Weird copy/paste situation - virus?

151 views
Skip to first unread message

~BD~

unread,
Aug 18, 2008, 4:45:49 AM8/18/08
to
Hello,

A friend has contacted me and said "Whenever I try to copy paste something
my clipboard always contains this:
hxxp://xp-vista-update.net/?id=71030000330. When I copy paste very fast
(less than a second) then I sometimes end up copy pasting what I want, so
it's probably some malware.."

Has anyone any information which might help?

TIA

Dave

--


Casual Observer

unread,
Aug 18, 2008, 8:10:32 AM8/18/08
to
Seems to be pretty new. An article is printed about it at http://www.theregister.co.uk/2008/08/15/webbased_clipboard_hijacking/. They are not a malware removal site but seem to think that rebooting the PC will clear it up.

"~BD~" <~BD~@nospam.invalid> wrote in message news:e$kTk7QAJ...@TK2MSFTNGP02.phx.gbl...

PA Bear [MS MVP]

unread,
Aug 18, 2008, 9:35:10 AM8/18/08
to
Malvertizements utilizing computer clipboards (copy and paste).
http://msmvps.com/blogs/spywaresucks/archive/2008/08/09/1644062.aspx

The Clipboard hijacks continue....
http://msmvps.com/blogs/spywaresucks/archive/2008/08/18/1644914.aspx
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

~BD~

unread,
Aug 18, 2008, 3:11:11 PM8/18/08
to

"Casual Observer" <what...@xyzabc.com> wrote in message
news:uW3CqtSA...@TK2MSFTNGP05.phx.gbl...

TIA

Dave

--

Hi.

Interesting article. Thank you for posting the link! :)

I'll watch out for developments.

Dave
--


~BD~

unread,
Aug 18, 2008, 3:39:53 PM8/18/08
to
Hello Robear - thank you for your reply - see below.

"PA Bear [MS MVP]" <PABe...@gmail.com> wrote in message
news:%23u0L2hT...@TK2MSFTNGP05.phx.gbl...

Hi :)

I reviewed the information at each of the links you kindly provided. This is
the first time that I've met the expression 'Malvertizements'!

I was led here:-

"Even computer security pros vulnerable to scams" on Yahoo News.

http://news.yahoo.com/s/ap/20080807/ap_on_hi_te/tec_friends_list_tomfoolery;_ylt=Attn6Nf8feN40Bt9uRqWSNYjtBAF
"A relatively simple ruse persuaded dozens of prominent security analysts to
connect on their social networking Web pages with people who weren't friends
at all. They were fake profiles, purportedly of other well-known security
pros. The scam was designed to expose the trust that even some of the most
skeptical Internet users display on some of the most insecure sites on the
Web."

Things really have changed over the last few years! I really did trust folk
............. once-upon-a-time!

Dave

--


~BD~

unread,
Aug 19, 2008, 4:10:00 AM8/19/08
to
Update:

> I'll watch out for developments.
>
> Dave
> --
>
>
>

'Malvertizement' epidemic visits house of Newsweek.com

See: http://www.theregister.co.uk/2008/08/18/malvertizing_epidemic/

Quote:

"Newsweek.com is one of several high-profile websites suspected of running
rogue banner advertisements that try to trick visitors into installing
fraudulent anti-malware programs, security researchers warn.
The malicious ads have been appearing on Newsweek's website via feeds that
carry the Washingtonpost.com address, according to this post on the Bluetack
Internet Security Solutions site. The ads redirect users to a site that
falsely claims users' PCs are infected with malware and urges them to buy
and install software that will remedy the problem. The banner graphic posed
as an ad for www.easy-forex.com, which bills itself as an online foreign
currency exchange".

