Home News Reviews Forums Shop


Adware,Spyware and Trojans, oh my!

What was that?

Adware,Spyware and Trojans, oh my!

Postby SkaarjMaster on Sun Mar 07, 2004 11:22 pm

:o Well, I was doing something bad today and I'd tell you what is was but we can't say that word in the forums. Anyway, I got 2 viruses (one a trojan) and 125 problems (adware/spyware) found by Ad-Aware and Spyware combined.

Basically, I turned my computer back on this evening after my adventures this afternoon and got asked some permissions from ZoneAlarm that I've never seen before and VirusScan kept asking what to do with a Trojan every 3-4 minutes it seemed like and I kept saying delete. This kept going on during me frantically running VirusScan and then Ad-Aware to get rid of this crap.

VirusScan found a virus in C:/MyDownloads and this:

Downloader-ER, BlazeFind.Bridge >> C:\windows\temp\bridge.exe, also found at:
c:\windows\downloaded program files\bridge.dll

Ad-Aware found this:
2 Processes Identified
53 Registry Keys Identified
12 Registry Values Identified
46 Files Identified
3 Folders Identified

Ad-Aware files deleted were:
WinFavorites
MoneyTree
StopPop
istbar
DyFuCA
180Solutions
Bargain Buddy
Internet Optimizer
c:\windows\system\a.exe
msbb
PossibleBrowserHijackAttempt

Upon reboot, Ad-Aware deleted:
c:\windows\bi.dll
c:\windows\downloaded program files\bridge.dll

Then I deleted my temp directory, temp. internet files and history and rebooted.

Ad-Aware then found:
4 registry keys
1 registry value
1 File

SpyBot found:
3 problems

I then ran VirusScan again and it found nothing and Ad-Aware found nothing as well.

Let this be a lesson to me and anyone else reading this. It's just not worth it! 8)
MSI (unnamed laptop): GS75 Stealth 95F, Pioneer BDR-XD07B
SKAARJ-LAPTOP: Asus G750JW-NH71
SKAARJMASTERDUO: WinXPSP3,C2D E8600,Gigabyte EP45-UD3P,Pioneer DVR-216D,BenQ DW1655,Asus E818A3T.
User avatar
SkaarjMaster
CD-RW Player
 
Posts: 510
Joined: Thu Dec 11, 2003 1:06 pm
Location: Sarasota, Florida USA

Postby aviationwiz on Mon Mar 08, 2004 12:03 am

Might as well just say what you were doing as you gave it away in your explanations. He was pirating obviously. What you posted does not appear to break the rules, even if you did mention it was piracy. It was more or less an ANTI-Piracy "campaign." Obviously using some sort of P2P program like Kazaa too, forwarding this onto hoxlund, our expert on piracy.
User avatar
aviationwiz
Plextor Fan(atic)
 
Posts: 4069
Joined: Tue Jul 16, 2002 2:55 am
Location: Home of the Red Tail

Postby hoxlund on Mon Mar 08, 2004 12:07 am

wow, did i hear the P word?

anyways, yeah if you love viruses, trojans, then by all means use kazaa and other p2p software

i caught my bro using kazaa for like an hour, scolded him, then had him run viruscan, his jaw dropped. Found 134 viruses, 2 trojans. he learned his lesson

anyways, kinda same thing can happen in irc or bottler or whatever you might use, but only if you leave your system completly open

right now im the DMZ host for my router and i run mcafee firewall

lets see, i download from ftp servers constantly, irc constantly, bottler constantly and i have yet to get a virus or trojan
Thermaltake Core X5 Snow Edition TG Case
Corsair RM1000 Power Supply
MSI X399 Gaming Pro Carbon AC
AMD Threadripper 1950x @ 4.1GHz
Custom Loop w/ EK MSI x399 Monoblock
G.Skill 4x8GB DDR4 3200 RGB Memory
MSI 1080Ti Lightning X Video Card
User avatar
hoxlund
CD-RW Player
 
Posts: 3708
Joined: Mon May 27, 2002 12:55 am
Location: Idaho

Postby SkaarjMaster on Mon Mar 08, 2004 12:36 am

I don't use Kazaa, mIRC and I've never even heard of bottler. Anyway, back to the normal web sites and non-spamming pr0n sites for me, hehe. :wink:
User avatar
SkaarjMaster
CD-RW Player
 
Posts: 510
Joined: Thu Dec 11, 2003 1:06 pm
Location: Sarasota, Florida USA

Postby hoxlund on Mon Mar 08, 2004 12:52 am

spamming pr0n? hmm sounds like website warez, almost worse then p2p
Thermaltake Core X5 Snow Edition TG Case
Corsair RM1000 Power Supply
MSI X399 Gaming Pro Carbon AC
AMD Threadripper 1950x @ 4.1GHz
Custom Loop w/ EK MSI x399 Monoblock
G.Skill 4x8GB DDR4 3200 RGB Memory
MSI 1080Ti Lightning X Video Card
User avatar
hoxlund
CD-RW Player
 
Posts: 3708
Joined: Mon May 27, 2002 12:55 am
Location: Idaho

Postby pranav81 on Mon Mar 08, 2004 1:22 am

Hey hox,can you connect KazaaLite?A friend of mine met me yesterday and told me that Kazaa Lite is now a paid service and he can no longer connnect to Kazaa users.
What do you think?


