdRU04lBIFuRokpIb2zZhnrkNX5LyrJB1k42I qHT1BACXc/Dy2SFGX2NB29msCPczKGo4FvOS4G1kAacDnBKoIErwP6/MXHpcF4Gb Mx1Eb4s9IR5Af4pGLdpsfl2MC3OSgeby56BxvTo1YLjnxxoeJn55aRVRpzgrEFyN kZqAnGAZjWbWHU3i1ag2vtDFkZnVp5fWKYH+29C7hsapeuMbArQEUmFpZIkAUwQQ EQIAEwUCS/ms5wkLCQoIAgcDAQQCGQEACgkQvmBTcC1T9/WQrwCfZFGckHXx4/J2 KbefJqHD0+NH7OsAmwQnmaYlPP/rZ1Gah0EyBz/zW0OnuQINBEv5rO4QCADjDEBs uorjWyUdnKenrVyM9ovZhSGpfCsMW9+ydRYCTYCAzsH/p39H0aiGgfdDngtucK9V xnmz5DmItw0WQBTCLEZQZ0iPBMu8eN0Kot/PQ9ckIYBeE1AFQyQUm1kB7WywstUc p26cs5Mp0QcY7dVB0AbmnO6Bs46Ss/ClATMzISEESDd73A7Shgp009HMPOJFx6YP RxHKLJrpRYGQrJZqb/35DuqIegP1WZYfV3kG6DhPApt7SXc9JgAxbyXoWruWEd+M bo5d6E80w2trqTsXM2qrbahfPuJG4bzEWvO1Mx4IQCPIXqhIDk9sPnwyTZrVYfEs P6cGyk/x43ns9zqvAAICB/46rb6F+hK3UrQcXyVgw6pJYgta3Eb57lM87rcnwrbj XWxupSy5efwYznG22kIjhe9ct6AbA699d56NFWU5gwbVowO8EeS/LGeB2OOc9PaW gfSae9/vVI0PakkMXSm+J1KjgWCK4j7PzAg/Si72QduQr4jwnA5B75/OS172jcBu ZBnAbQ/hSFetBsk+037CKpvsPyGX5MQv5ZBSZV3qzFFmo+bgX1QbQxFrgqAV8jyw 2UlQ0zU7G5oX7H859T9MWaqtkjPZHP+v6vqDH5YIuAIo6NA2d7UZwzB766zpJeSI OxkjbvbaNUV+w7oiIR8f4iQnOiIGsqUXwybAAtSaFhyriQBGBBgRAgAGBQJL+azu AAoJEL5gU3AtU/f1X1wAoOfSc12FoPilEN0W1LGFCt6IpOLLAJ9yvzq7gaqipUL+ szxmvxA3SS3HRg== =CTpL - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: Raid Ver. 0.4.6 (Raid's I.Q.) Comment: Raid Is A Dangerous Sociopathic Monster iQA/AwUBS/7dHr5gU3AtU/f1EQK9VgCgp8bTRhJ8nW/8/XVgvxyPG6+iGQUAoIcX wPMxBG89TF7QV/tSaJPmmd1d =L8Gy -----END PGP SIGNATURE----- Il mittente di questo messaggio|The sender address of this non corrisponde ad un utente |message is not related to a real reale ma all'indirizzo fittizio|person but to a fake address of an di un sistema anonimizzatore |anonymous system Per maggiori informazioni |For more info https://www.mixmaster.it
From: Anonymous on 27 May 2010 20:58
In article <ueltv5pt03na1t39fi6pn1gfno1n6halkf(a)4ax.com> Doug R <scootersite(a)NOSPAMhotmail.com> wrote: > > >As I mentioned, I am not computer literate so I probably >didn't do things correctly. I was infected about 3-4 >months ago with an unknown virus that screwed things up >good. After running numerous anti virus programs I finally >got my PC back to normal. I didn't save or log anything (I >will in the future) as my PC was running fine. I do update >the anti virus files on a regular basis so yes, they are >current. When I posted to this group (as well as others) >earlier this week I had just noticed that I couldn't >access Restore or Security Center. I was searching the >newsgroups and internet looking for a fix when I found an >article telling me what to look for in the registry. I >followed those instructions and deleted the line that was >making Restore inaccessable. Next time I will do more >homework before I try anything and I will cross post, not >multi post which really seemed to annoy some people. After >reading through some suggestions from this group I >uploaded some questionable files to 2 sites that were >recommended here. They both came back with 10-25% hits for >being infected. For the heck of it I archived a 13 MB file >with a bunch of stuff that I knew was clean and uploaded >to those same 2 sites. This absolutely clean file came >back witth 20-30% hits for being infected. The one thing >I've learned from this (besides NO cross posting) is that >there is evidently no way to determine what is clean and >what is not! And, I do appreciate your attempts to help >me. > > http://www.virustotal.com/analisis/9e252a1178ab190f8df6b628671920b2f1ca65d80e6da46c7865eaf05778047e-1274990659 > > http://virusscan.jotti.org/en/scanresult/115cc0f6502183072d1a9ea2737b7e3313b2bb67 > You can thank virus writing/passing swine like Raid/Dustin Cook for all your troubles. |