Dave

--


kalyan

unread,
Sep 5, 2008, 4:45:40 AM9/5/08
to
Hi

This attack call HTTP Fake Scan Webpage

Download the scanner & remove the Malware

http://www.4shared.com/file/15436123/9ccf9359/roguefix_216.html


"~BD~" <~BD~@nospam.invalid> wrote in message
news:e$kTk7QAJ...@TK2MSFTNGP02.phx.gbl...

~BD~

unread,
Sep 5, 2008, 7:18:07 AM9/5/08
to
Hello Kalyan

Crikey!! Do you realise that I almost mistook you for 'Kayman', a well-respected helper on these
newsgroups!

However, I copied and pasted your link into my AOL browser ........ and Google Chrome too!

I noted that there have been 4 - yes, just four - downloads of this programme. Hmmmm!

So now I'm left wondering ........ should I recommend it to my friend?

Anyone else here ever tried it (or willing to experiment? <wink>)

Dave

--
"kalyan" <reach2...@live.com> wrote in message news:eduhKPzD...@TK2MSFTNGP04.phx.gbl...

David H. Lipman

unread,
Sep 5, 2008, 4:00:06 PM9/5/08
to
From: "~BD~" <Boate...@nospam.invalid>

| Hello Kalyan

| Crikey!! Do you realise that I almost mistook you for 'Kayman', a well-respected helper
| on these
| newsgroups!

| However, I copied and pasted your link into my AOL browser ........ and Google Chrome
| too!

| I noted that there have been 4 - yes, just four - downloads of this programme. Hmmmm!

| So now I'm left wondering ........ should I recommend it to my friend?

| Anyone else here ever tried it (or willing to experiment? <wink>)

| Dave

That's because it is an illegitamate copy of Stuart Saunder's RogueFix which is currently
at v2.195 (8/3/08)

http://www.internetinspiration.co.uk/roguefix.htm

It is what PCBUTTS1 plagiarized to become Remove-IT.

Always get the file from the source or a source vetted as a mirror site. NEVER form other
locations.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


Gray B.

unread,
Sep 11, 2008, 8:57:07 PM9/11/08
to
http://clipboardextender.com/

has helpful info.

On Sep 5, 3:00 pm, "David H. Lipman" <DLipman~nosp...@Verizon.Net>
wrote:
> From: "~BD~" <BoaterD...@nospam.invalid>

~BD~

unread,
Sep 12, 2008, 3:38:55 AM9/12/08
to

"Gray B." <gbi...@gmail.com> wrote in message
news:3e8d0ab4-5157-4b2f...@d1g2000hsg.googlegroups.com...
http://clipboardextender.com/

has helpful info.

<snip>

Hi Gary - many thanks for that lead. Lots of items of interest! :)

Dave


~BD~

unread,
Sep 12, 2008, 4:27:24 AM9/12/08
to

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:O1e7$H5DJH...@TK2MSFTNGP06.phx.gbl...
I somehow missed this post of yours Dave - my apologies for not responding earlier.

In no way do I doubt what you say but, for any 'newbies' reading this, how can one be certain that
internetinspiration.co.uk is a/the bonio-fido source?

You mention a Stuart Saunder - but I've so far failed to spot that name on the site; perhaps I've
simply missed it!

You say that the OP posted an illegitimate link here and that Pcbutts1 has stolen RogueFix and
re-invented it. That is (probably <wink>) true, but it's only your say-so, isn't it? What is needed
is some global body with responsibility to check all web sites where 'help and advice' is being
offered to the public at large. Expensive? Of course. Maybe a project for
http://www.gatesfoundation.org/default.htm

Dave


David H. Lipman

unread,
Sep 12, 2008, 6:58:53 AM9/12/08
to
From: "~BD~" <Boate...@nospam.invalid>

| I somehow missed this post of yours Dave - my apologies for not responding earlier.

| In no way do I doubt what you say but, for any 'newbies' reading this, how can one be
| certain that
| internetinspiration.co.uk is a/the bonio-fido source?

| You mention a Stuart Saunder - but I've so far failed to spot that name on the site;
| perhaps I've
| simply missed it!

| You say that the OP posted an illegitimate link here and that Pcbutts1 has stolen
| RogueFix and
| re-invented it. That is (probably <wink>) true, but it's only your say-so, isn't it?
| What is needed
| is some global body with responsibility to check all web sites where 'help and advice'
| is being
| offered to the public at large. Expensive? Of course. Maybe a project for
| http://www.gatesfoundation.org/default.htm

| Dave

Look BoaterDave you are just plain clueless and you don't take the time for investigating
things for your self.

