Announcement

Collapse
No announcement yet.

ATI fglrx driver on Windows is a trojan? LOL

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • ATI fglrx driver on Windows is a trojan? LOL

    If you need something entertaining to read... Some lady has been bombarding me with emails this week. From what I've read in the emails, she's either psycho or has some really weird security problems. Anyhow, she somehow ends up with an ATI fglrx Linux driver RPM on her Windows system.... and somehow finds my name/email in there -- looks to be from the work I've done on the Fedora/RHEL packaging scripts previously, so now she thinks I'm somehow related to her problem so blasts me with emails.

    lol. Oh yeah, and supposedly has been working on this problem for five years. At first I thought it was some sort of spam, but this lady seems too out of it and keeps emailing me.... without my response.

    (Some of my favorite parts of the email are in bold)

    I have spent 5 years trying to find out how to fix what an IT Tech did to me. Unfortunately they came to my home and added my home computers to this virtual network as well so even my home computer and ipad are corrupted. !!! Recently your name kept showing up in my computer. I have only seen a few email addresses and yours is one. I plan to have about 10 people email you so that one of us hopefully succeed in reaching you so dont be alarmed when you get a lot of emails regarding the same issue. Narrater comes on occasionally when I type so I know someone hears everything I type and skype, which I did not download is on here and there is a splitter on the webcam so I have little confidence in my computers. Both my husband and I require very strong firewalls to secure what we do so you can see the problem i face, or the person who knowingly involves my computers faces. I know my computer is connected to a test in phoronix. Please help me fix it. I started printing names which include, support_388945a0, Acme, WSS-ADMIN-WPG, Andrew Young, Charles Olson, and all kinds of conversation text. I have printed over 5000 sheets and snapshots in the last 5 years and have stored over 10 computers from the start of some of the builds to the completion of them. Over the last 5 years I have learned more about test computers, workstation, computer builds, Remote users, NVIDIA, Messenger, Net logon, SQL, Debugger users, CodeGear Delphi, cleverbridge, cisco webex meeting center, Root/Blbdrives/0000, VMware Infastructure updates, Com1, $windowsNT$, $chicago$, virtual disk drives, ROOT\SYSTEM\0000, Hal, USB, pogoplug, volume snapshots, LanLSServer, Kernels, Microsoft net framework, vissionapp, cleanup, strings, splitters, GUID, onplay, game explorer, sftfs device installations disks, ata drives, sm bios checks, EFI diagnostics, that I almost feel like i know what Im talking about. If I try to reinstall or buy a new computer a program runs and reprograms the new install on first reboot and have spent thousands of dollars trying to remove what he did. Now I find your site and there it is!!!!!!. I turned a complaint -into microsoft and am in the process of working with the FBI and then I found an email address for you, one of the people who keeps showing up in my computer. Can you please call me, I have little faith that this email will make its way to you or that if it does, I will really hear from you but it cant hurt to try. I have emailed other people that I located whos names I have identified from my computer but havent heard from anyone. The IT Tech that did this, and set me up on a network that he remotely controls, moved one day after admitting he was remoting into my computers without my knowledge. My landlord let him out of his lease and he packed up and moved out. Unfortunately he had rented the room that contained the phone lines prior to moving out. That should tell you a lot all by itself.. Its that involved.

    Little did I know the trouble would continue for years. I now have something called Phoenix Rom Bios Plus Version 1.10 A09, I have drive F, C, D, E and I and Dimm A and Dimm B and microsoft.net and virtual and Disk 0, which I think is the tapedrive powervault 124T from Quantum corporation. Its located in the acme main building, OID 1.3.6.1.4.1.2036.6.1.1.1.1, I believe this is the onboard remote management. Am I right? and I could go on and on.

