flat assembler
Message board for the users of flat assembler.

Index > Heap > Help! A spyware got my computer

Author
Thread Post new topic Reply to topic
vador



Joined: 12 Nov 2006
Posts: 68
Location: Madagascar
vador
Does anyone know how to remove this spyware

I tryed agnitum firewall's spyware removal feature and ad-aware 2007 and also HijackThis but I wasn't able to clean my system from it:


Description:
Filesize: 20.93 KB
Viewed: 3287 Time(s)

spyware1.jpg



_________________
do not click here
Post 28 Jul 2007, 18:01
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
No, it is not a spyware, you have the messenger service active and its port accessible over the internet waiting for spam.

Follow this
Post 28 Jul 2007, 19:09
View user's profile Send private message Reply with quote
Furby



Joined: 01 May 2007
Posts: 74
Location: Kraków, Poland
Furby
go to control panel -> administration tools -> services -> messenger ? or poster (I have a POLISH version) and switch it off (turn off and switch to remote mode)
Post 28 Jul 2007, 20:19
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17247
Location: In your JS exploiting you and your system
revolution
I visited the site and downloaded the file they are trying to push down to everyone. I thought it may be a trojan or some sort of malware but after running it through all the virus canners is came up clean.

However, their method of marketing is very underhanded. Pretending that there are critical systems errors and misinforming the user that they must download a particular file shows no credibility on their part. Just that alone is enough to make me suspicious about just what they are really intending to do with people's computers.

BTW: I didn't run the program, I'm not that stupid!
Post 28 Jul 2007, 23:58
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
revolution, perhaps the program is a trial and you have to pay for full usage. (note I'm not assuring that this is not a malware though)

Also, remember that they target ignorant people that doesn't question the credibility of the detection (which obviously doesn't exists), otherwise you wouldn't be using such cleaners in first place because you are already carefull with the PC utilization Wink
Post 29 Jul 2007, 01:37
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17247
Location: In your JS exploiting you and your system
revolution
LocoDelAssembly wrote:
perhaps the program is a trial and you have to pay for full usage.
Yes, that is possible. The website makes no claim about the free (or otherwise) status of the program. But I didn't spend that much time trying to figure out the licensing arrangement.
LocoDelAssembly wrote:
Also, remember that they target ignorant people that doesn't question the credibility of the detection
I agree there 100%, there are a lot of people out there that think everything the computer tells them is the truth and feel compelled to follow every instruction given for fear of having the computer fail. Of course then they get themselves in deeper trouble with loads of crap filling up every last hole in the system all pretending to be helpful and necessary.

This seems to be drifting off topic slightly, but just the method of delivery makes me want to avoid them no matter how "great", "free" or "essential" the product is. I have no desire to support such deceitful practices.
Post 29 Jul 2007, 03:46
View user's profile Send private message Visit poster's website Reply with quote
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
kohlrak
I can't believe that thing is still used, actually. Most people disable it...
Post 29 Jul 2007, 03:51
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Actually XP has it disabled by default, but prior NT versions don't. The main reason could be the fact that Windows 2000 was not designed to be a home OS but more like a workstation where the internet access isn't direct and administrators use this service to send messages to the workstations for maintenance warns and things like that.

I still remember those messages telling "you won a travel to Orlando Florida" (in Spanish actually) back in the 2003 year (among with the same spam in my mailbox). When I got tired of getting those annoying messages I solved the problem myself by finding in the services something that could be related to the message box title. Due to my laziness I did that after several messages Laughing
Post 29 Jul 2007, 04:37
View user's profile Send private message Reply with quote
kohlrak



Joined: 21 Jul 2006
Posts: 1421
Location: Uncle Sam's Pad
kohlrak
Odd, when i got my computer, it was enabled by default. I have xp...
Post 29 Jul 2007, 05:58
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger Reply with quote
Furby



Joined: 01 May 2007
Posts: 74
Location: Kraków, Poland
Furby
LocoDelAssembly wrote:
Actually XP has it disabled by default, but prior NT versions don't. The main reason could be the fact that Windows 2000 was not designed to be a home OS but more like a workstation where the internet access isn't direct and administrators use this service to send messages to the workstations for maintenance warns and things like that.

I still remember those messages telling "you won a travel to Orlando Florida" (in Spanish actually) back in the 2003 year (among with the same spam in my mailbox). When I got tired of getting those annoying messages I solved the problem myself by finding in the services something that could be related to the message box title. Due to my laziness I did that after several messages Laughing


yep, your rigth with XP but only >SP1 Smile

_________________
[AGH] Where is the Polish section ?
Ludu czemu asm jest taki trudny ;/ ?
Post 29 Jul 2007, 13:39
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
haha, I never used XP without SP Razz
Post 29 Jul 2007, 13:44
View user's profile Send private message Reply with quote
rugxulo



Joined: 09 Aug 2005
Posts: 2341
Location: Usono (aka, USA)
rugxulo
Spam is indeed a serious problem these days. (I'm surprised they can even justify to themselves the wasted effort, sheesh. Playing online games is quite a bit more fun than annoying people.)
Post 31 Jul 2007, 04:39
View user's profile Send private message Visit poster's website Reply with quote
vador



Joined: 12 Nov 2006
Posts: 68
Location: Madagascar
vador
thanks everyone for your answerz
Post 05 Aug 2007, 16:54
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.