If you did your homework you could easily find out who the Registrant of
www.internetinspiration.co.uk is
and if you continued that work you would easily determine the email of the Registrant.

This takes some knowledge that lack and so you question things. Well here's a hint on the
idea how to do some investigation. I'll start with YOU..

NNTP-Posting-Host: 92.22.178.225

% Information related to '92.16.0.0 - 92.23.255.255'

inetnum: 92.16.0.0 - 92.23.255.255
netname: CPWBBSERV-NET
descr: Carphone Warehouse Broadband Services
country: GB
admin-c: GJB18-RIPE
admin-c: PM58-RIPE
tech-c: GJB18-RIPE
tech-c: PM58-RIPE
status: ASSIGNED PA
mnt-by: OPAL-MNT
source: RIPE # Filtered

person: Gareth J Bowen
address: Opal Telecommunications Plc
address: Northbank Industrial Estate
address: Irlam
address: Manchester
address: United Kingdom
address: UK
phone: +44 161 2222000
fax-no: +44 161 2222003
e-mail: gbo...@opaltelecom.co.uk
nic-hdl: GJB18-RIPE
mnt-by: OPAL-MNT
source: RIPE # Filtered

person: Phill Magill
address: Opal Telecommunications Plc
address: Northbank Industrial Estate
address: Irlam
address: Manchester
address: M44 5BL
address: United Kingdom
phone: +44 161 222-2000
fax-no: +44 161 222-2008
e-mail: pma...@opaltelecom.co.uk
nic-hdl: PM58-RIPE
mnt-by: OPAL-MNT
source: RIPE # Filtered

% Information related to '92.0.0.0/11AS13285'

route: 92.0.0.0/11
descr: Carphone Warehouse Broadband Services Autonomous System
origin: AS13285
mnt-by: OPAL-MNT
source: RIPE # Filtered

% Information related to '92.20.0.0/14AS43234'

route: 92.20.0.0/14
descr: CPW-BS-Subscribers-LOH-2
origin: AS43234
mnt-by: OPAL-MNT
source: RIPE # Filtered

Using the same investigational concept one can determine WHOIS information on
www.internetinspiration.co.uk

As for the theft of RogueFix. Well in the anti malware community this was HIGHLY
documented. I am just one of group of individuals who have investigated this plagiarism
from the start. The fact is I first posted a URL of RogueFix in a.c.v Butts read my post
and found the RougeFix BAT and at that point all of a sudden was posting SuperFix on his
web site around 9/'06 and it was RogueFix's code. By Jan '07 it was renamed and branded
as SpyErase and was using an Inno Setup package. By March '07 it was again re-branded as
Remove-It. While this was going on Butts was password protecting the installer. You
couldn't install it w/o a password. The anti malware community, from the POV of different
countries, played with Butts and obtained several passwords. For example ...
A british investagator got Butts to give him a password arounf 11/19/06 which was ...
IdFqmTh~:_/AjyD!>-O^%Om.?m]Cg+0kItz4jZ?"YHc`s;ujS4>lu<_

Another investigator from Belgium arount 11/27/06
I't$>:xn&5(5CW}6sju^8~W3Fw[@)%wM>BT=\n-I_u= 2^!R/"g}b7|

By Ja 7, 07 the password for SpyErase was
}z+q9%}@ne1h)SE=\Q+]em.a4>L0<t&Tv[^SSFpmkoiq0R~3<s+*ar5

I could go on and on...

