Site New Answers Search Boards ILM ILE Answers New Question New Questions New Poll Blog View Register Login

Trojans, spyware, adware and all around malware

Message Bookmarked
Bookmark Removed
Maybe we can have a running thread on nasty computer things?

I found something called infamous.exe when I was checking my start up processes and googled it, it's apparently a trojan that adaware doesn't see. I have since disabled it, but of course I'm a bit worried. It seems to be tied in with Windows Media Player and another startup process called mswspl, which I've also disabled. (ZoneAlarm and Norton Corporate Edition running on Win98SE.) How do I get rid of this?

vleeetrmx21 (Leee), Sunday, 13 June 2004 19:54 (twenty-two years ago)

Windows media player is evil.

___ (___), Sunday, 13 June 2004 20:01 (twenty-two years ago)

If Ad Aware, Spybot, and your choice of virus checker don't work, get Hijack This. It involves some work though (you have to post the logs it produces on a web board so the experienced people there can look at them and tell you what to do), so use it last.

Dan I., Sunday, 13 June 2004 20:06 (twenty-two years ago)

Look at the bright side, at least you're trying to do something about it. Nothing gets me more peeved than when I look at someone's desktop, and it's filled with install icons, and the taskbar (taskbar? sidebar? that thing on the right next the to time...) has a million running processes - so many that you can't see the rest of the taskbar's normal running processes.

I know it's kinda an ethical gray-zone, but sometimes behind their backs, I install Adaware, run it, clean the shit up, and then uninstall it. But hey, if they're already not paying that much attention, would they really notice anyway?

Girolamo Savonarola, Sunday, 13 June 2004 20:07 (twenty-two years ago)

stevem to thread!

(sorry.)

toby (tsg20), Sunday, 13 June 2004 20:22 (twenty-two years ago)

Processes running on startup happen in one of two ways:

They're in the startup folder on your start menu (there's an "all users" one and one for each user).

Or they're in:
HKEY_LOCAL_MACHINE/SOFTWARE/MICROSOFT/WINDOWS/CurrentVersion/Run/
HKEY_CURRENT_USER/... same as above

in the Windows registry. You can look at this by running regedit.exe from the Start->run prompt.

Ps: the thing on the right next to the clock is called the "system tray".

This won't help if it's being kicked off by another process (i.e. media player).

On typing this I noticed an odd one in my registry. It turns out it's just a system tray app for properties on my wireless network; however, the spyware firm I found this out on recommends that I install a spyware checker and check over my disk. I have to say, this sounds like a bit of overkill to me; it's a perfectly legitamate application. That said, it does seem to involve giving them money... Hmm, I wonder if that could have anything to do with their advice.

Keith Watson (kmw), Sunday, 13 June 2004 20:27 (twenty-two years ago)

Ps: the thing on the right next to the clock is called the "system tray".

Thanks for the clarification. Haven't used Windows regularly for a long time.

Girolamo Savonarola, Sunday, 13 June 2004 21:08 (twenty-two years ago)

two months pass...
Doing some scouring online: newer versions of AIM includes hard/impossible to uninstall ad and spyware (WîldTángënt and Víéwp0!nt Media Player -- check your C:\Program Files\ directories to see if you've got them). A link to an older, ostensibly clean version of AIM: ftp://ftp.aol.com/aim/win95/aim95.exe

Leeeter van den Hoogenband (Leee), Monday, 23 August 2004 17:22 (twenty-one years ago)

Alternatively, just use gaim instead.

caitlin (caitlin), Monday, 23 August 2004 17:30 (twenty-one years ago)

Oh man, if someone can please tell me how Viewpoint gets installed on people's machines instead of Win Media Player, please let me know...I've had it installed on my machines a couple of times and don't EVER recall saying yes to "upgrading" from Windows Media to Viewpoint. And I remember a guy from Viewpoint bragging at a computer event that it was a widely-installed application, but not mentioning that in many cases it's not installed with obvious consent.

Sean Carruthers (SeanC), Monday, 23 August 2004 17:31 (twenty-one years ago)

Cursory googling indicates that VMP is more often associated with AIM, "among other Internet-related programs."

Leeeter van den Hoogenband (Leee), Monday, 23 August 2004 17:52 (twenty-one years ago)

http://www.oldversion.com/ is a good site for to return to the halcyon days of good freeware.

Leeeter van den Hoogenband (Leee), Monday, 23 August 2004 18:13 (twenty-one years ago)

So what does viewpoint do? i have it, but it doesn't seem to manifest itself.

Markelby (Mark C), Monday, 23 August 2004 20:26 (twenty-one years ago)

It's probably considered malware on a technicality, that it gets installed without a user's consent/knowledge. It tracks allegedly "general user info" but the company mantains that it's anonymous. It might also update itself automatically.

Leeeter van den Hoogenband (Leee), Monday, 23 August 2004 20:37 (twenty-one years ago)

Viewpoint masquerades as your media player...it looks pretty much identical to the Microsoft version of the player, so most people don't even know that anything has changed unless they do an "about" from the help menu and notice it's not Windows player but Viewpoint player. Tricky.