::Pranav::
User avatar
pranav81
CD-RW Player
 
Posts: 1160
Joined: Thu Dec 05, 2002 6:57 am
Location: Solapur,Maharashtra,India

Postby hoxlund on Mon Mar 08, 2004 1:23 am

how insulting, how you think i use kazaa
Thermaltake Core X5 Snow Edition TG Case
Corsair RM1000 Power Supply
MSI X399 Gaming Pro Carbon AC
AMD Threadripper 1950x @ 4.1GHz
Custom Loop w/ EK MSI x399 Monoblock
G.Skill 4x8GB DDR4 3200 RGB Memory
MSI 1080Ti Lightning X Video Card
User avatar
hoxlund
CD-RW Player
 
Posts: 3708
Joined: Mon May 27, 2002 12:55 am
Location: Idaho

Postby pranav81 on Mon Mar 08, 2004 1:25 am

I am sorry hox,but I didnt mean to offend you. :wink:

But you had mentioned that your brother used Kazaa,so I thought of asking you if you can still connect.

No offence intended.

::Pranav::
User avatar
pranav81
CD-RW Player
 
Posts: 1160
Joined: Thu Dec 05, 2002 6:57 am
Location: Solapur,Maharashtra,India

Postby hoxlund on Mon Mar 08, 2004 1:27 am

no it was mostly a joke anyways, yeah i made him stop using kazaa

mainly cause his computer was also the ftp server for my house, and didn't want to catch anything or give anything

he saw it my way after a few blows to the head
Thermaltake Core X5 Snow Edition TG Case
Corsair RM1000 Power Supply
MSI X399 Gaming Pro Carbon AC
AMD Threadripper 1950x @ 4.1GHz
Custom Loop w/ EK MSI x399 Monoblock
G.Skill 4x8GB DDR4 3200 RGB Memory
MSI 1080Ti Lightning X Video Card
User avatar
hoxlund
CD-RW Player
 
Posts: 3708
Joined: Mon May 27, 2002 12:55 am
Location: Idaho

Postby pranav81 on Mon Mar 08, 2004 1:30 am

But hox,you did not answer my question.Can you or your brother still connect using Kazaa?When was the last time you tried it?


::Pranav::
User avatar
pranav81
CD-RW Player
 
Posts: 1160
Joined: Thu Dec 05, 2002 6:57 am
Location: Solapur,Maharashtra,India

Postby hoxlund on Mon Mar 08, 2004 1:32 am

about 2 years ago
Thermaltake Core X5 Snow Edition TG Case
Corsair RM1000 Power Supply
MSI X399 Gaming Pro Carbon AC
AMD Threadripper 1950x @ 4.1GHz
Custom Loop w/ EK MSI x399 Monoblock
G.Skill 4x8GB DDR4 3200 RGB Memory
MSI 1080Ti Lightning X Video Card
User avatar
hoxlund
CD-RW Player
 
Posts: 3708
Joined: Mon May 27, 2002 12:55 am
Location: Idaho

Postby pranav81 on Mon Mar 08, 2004 1:34 am

Wow!
And to think you are a pro-pirater. :-?


::Pranav::
User avatar
pranav81
CD-RW Player
 
Posts: 1160
Joined: Thu Dec 05, 2002 6:57 am
Location: Solapur,Maharashtra,India

Postby hoxlund on Mon Mar 08, 2004 1:39 am

yeah, im going to finals this year, maybe even state
Thermaltake Core X5 Snow Edition TG Case
Corsair RM1000 Power Supply
MSI X399 Gaming Pro Carbon AC
AMD Threadripper 1950x @ 4.1GHz
Custom Loop w/ EK MSI x399 Monoblock
G.Skill 4x8GB DDR4 3200 RGB Memory
MSI 1080Ti Lightning X Video Card
User avatar
hoxlund
CD-RW Player
 
Posts: 3708
Joined: Mon May 27, 2002 12:55 am
Location: Idaho

Postby TheWizard on Mon Mar 08, 2004 4:28 am

pranav81: Kazaa still works for me (by using Kazaa Lite K++). Although, it is going downhill in a hurry.
No, I like women.
TheWizard
CD-RW Player
 
Posts: 2074
Joined: Fri Jun 28, 2002 6:56 pm

Postby dodecahedron on Mon Mar 08, 2004 6:10 am

TheWizard wrote:Although, it is going downhill in a hurry.

what do you mean?
One Ring to rule them all, One Ring to find them,
One Ring to bring them all and in the darkness bind them
In the land of Mordor, where the Shadows lie
-- JRRT
M.C. Escher - Reptilien
User avatar
dodecahedron
DVD Polygon
 