The anti malware community has highly documented the plagiarism of RogueFix to what is now
Remove-It.

In fact in January '07 the anti malware community joined with Stuart Saunders and the
community create a false code marker and inserted it in RogueFix.

By Jan 13, '07 Butts posted...

"Anybody want to test a modification to Spyerase that I just put together.
There is a strange issue I am trying to fix that I think may be machine
specific so I need someone to test it for me. The glitch will not harm your
system. Email me, Trolls need not apply."

By Jan 15' 07
Butts posted...

"New Spyerase version 10, it's fast and free. It now has over 1700 signatures
to remove All variants of Virusburst, Spy sheriff and others. New Feature, Spyerase
will now update your hosts file. This tool is designed to Specifically remove all
variants.
Scan time is about 2 minutes. Designed for Windows 2000/XP only. Password is still
required.
First read this page http://www.pcbutts1.com/downloads then download
Spyerase from here http://www.pcbutts1.com/downloads/spyerasesetup.zip"


The password was...
H/G/^u5`f` YNb.4&MJZXS1w5 -kkpsxk47b\CdkB<-u]~U>to'naA4

And the false code marker was found in SpyErase.

So to answer...


"but it's only your say-so, isn't it?"

No, there is a whole community who has documented this !

~BD~

unread,
Sep 12, 2008, 7:42:28 AM9/12/08
to

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:OdDiMaMF...@TK2MSFTNGP05.phx.gbl...
> From: "~BD~" <Boate...@nospam.invalid>
>
<snip>

I *really* appreciate your comprehensive reply, Dave. Thank you.

What surprised me about all the information you posted was that there was absolutely no mention of
AOL, supposedly my ISP. No doubt the explanation is really simple. I any reader can help explain,
I'd be most grateful.

I wonder, too, if you could explain this term to me: ' IP PTR:IP does not resolve to a hostname '

I am trying to learn. I'm not totally clueless! <smile>

Please take a look here: http://www.malwarebytes.org/forums/index.php?showtopic=5656&st=0

Thanks in anticipation of further help.

Dave

Heather

unread,
Sep 12, 2008, 2:26:50 PM9/12/08
to

"~BD~" <Boate...@nospam.invalid> wrote in message
news:%23FErgyM...@TK2MSFTNGP03.phx.gbl...

>
> "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
> news:OdDiMaMF...@TK2MSFTNGP05.phx.gbl...
>> From: "~BD~" <Boate...@nospam.invalid>
>>
> <snip>
>
> I am trying to learn. I'm not totally clueless! <smile>
>
> Thanks in anticipation of further help.
>
AARRGGHH..........David is right......you ARE clueless!! Does *BD*
stand for *brain dead*??

I for one do not have the patience for your stupid enquiries, which have
not improved one iota in the past year!! Who gives a damn about your 2
different IP numbers. They are easily explained and understood by the
rest of the ng.

You are so frickin' annoying with your moronic queries!!

HF


~BD~

unread,
Sep 12, 2008, 3:31:57 PM9/12/08
to

"Heather" <fig...@nospam.invalid> wrote in message news:uP0DBUQF...@TK2MSFTNGP05.phx.gbl...

Before I respond ............ a question.

Are you Dustin's friend, Heather?

--


David H. Lipman

unread,
Sep 12, 2008, 3:40:27 PM9/12/08
to
From: "~BD~" <Boate...@nospam.invalid>

| --


I am sure that Figgs knows Dustin but I don't think she is a "friend" of his.

PA Bear [MS MVP]

unread,
Sep 12, 2008, 3:45:25 PM9/12/08
to
That must be BD's fifth or sixth ISP in as many years. Wonder why he keeps
switching...or having to switch? <w>

David H. Lipman wrote:
<snip>

<snip>

Tom [Pepper] Willett

unread,
Sep 12, 2008, 4:21:38 PM9/12/08
to
because he's a frickin' nut!!!