Sean Carruthers (SeanC), Monday, 23 August 2004 21:21 (twenty-one years ago)

four years pass...

ffs "ntdll64.exe" needs to fucking die

sorry for british (country matters), Thursday, 7 May 2009 23:44 (seventeen years ago)

superantispyware = <3

lolsdale street (electricsound), Thursday, 7 May 2009 23:46 (seventeen years ago)

my god this one is a bastard

sorry for british (country matters), Friday, 8 May 2009 01:03 (seventeen years ago)

why is it that i can run a full adaware scan and a full spybot scan and get rid of everything, and then i log onto the internet, do some stuff (but i don't download any files) and then run another sbybot/scan and everything comes back up again? can you really get spyware simply by loading a webpage?

Mr. Snrub, Friday, 8 May 2009 02:07 (seventeen years ago)

yes

lolsdale street (electricsound), Friday, 8 May 2009 02:09 (seventeen years ago)

man, that sucks. so after every fucking time i use the internet i have to spend an hour scanning for shit? fuck that. let them infect my pc.

Mr. Snrub, Friday, 8 May 2009 02:11 (seventeen years ago)

seven months pass...

So this Superantispyware program, can it replace the Ad-aware + Spybot tag team? Really want a single program as opposed to two programs always running in the background.

Leee, Sunday, 3 January 2010 22:32 (sixteen years ago)

MSE and Malwarebytes

Jarlrmai, Sunday, 3 January 2010 22:33 (sixteen years ago)

+ dont surf porn

Jarlrmai, Sunday, 3 January 2010 22:33 (sixteen years ago)

The hell you say.

Leee, Sunday, 3 January 2010 22:35 (sixteen years ago)

three weeks pass...

my shit is fucked up -- every google search result intially reroutes me to like yahoo hotjobs & other random shit -- ive never had virus/malware issues before & spybot isnt detecting anything halp

not a playa but i ilx a lot (deej), Tuesday, 26 January 2010 01:52 (sixteen years ago)

This?

http://forums.cnet.com/5208-6132_102-0.html?threadID=374421

svend, Tuesday, 26 January 2010 03:17 (sixteen years ago)

I still would like to know how you can get malware by loading a webpage.

Mr. Snrub, Tuesday, 26 January 2010 03:28 (sixteen years ago)

malwarebytes to start
ad aware
make a hijack this log and search out weird processes
google them and you'll find a forum with a hundred ppl and the same problem, but somebody will have figured out what

french fried (jeepski), Tuesday, 26 January 2010 03:41 (sixteen years ago)

Snrub its easy to get infected off a webpage if that page is serving up malicious code. You wont see it - in fact sometimes even the site owners dont know they're infected (someone else has hacked their site basically)

If you're using IE you're shit out of luck. Get something like Firefox and run NoScript.

millivanillimillenary (Trayce), Tuesday, 26 January 2010 03:58 (sixteen years ago)

(that wont fix an existing jack/trojan but it'll sure prevent future crap)

millivanillimillenary (Trayce), Tuesday, 26 January 2010 03:59 (sixteen years ago)

http://www.technologyreview.com/computing/23566/?a=f

Drive-by downloading involves hacking into a legitimate site to covertly install malicious software on visitors' machines or redirect them to another site.

In an unpublished paper, researchers at the University of California at Santa Barbara describe a four-month study in which they connected their servers to a collection of compromised computers known as the Mebroot botnet. Among their findings, the researchers discovered that, while the seedier sites on the Internet--those hosting porn and illegal downloads--were most effective at redirecting users to a malicious download site, business sites were more common among the compromised referrers.

"Once upon a time, you thought that if you did not browse porn, you would be safe," says Giovanni Vigna, a UCSB professor of computer science and one of the paper's authors. "But staying away from the seedy places on the Internet is no longer an assurance of staying safe."

millivanillimillenary (Trayce), Tuesday, 26 January 2010 04:00 (sixteen years ago)

http://www.dickdestiny.com/blog/2009/09/new-york-times-sunday-virus-adventure.html

Gorge, Tuesday, 26 January 2010 05:01 (sixteen years ago)

argh some megaupload link on ILM has installed something on my machine that opens up a "User/Documents" window every 5 minutes WTF

mark kerfuffalo (Shakey Mo Collier), Saturday, 6 February 2010 05:34 (sixteen years ago)

one month passes...

Are subscription-based services (like McAfee Virus Scan) worth it?

ice cr?m abdul-jabbar (Leee), Thursday, 11 March 2010 06:05 (sixteen years ago)

Especially if I have already have a license for an older (i.e. from 2004/2005) AV?

ice cr?m abdul-jabbar (Leee), Thursday, 11 March 2010 06:06 (sixteen years ago)

Kaspersky seems pretty good.

Slacker Bilk (S-), Thursday, 11 March 2010 06:48 (sixteen years ago)

two years pass...

Secrets, Schemes, and Lots of Guns: Inside John McAfee’s Heart of Darkness

Elvis Telecom, Friday, 9 November 2012 01:49 (thirteen years ago)

eleven years pass...

Oh cool, I re-upped for two years last month lol

The U.S. government announced on Thursday that it is banning the sale of Kaspersky antivirus in the country, and is asking Americans who use the software to switch to a different provider.

The Commerce Department’s Bureau of Industry and Security said it imposed the “first of its kind” ban, arguing that Kaspersky threatens U.S. national security and users’ privacy because the company is based in Russia.

https://techcrunch.com/2024/06/20/us-bans-kaspersky-software-security-risk-russia

reggae mike love (polyphonic), Thursday, 20 June 2024 20:30 (one year ago)


You must be logged in to post. Please either login here, or if you are not registered, you may register here.
Site New Answers Search Boards ILM ILE Answers New Question New Questions New Poll Blog View Register Login