I've been downloading loot of all types since a couple years ago
without problems. Now, the new comp I've bought is a clean install
with all my **** moved to it. 'Cuz I haven't yet completely
transferred all the files/settings, I have no firewall/AV. Since
explorer don't recognize my DVDs, I proceeded to jack some warez so I
could at least burn the bulky **** (high-definition seasons/films)
that takes up disk space for no real reason. When I tried to install
Nero, BAM, this dialog box called "Antivirus XP 2008" flips up outta
nowhere, telling me it found 16 trilion Trojan horses on my comp. When
I couldn't close the piece of ****, I ran task manager and terminated
all those processes with incoherent names like "awtohsjdghei.exe."
What blatant ****ing bullshittery I had to get smacked with -- the
ONLY time outta 5 years that I had no AV/Firewall installed I had to
get my brand-new computer raped just then and there. ****!

So because I seriously lost my patience with having to wheel my ****
from one place to another, re-installing OS and 12 hours
reconfiguring, I wanna know what measures are sufficient to completely
purge all the agents of XP Antivirus 2008. I've done a System Restore
which appears to have resolved everything, but I can't afford having
Trojans behind my back while I'm doing scene releases for the public,
so I need to know: is a system restore enough?

Thanks.

Use my free Remove-it software, it will remove that malware from your
system. Download it here http://pcbutts1.com/downloads/tools/tools.htm

--
Ignore posts made by the person called Leythos, he is a stalker who's been
obsessed with me for years ever since I spurned his advances towards me.




"Industrial One" <(E-Mail Removed)> wrote in message
news:d134a24d-3473-4c96-a159-(E-Mail Removed)...
> I've been downloading loot of all types since a couple years ago
> without problems. Now, the new comp I've bought is a clean install
> with all my **** moved to it. 'Cuz I haven't yet completely
> transferred all the files/settings, I have no firewall/AV. Since
> explorer don't recognize my DVDs, I proceeded to jack some warez so I
> could at least burn the bulky **** (high-definition seasons/films)
> that takes up disk space for no real reason. When I tried to install
> Nero, BAM, this dialog box called "Antivirus XP 2008" flips up outta
> nowhere, telling me it found 16 trilion Trojan horses on my comp. When
> I couldn't close the piece of ****, I ran task manager and terminated
> all those processes with incoherent names like "awtohsjdghei.exe."
> What blatant ****ing bullshittery I had to get smacked with -- the
> ONLY time outta 5 years that I had no AV/Firewall installed I had to
> get my brand-new computer raped just then and there. ****!
>
> So because I seriously lost my patience with having to wheel my ****
> from one place to another, re-installing OS and 12 hours
> reconfiguring, I wanna know what measures are sufficient to completely
> purge all the agents of XP Antivirus 2008. I've done a System Restore
> which appears to have resolved everything, but I can't afford having
> Trojans behind my back while I'm doing scene releases for the public,
> so I need to know: is a system restore enough?
>
> Thanks.

On Jul 30, 2:25 pm, "The Real Truth MVP" <to...@tpap.com> wrote:
> Use my free Remove-it software, it will remove that malware from your
> system. Download it herehttp://pcbutts1.com/downloads/tools/tools.htm

I just remembered I had a system snapshot from last week, and ignoring
all legit changes, there was only the folder with the desktop-
hijacking .bmp that System restore skipped, and your application
removed the folder+picture. However, it also did this:

deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
{B8CB87BB-64E5-4DA2-9363-E29B2C77B95A}\IpAutoconfigurationAddress
deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
{B8CB87BB-64E5-4DA2-9363-E29B2C77B95A}\IpAutoconfigurationMask
deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
{B8CB87BB-64E5-4DA2-9363-E29B2C77B95A}\IpAutoconfigurationSeed
deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
\DontAddDefaultGatewayDefault
deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
\EnableIcmpRedirect
deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
\EnableSecurityFilters
deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\SearchList
deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
\UseDomainNameDevolution

Why?

Remove-it has built into it the Winsock repair command that MS recommends to
fix internet connection issues and removes altered LSP's. Resetting the
Winsock using the netsh winsock command removes all the third-party LSPs and
restores Winsock to factory default setting. Malware likes to add stuff to
the TCP/IP stack. This fixes it.

--
Ignore posts made by the person called Leythos, he is a stalker who's been
obsessed with me for years ever since I spurned his advances towards me.




"Industrial One" <(E-Mail Removed)> wrote in message
news:32ec9145-b5ff-4645-bbe0-(E-Mail Removed)...
> On Jul 30, 2:25 pm, "The Real Truth MVP" <to...@tpap.com> wrote:
>> Use my free Remove-it software, it will remove that malware from your
>> system. Download it herehttp://pcbutts1.com/downloads/tools/tools.htm
>
> I just remembered I had a system snapshot from last week, and ignoring
> all legit changes, there was only the folder with the desktop-
> hijacking .bmp that System restore skipped, and your application
> removed the folder+picture. However, it also did this:
>
> deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
> {B8CB87BB-64E5-4DA2-9363-E29B2C77B95A}\IpAutoconfigurationAddress
> deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
> {B8CB87BB-64E5-4DA2-9363-E29B2C77B95A}\IpAutoconfigurationMask
> deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
> {B8CB87BB-64E5-4DA2-9363-E29B2C77B95A}\IpAutoconfigurationSeed
> deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
> \DontAddDefaultGatewayDefault
> deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
> \EnableIcmpRedirect
> deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
> \EnableSecurityFilters
> deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\SearchList
> deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
> \UseDomainNameDevolution
>
> Why?