"PA Bear [MS MVP]" <PABe...@gmail.com> wrote in message

news:OG6YUCRF...@TK2MSFTNGP04.phx.gbl...
: That must be BD's fifth or sixth ISP in as many years. Wonder why he

:


David H. Lipman

unread,
Sep 12, 2008, 4:44:47 PM9/12/08
to
From: "~BD~" <Boate...@nospam.invalid>

| <snip>

| Dave

To continue what I wrote...

I assisted Stuart Saunders with dealing with the plagiarism of Stuart's RogueFix and he
filed a complaint based upon the Digital Millenium Copyright Act (DMCA) with the host
provider of PCBUTTS1.Com. After several attempts the host provider considered the
violation valid and Butts was forced to take SpyErase off his web site. Since he is a
consistent liar, he came up with a stupid and lame excuse for no longer hosting it. He
posted he sold the SpyErase technology to an unidentified entity. Since it was nothing
more than a batch file, there is nothing that could have been sold and we in the anti
malware community knew the truth that he was forced to remove SpyErase or have his
PCBUTTS1.Com site shutdown. This is all documented with the orginal DMCA Takedown
Notification sent to the hosting comapny and their subsequent reply.

At this point, Butts knowing I assisted Stuart commited fraud. I had a relationship with
Ian Kenefick and his web site IK-CS.Com. I provided content for his site in the realm of
malware and allowed Ian to host my Multi AV Scanning Tool and other tools, of orginal
creation, on his web site. Butts used a Sock Puppet, Gregory Taylor, and sent a
fraudulent DMCA notification to Ian's hosting company that provided IK-CS.Com, IpoweredWeb

The contents of teh fraudulent DMCA Takedown Notification...

--------------
1. The Multi-AV, WinfixerFix, and Smithfraud tool hosted on the site listed
below is infringing upon my copyrighted material. All three programs have
been written by me and hosted without my permission.
http://www.ik-cs.com/v2/got-a-virus.htm
http://www.ik-cs.com/programs/virtools/Multi_AV.exe
http://www.ik-cs.com/programs/virtools/WinFixerFix.exe
http://www.ik-cs.com/programs/virtools/SmitFraud.exe

2.All three programs listed above use a utility called WGET.exe which
belongs to me. I am the author of that program and the website has No
permission to use it. References to my wget program can be found here.
http://www.ik-cs.com/v2/multi-av.htm
http://www.ik-cs.com/v2/winfixerfix.htm
http://www.ik-cs.com/v2/smitfraud.htm

3. The hard copy of my copyright and trademark is stored at my location in
California.

4.I can be reached at the following email address trg...@gmail.com

5. I have a good faith belief that use of the copyrighted materials
described above on the infringing web pages is not authorized by my
registered copyright and by the law. I swear, under penalty of perjury, that
the information in the notification is accurate and that I am the copyright
owner of an exclusive right that is infringed.

Gregory Taylor
President and CEO
GT tools inc
--------------

Now, there are two important facts. The first is the Multi AV Scanning Tool is an
original tool created by me and was based upon previous works where the front-end of 4
anti virus scanners started as individual scanners for McAfee and Trend Micro.
Subsequently I combined the two with kaspersky and Sophos to make the Multi AV Scanning
Tool. They were NOT created in a vacuum. I collaborated with several individuals who
worked with me from the start. They include Art Kopp (A.C.V and A.C.A-V), BigBruva
(M.P.S.V) and NTDOC of the KiXtart Forums to name a few. Therefore I have irrefutable
proof of the sole creation of the Multi AV Scanning tool and the predeccsor utilities that
led me to create it.