Posts: 6865
Joined: Sat Mar 09, 2002 12:04 am
Location: Israel

Postby TheWizard on Mon Mar 08, 2004 6:27 am

Like Napster went downhill, so too is Kazaa. Between the RIAA clamping down, kiddies spreading viruses over Kazaa, and the original Kazaa software becoming pay-only, the entire Kazaa P2P network is declining. Not to mention the fact that the authors of Kazaa Lite have abandoned the project.
No, I like women.
TheWizard
CD-RW Player
 
Posts: 2074
Joined: Fri Jun 28, 2002 6:56 pm

Postby dodecahedron on Mon Mar 08, 2004 11:58 am

TheWizard wrote:Not to mention the fact that the authors of Kazaa Lite have abandoned the project.

didn't know that.
too bad.
One Ring to rule them all, One Ring to find them,
One Ring to bring them all and in the darkness bind them
In the land of Mordor, where the Shadows lie
-- JRRT
M.C. Escher - Reptilien
User avatar
dodecahedron
DVD Polygon
 
Posts: 6865
Joined: Sat Mar 09, 2002 12:04 am
Location: Israel

Postby pranav81 on Tue Mar 09, 2004 1:07 am

dodecahedron wrote:
TheWizard wrote:Not to mention the fact that the authors of Kazaa Lite have abandoned the project.

didn't know that.
too bad.




Thanks for telling me that Kazaa is still running.Because my friend told me that he is not able to connect to the Kazaa P2P network.I didnt ever used Kazaa because I am damn afraid of viruses and worms messing up my coolly running system.And the main reason is that I am on ISDN, which is slow.
And I too didnt knew that Kazaa Lite development has stopped.


::Pranav::
User avatar
pranav81
CD-RW Player
 
Posts: 1160
Joined: Thu Dec 05, 2002 6:57 am
Location: Solapur,Maharashtra,India

Postby TheWizard on Tue Mar 09, 2004 5:59 am

It is kind of a shame, I agree. It is/was (still is as of now) a great place to download a quick MP3. Although, there are newer technologies and better networks emerging that, personally, I like better than Kazaa. Will these new networks last? That remains to be seen. They will probably last as long as they can, until they, too, go downhill like Napster and Kazaa. That's the way the P2P thing works; when one program's heyday has passed, another one takes its place (i.e. Napster -> Kazaa).

Regarding getting trojans and worms on P2P networks, yes, these are always a risk. But you can get a trojan or worm just by surfing the web. My advice, secure your computer/LAN with a firewall. You'd be amazed at how much unwanted traffic my firewall has stopped since I installed it.
No, I like women.
TheWizard
CD-RW Player
 
Posts: 2074
Joined: Fri Jun 28, 2002 6:56 pm

Postby pranav81 on Tue Mar 09, 2004 9:09 am

Thanks TheWizard for bringing the firewall topic.I use Wingate 5 to share my internet connection between my computers.I have Windows 2000 SP4 on the Wingate Server.So I want to know that if I install a firewall on the server,will other computers on the network get the firewall protection?Wingate 5 has a built in firewall but it's not that easy to use.


::Pranav::
User avatar
pranav81
CD-RW Player
 
Posts: 1160
Joined: Thu Dec 05, 2002 6:57 am
Location: Solapur,Maharashtra,India

Postby kevincott on Wed Mar 10, 2004 8:53 pm

I have used WinMX as p2p software and found no back-ends.

Anyone know if I am wrong?

I have not been using virus or extra firewall.
kevincott
CD-RW Thug
 
Posts: 66
Joined: Wed Feb 26, 2003 8:39 pm

Postby TheWizard on Fri Mar 12, 2004 1:36 am

kevincott: At the very least, you should be using antivirus software to avoid getting infected. A firewall is added security, but every computer connected to the Internet should have antivirus software installed. McAfee or Norton are both good choices. WinMX may have no backdoors in it, but that doesn't mean you are completely invulnerable from receiving viruses and hack attempts.

pranav81: Provided your network is set up correctly, then yes, all the workstations will have firewall protection as long as the Wingate machine is running a firewall of some sort. I take it your Wingate server acts as the gateway, DHCP, and DNS servers for your LAN, yes? Basically, it acts as a router; it sends and receives data from the Internet to/from your LAN, correct? If each workstation connects directly to the Internet separately, then you'll have to run firewall software on each machine. If the only computer that has a direct connection to the Net is the Wingate server, then adding a firewall to that machine alone will also protect to workstations connected to it. You will have to mess around with opening certain ports on your firewall that your workstations use. But, it's better to open a port here and there when necessary rather than having all your ports open to attack.
No, I like women.
TheWizard
CD-RW Player
 
Posts: 2074
Joined: Fri Jun 28, 2002 6:56 pm


Return to Rants n' Raves

Who is online

Users browsing this forum: No registered users and 0 guests

All Content is Copyright (c) 2001-2021 CDRLabs Inc.