Everything you just said is a flat out lie.

--
Ignore posts made by the person called Leythos, he is a stalker who's been
obsessed with me for years ever since I spurned his advances towards me.




"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:(E-Mail Removed)...
> From: "Industrial One" <(E-Mail Removed)>
>
> | I just remembered I had a system snapshot from last week, and ignoring
> | all legit changes, there was only the folder with the desktop-
> | hijacking .bmp that System restore skipped, and your application
> | removed the folder+picture. However, it also did this:
>
> | deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
> | {B8CB87BB-64E5-4DA2-9363-E29B2C77B95A}\IpAutoconfigurationAddress
> | deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
> | {B8CB87BB-64E5-4DA2-9363-E29B2C77B95A}\IpAutoconfigurationMask
> | deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\
> | {B8CB87BB-64E5-4DA2-9363-E29B2C77B95A}\IpAutoconfigurationSeed
> | deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
> | \DontAddDefaultGatewayDefault
> | deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
> | \EnableIcmpRedirect
> | deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
> | \EnableSecurityFilters
> | deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\SearchList
> | deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
> | \UseDomainNameDevolution
>
> | Why?
>
> He can't explain. He didn't write it.
>
> Butts plagiarized the code from RogueFix by Stuart Saunders at
> http://www.internetinspiration.co.uk/roguefix.htm
> and he also plagiarized the MVP Hosts file found at
> http://www.mvps.org/winhelp2002/hosts.htm to produce that bastard child
> called "Remove-it"
> which is a delibarate name modification of the legitaimte tool RemoveIT
> found at
> http://www.incodesolutions.com/index2.html
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
>

Hey dickless stalker ****. I did answer his question, apparently it was too
technical for you so I will spell it out real slow like so you can
understand.
That.........................is.................the......................log..................generated......................by................Remove-it................when.........................you.......................have......................it.......................run.........................the............................Winsock..............................command.
a copy of which is placed in the Remove-it folder. Idiot.

--
Ignore posts made by the person called Leythos, he is a stalker who's been
obsessed with me for years ever since I spurned his advances towards me.




"Leythos" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> In article <2x6kk.18875$(E-Mail Removed)>, (E-Mail Removed)
> says...
>> Ignore posts made by the person called Leythos, he is a stalker who's
>> been
>> obsessed with me for years ever since I spurned his advances towards me.
>>
>
> Do you really want to trust someone that was banned from posting
> directly to Microsoft Usenet servers, someone that has posted links to
> pornographic materials on HIS WEBSITE, who's website is in the MVP HOST
> Block list, and who provides a tool for your use that will block access
> to reputable anti-malware sites without telling you he's doing it?
>
> And do you really want to trust someone that has had to change their
> posting identity after being busted by MS as a fake MVP?
>
>
> And you can see that he was unable to explain your question also.
>
> Butts has no direct knowledge of anything technical.
>
> --
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> (E-Mail Removed) (remove 999 for proper email address)

On Jul 30, 3:45 pm, "David H. Lipman" <DLipman~nosp...@Verizon.Net>
wrote:
> He can't explain. He didn't write it.
>
> Butts plagiarized the code from RogueFix by Stuart Saunders athttp://www.internetinspiration.co.uk/roguefix.htm
> and he also plagiarized the MVP Hosts file found athttp://www.mvps.org/winhelp2002/hosts.htmto produce that bastard child called "Remove-it"
> which is a delibarate name modification of the legitaimte tool RemoveIT found athttp://www.incodesolutions.com/index2.html

All 3 links are broken.

On Jul 30, 5:11 pm, "The Real Truth MVP" <to...@tpap.com> wrote:
> Remove-it has built into it the Winsock repair command that MS recommends to
> fix internet connection issues and removes altered LSP's. Resetting the
> Winsock using the netsh winsock command removes all the third-party LSPs and
> restores Winsock to factory default setting. Malware likes to add stuff to
> the TCP/IP stack. This fixes it.

I see.

On Jul 30, 5:33 pm, Leythos <v...@nowhere.lan> wrote:
> In article <2x6kk.18875$Ri....@flpi146.ffdc.sbc.com>, to...@tpap.com
> says...
>
> > Ignore posts made by the person called Leythos, he is a stalker who's been
> > obsessed with me for years ever since I spurned his advances towards me.
>
> Do you really want to trust someone that was banned from posting
> directly to Microsoft Usenet servers, someone that has posted links to
> pornographic materials on HIS WEBSITE, who's website is in the MVP HOST

That's cool, as long as it ain't them down-syndrome methhead hoes with
bouncy implants and thick bushes, as if an elephant stepped in her
snatch.