Secondly is the following which was used... "...use a utility called WGET.exe which
belongs to me."
The WGET utility is provided as free software
http://gnuwin32.sourceforge.net/packages/wget.htm
It is licensed as free sofware through the GNU GENERAL PUBLIC LICENSE and the Free
Software Foundation, Inc.
It states...
"GNU Wget is free software; you can redistribute it and/or modify it under the terms of
the GNU General Public License as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version..."

Since I first started writing my anti malware utiliies using the KiXtart scripting
language, I have included the GNU WGET utility.

By using a Sock Puppet, Butts committed "fraud" under the US Penal code.

By using the text in the DMCA Takedown Notification (under statute)... "All three programs
listed above use a utility called WGET.exe which
belongs to me. I am the author of that program and the website has No permission to use
it", Butts committed Perjury under the US Penal Code.

Even if you make a claim against the KiXtart programming, stating WGET needs permission to
redistribute should have invalidated the fraudulent claim. However, Ian Kenefick is not a
US citizen. He is a citezen of Ireland and they failed to comply with a valid, and legal
(by statute), "Counter Notification and the web site IK-CS.Com was permantly shutdown.

There is/was no "Gregory Taylor" and there is/was no "GT tools inc". No address was
provided and trg...@gmail.com is a free GMail acoount with no vetting as to its source.
This too should have invalidated the claim but, the lawyer for the hosting company,
IPoweredWeb, ignored these facts.

To get back to SpyErase...

Butts did remove SpyErase from his website. However, Butts the re-packaged SpyErase as
Remove-It and was still password protected.

The antti malware community continued to obtain the passwords for each iteration and it
was immediately evident that SuperFix, SpyErase and Remove-It were all the same. All
plagiarized code from Stuart Sauder's RogueFix.

Later, butts modified Remove-It by extracting Registry modifications from the batch file
and creating .REG files and he then made it available without a password. This is how it
is hosted Today.

On the same page as Remove-It, http://pcbutts1.com/downloads/tools/tools.htm , is "What's
Live Running Now". This is a VBS script. It is in fact a plagiarized version of "Silent
Runners" by; Andrew Aronoff -- http://www.silentrunners.org/

I could go on and on with other examples of Butts plagiarism such as Robert A. Cooper's
NailFix, a script created by MS MVP Kelly Theriot and MS MVP Noahdfear.

Heather

unread,
Sep 12, 2008, 5:08:03 PM9/12/08
to
Can we add *frickin' ANNOYING nut*?? I have no patience with lamebrains
who ask stupid questions and then keep bugging you guys (aka MVP's) to
drop what you are doing and answer him.

Hi Pooh Bear......how's the boa??

"Tom [Pepper] Willett" <t...@youreadaisyifyoudo.com> wrote in message
news:%23bFxxUR...@TK2MSFTNGP03.phx.gbl...

Heather

unread,
Sep 12, 2008, 5:09:46 PM9/12/08
to

"~BD~" <Boate...@nospam.invalid> wrote in message
news:%23tId44Q...@TK2MSFTNGP06.phx.gbl...
And what does that have to do with your response??


~BD~

unread,
Sep 12, 2008, 5:19:19 PM9/12/08
to

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:Ol9hmhR...@TK2MSFTNGP02.phx.gbl...
> From: "~BD~" <Boate...@nospam.invalid>
<snip

I *really, really* appreciate your second comprehensive reply, Dave. Thank you. <smile>

> | What surprised me about all the information you posted was that there was absolutely no
> | mention of
> | AOL, supposedly my ISP. No doubt the explanation is really simple. I any reader can
> | help explain,
> | I'd be most grateful.

I've now discovered that Carphone Warehouse has purchased AOL UK !!!!!
I knew there would be a simple explanation. ;)

> | I wonder, too, if you could explain this term to me: ' IP PTR:IP does not resolve to a
> | hostname '

<snip>

No advice forthcoming! I know it's a reverse DNS
.......... - but is it significant if there is no host name?
------------------------------------------------------------------

I can't help thinking that you should have all of this information posted on a web site - yes, your
very own David H Lipman site. You could then simply direct enquiring folk to it and also host your
various tools there too. It doesn't cost very much nowadays. I note that you are still at work so
I'm sure you could afford it! ;)


Dave

~BD~

unread,
Sep 12, 2008, 5:23:31 PM9/12/08
to

"Heather" <fig...@nospam.invalid> wrote in message news:uyR6CvRF...@TK2MSFTNGP05.phx.gbl...