    I would like to be removed from this software. That is my one main goal. If you think you can help me I would appreciate it. I dont know if the IT TECH is stealing information from me or using all of our office computers and his "test" computers but I want off of the workstation VMware webserver or whatever it is that my office computers are connected to. If you recieve this, which I have little faith in, then please call me. 541-607-5566. My next step is to join every discussion, start scanning and pasting printouts of the conversations between geertm, ivan, ponderosa project, or whatever all names I have found and see if anyone that finds them and can identify what Im talking about can help me. One ex cop, current IT Tech told me to tell someone as little as possible and get good firewall. Little did he know I cant install anything. My disk drives dont work for anything like that. Everything comes from the driverstore or bootstrapper, etc. Any ideas you can give me would be appreciated to get me off this vm virtual platform or whatever its called. If the identifying number helps, its vmware-56 4dbe2baca05571-2fc4059683650ad6. i have about 190 ip addresses to trace if that would help.Even my norton now has custom settings that were installed with bootstrapper. again, i do have proof. anything you need to fix it, i have proof of it and i printed the conversations regarding many many issues.. . Norton is the most disturbing. If you mess with norton settings norton disappears.. Symantec is reviewing that part. Bootstrapper installs norton products. Hope to hear from you, Sandi

    Hi Michael, Sorry for the 2nd email but I wanted to give you a little more info. Most of my paperwork is at symantec and at my office to give comcast so i didnt have a lot to look at to put in the emails but here are a few more things. I am really hoping you will be willing to help me and not think im a nutcase. Here are a few things that I dont think should be found in most computers. some are under the headline rasgcw which i was told was remote access.

    I know the registered user is geertm. the workgroup /s workgroup.

    boot device on every computer is \device\harddisk volume2
    system device is \device\HarddiskVolume4
    Kernel Version is 6.1.7600.16617 on this printout
    Build Lab is 7600.win7_gdr.100618-1621


    Windows updates version number 7.3.7600.16385
    ....tabtip.exe
    windows contacts is wab.exe file version 6.1.7600.16684 (win7_gdr.101011-1503) portable executable
    msascui.exe is windows defender
    Windows Virtual PC is original name vmwindow.exe.mui
    runtime clr-workstation is original name mscorwks.dll flavor=retail
    runtime Just-in-time compiler original name is mscorjit.dll flavor again is =retail
    CLR native compiler is ngen.exe
    Presentation host is presentationhost.exe.mui
    prestentation host proxy is presentationhostproxy.dll built by :Main (4.0.31106.0)
    microsoft html application host is mshta.exe.mui
    microsoft windows based script host is wscript.exe.mui portable executable, file version 5.8.7600.16385
    remote access phonebooi
    shell doc object and control library
    snipping tool
    windows disc image burning tool isoburn.exe.mui
    windows progman group converter grpconv.exe.mui
    windows update standalone installer is wusa.exe.mui
    TOO MANY MORE TO TYPE... AND I MEAN MANY MANY MANY. almost 400 pages..
    ....
    hp-tools(e)hewlett packard quickweb firstboot_install_rpmsS

    Michael Larabel <michael at phronix Dot com> atirc- fglrx-drv-8.290.2 1hp.i386.rpm linux kernel module for the ati proprietary graphics driver

    your info isnt from online, its from my own computer!!!!! i dont know if you helped build this and i shouldnt be emailing you and perhaps you know im part of someones test build or if you think im loony for emailing you or if this surprises you and you will help me please


    i hope something looks unusual to you. My computer is full of tasks. things seem to run on tasks. i cant shut them off either.
    hope to hear from you.





    etc.... WTF?
    Michael Larabel
    https://www.michaellarabel.com/

  • #2
    Uhhm, add this stupid person to your spam list and move on with your life? Take up fishing? Knitting? Playing chess?

    Life is too short to entertain every moron you encounter.

    PS: I agree that the FGLRX driver is some kind of malicious software. Possibly Microsoft pays them to make it so that their Linux customers can't enjoy an entire day without system crashes.
    Last edited by DaemonFC; 06 April 2012, 01:29 AM.

    Comment


    • #3
      Originally posted by DaemonFC View Post
      Uhhm, add this stupid person to your spam list and move on with your life? Take up fishing? Knitting? Playing chess?
      This served as good entertainment when otherwise bored in the less than interesting LF sessions this week.
      Michael Larabel
      https://www.michaellarabel.com/

      Comment


      • #4
        Reading that email made me laugh a lot, (it seems likely to be a spam text). How can such people exist on earth? (Btw, this woman could also be Qaridarium's (future?) wife... (just kidding))

        Cheers

        Comment


        • #5
          michael at phronix Dot com
          Yours is "phoronix", no?

          I think this is targeted spam. Someone has too much free time. I think its Ballmer.

          Comment

          Working...
          X