> Block list, and who provides a tool for your use that will block access
> to reputable anti-malware sites without telling you he's doing it?

After briefly skimming over the code, I didn't notice anything
suspicious. Hell, I don't need antimalware sites to protect myself. I
already got my leet kit of SYGate firewall, System shield which
closely monitors unsolicited ads/scripts and a helluva lot more. I
don't have 'em installed on this comp yet cuz it's new, and I never
thought that I'd have the misfortune of the FIRST cracked application
I ever download with this machine to be infected.

As for "Butts" or whoever stealing code. Is it provable that portions
of the source code from the original application matches the one on
Remove-It? And if Butts is his real name, then that's really ****ing
sad.

All that info about me and nothing can be done about it. You've posted my
name address and phone number yet I'm still here, WOW I must be a god. The
FACT is everything you say and post about me is wrong including my name so
how do you expect anything to happen? Where it counts they know the truth
that's why I continue to do what I do and you can't stop me.

--
Ignore posts made by the person called Leythos, he is a stalker who's been
obsessed with me for years ever since I spurned his advances towards me.




"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:(E-Mail Removed)...
> From: "Industrial One" <(E-Mail Removed)>
>
> | On Jul 30, 3:45 pm, "David H. Lipman" <DLipman~nosp...@Verizon.Net>
> | wrote:
>>> He can't explain. He didn't write it.
>
>>> Butts plagiarized the code from RogueFix by Stuart Saunders
>>> athttp://www.internetinspiration.co.uk/roguefix.htm
>>> and he also plagiarized the MVP Hosts file found
>>> athttp://www.mvps.org/winhelp2002/hosts.htmto produce that bastard child
>>> called
>>> "Remove-it"
>>> which is a delibarate name modification of the legitaimte tool RemoveIT
>>> found
>>> athttp://www.incodesolutions.com/index2.html
>
> | All 3 links are broken.
>
> | On Jul 30, 5:11 pm, "The Real Truth MVP" <to...@tpap.com> wrote:
>>> Remove-it has built into it the Winsock repair command that MS
>>> recommends to
>>> fix internet connection issues and removes altered LSP's. Resetting the
>>> Winsock using the netsh winsock command removes all the third-party LSPs
>>> and
>>> restores Winsock to factory default setting. Malware likes to add stuff
>>> to
>>> the TCP/IP stack. This fixes it.
>
> | I see.
>
> | On Jul 30, 5:33 pm, Leythos <v...@nowhere.lan> wrote:
>>> In article <2x6kk.18875$Ri....@flpi146.ffdc.sbc.com>, to...@tpap.com
>>> says...
>
>>> > Ignore posts made by the person called Leythos, he is a stalker who's
>>> > been
>>> > obsessed with me for years ever since I spurned his advances towards
>>> > me.
>
>>> Do you really want to trust someone that was banned from posting
>>> directly to Microsoft Usenet servers, someone that has posted links to
>>> pornographic materials on HIS WEBSITE, who's website is in the MVP HOST
>
> | That's cool, as long as it ain't them down-syndrome methhead hoes with
> | bouncy implants and thick bushes, as if an elephant stepped in her
> | snatch.
>
>>> Block list, and who provides a tool for your use that will block access
>>> to reputable anti-malware sites without telling you he's doing it?
>
> | After briefly skimming over the code, I didn't notice anything
> | suspicious. Hell, I don't need antimalware sites to protect myself. I
> | already got my leet kit of SYGate firewall, System shield which
> | closely monitors unsolicited ads/scripts and a helluva lot more. I
> | don't have 'em installed on this comp yet cuz it's new, and I never
> | thought that I'd have the misfortune of the FIRST cracked application
> | I ever download with this machine to be infected.
>
> | As for "Butts" or whoever stealing code. Is it provable that portions
> | of the source code from the original application matches the one on
> | Remove-It? And if Butts is his real name, then that's really ****ing
> | sad.
>
> Yes it is Christopher Butts.
>
> And yes, we have proven that he stolen stolen the code. Not just from
> RogueFix but from
> several other peoples work for several utilities whhere Butts replaced the
> authors name
> and directly replaced it with PCBUTTS1. It is a ver, very, sad state of
> affair.
>
> http://www.temerc.com/forums/viewtopic.php?p=10862
>
> http://msmvps.com/blogs/spywaresucks...-the-plot.aspx
>
> "No good deed goes unpunished"
> http://www.viruslist.com/en/weblog?calendar=2006-09
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
>

"The Real Truth MVP" <(E-Mail Removed)> wrote in
news:n2pkk.18930$(E-Mail Removed):

> All that info about me and nothing can be done about it. You've posted
> my name address and phone number yet I'm still here, WOW I must be a
> god.

Not hardly. Your just a mentally disturbed individual with too much time on
his hands. And things have been done about you, with varying degrees of
success.





--
Regards,
Dustin Cook, Author of BugHunter
BugHunter - http://bughunter.it-mate.co.uk
MalwareBytes - http://www.malwarebytes.org