I have a feeling that Dustin once mentioned a friend called Heather (in a newsgroup thread) and was
quite forceful in suggesting that I didn't post anything to upset her. As he is my cyber-friend, I
wouldn't want to go against his wishes.

HTH

Dave


~BD~

unread,
Sep 12, 2008, 6:22:21 PM9/12/08
to

"PA Bear [MS MVP]" <PABe...@gmail.com> wrote in message
news:OG6YUCRF...@TK2MSFTNGP04.phx.gbl...
> That must be BD's fifth or sixth ISP in as many years. Wonder why he keeps switching...or having
> to switch? <w>

You are not often wrong Robear, but you are this time!

Ten years ago I subscribed to Freeserve. Freeserve were bought by Wanadoo.Wanadoo was bought by
Orange. I remained with them throughout the changes.

After the theft of my identity in 2005, I elected to take advantage of a Broadband package being
offered by AOL which included a Netgear router to enable wireless connection. I joined in early 2006
and I have been with AOL ever since (albeit that shortly after I became a subscriber, AOL UK was
hived off by parent group Time Warner )

Although still trading as AOL UK, the company has been bought by Carphone Warehouse and is the third
largest ISP in the UK.

So, that's really just *TWO* ISP's in ten years.

Earlier this year I took advantage of the newly available 3G Mobile Broadband technology so that I
can use my laptop for Internet connection when I am cruising the British Waterays on my narrowboat.
This *additional* ISP is called 'Three'.

HTH - it's the truth! See
http://www.malwarebytes.org/forums/index.php?showtopic=5656&st=20&gopid=27599&#entry27599

Dave

PS Could you provide me with a copy of the long thread I started at Aumha regarding Annexcafe?
Maybe it's gone forever!


Heather

unread,
Sep 12, 2008, 11:26:30 PM9/12/08
to

"~BD~" <Boate...@nospam.invalid> wrote in message
news:eeeGL3RF...@TK2MSFTNGP03.phx.gbl...

>
> "Heather" <fig...@nospam.invalid> wrote in message
> news:uyR6CvRF...@TK2MSFTNGP05.phx.gbl...
>>
>> "~BD~" <Boate...@nospam.invalid> wrote in message
>> news:%23tId44Q...@TK2MSFTNGP06.phx.gbl...

>>> Before I respond ............ a question.


>>>
>>> Are you Dustin's friend, Heather?
>>>
>> And what does that have to do with your response??
>>
>>
>
> I have a feeling that Dustin once mentioned a friend called Heather
> (in a newsgroup thread) and was quite forceful in suggesting that I
> didn't post anything to upset her. As he is my cyber-friend, I
> wouldn't want to go against his wishes.
>

Yes, I do believe I recall that. And yes, we have been friends for a
long time. From back when he *switched hats*, lol.

Heather


~BD~

unread,
Sep 13, 2008, 3:35:22 AM9/13/08
to

"Heather" <fig...@nospam.invalid> wrote in message news:eLo0jBVF...@TK2MSFTNGP03.phx.gbl...

Thank you for confirming that, Heather.

Have a great weekend! <smile>

Dave


kalyan

unread,
Sep 17, 2008, 1:32:01 AM9/17/08
to
Hi

This attack call HTTP Fake Scan Webpage

Download the scanner follow the instruction& remove the Malware

http://siri.geekstogo.com/SmitfraudFix.php

--
Warm Regards
Kalyan

Reply all
Reply to author
Forward
0 new messages