Simviation Forum - How to identify spyware...

	Search the archive:

Simviation Main Site | Site Search | Upload Images

Simviation Forum › Computer Hardware & Software Forum › Computer Games & Software › How to identify spyware...

(Moderators: Mitch., Fly2e, ozzy72, beaky, Clipper, JBaymore, Bob70, BigTruck)

‹ Previous Topic | Next Topic ›

Pages: 1

Send Topic

Print

How to identify spyware... (Read 1170 times)

Apr 24^th, 2004 at 11:03am

Wing Nut Offline
Colonel
Hoy-Hoy!

Gender:
Posts: 14173

I came across this the other day and it's proving REAL handy! When you do ctrl/alt/del and see all those processes, and you don't know what they are, just go here and most are defined for you. VERY helpful...

http://www.liutilities.com/products/wintaskspro/processlibrary/

HP p7-1300w
AMD Athlon II X4 650 Quad-core 3.2 Ghz
23" HP Widescreen monitor/19" Dell monitor
Windows 7 Home Premium
16 Gb DDR3 PC10600 Ram
1 Gb GeForce GTX 550Ti video card
1 TB RAID Drives

If you want to see the most beautiful girl in the world, CLICK HERE!

IP Logged

Reply #1 - Apr 24^th, 2004 at 11:20am

Jared Offline
Colonel
I'd rather be flying...
Uniontown, Ohio

Gender:
Posts: 12621

Very interesting!

IP Logged

Reply #2 - Apr 24^th, 2004 at 6:49pm

Politically Incorrect Offline
Colonel
Personal opinion given
free of charge!
Williamsport, PA

Gender:
Posts: 3915

Great site of information!
I was looking real close at the "spyware" ones and closely at the processes on my computer and at first I though I was loaded with spyware! LOOK REAL CLOSE! BEFORE KILLING!!!
Spyware processes are real similar to legitamite processes, differeing by a letter, usally switched around.
But very usefull site!!! I often wondered what some of that stuff was!
Thanks Pippin!!

IP Logged

Reply #3 - Apr 24^th, 2004 at 10:10pm

chomp_rock Offline
Colonel
I must confess, I was
born at a very early
age.

Gender:
Posts: 2718

I have a list of all of my normal Windows processes and the ones that don't run all of the time and I end any others that start (except Norton Antivirus and BlackIce Defender)

AMD Athlon 64 3700+&&GeForce FX5200 256Mb&&1GB DDR400 DC&&Seagate 500Gb SATA-300 HDD&&Windows XP Professional X64 Edition&&&&That's right, I'm now using an AMD! I decided to give them another try and they kicked the pants off of my P4 3.4!

IP Logged

Reply #4 - Apr 26^th, 2004 at 7:49pm

bm_727 Offline
Colonel
Connecticut, USA!

Gender:
Posts: 436

A good program to remove spyware is called Ad-Aware 6... It's available for free @ www.lavasoftusa.com

You might be surprised at how many spyware files r on ur computer... Tongue

Tongue

&&[glow=green,2,300]I didn't lose my mind- I sold it on Ebay! [/glow]

IP Logged

Reply #5 - Apr 26^th, 2004 at 10:48pm

_526th_Fireman Offline
Colonel
S~ to all fair and honorable
pilots. S~!!
Joshua Texas

Gender:
Posts: 1148

For Spyware you really need to run BOTH Ad Aware and Spybot. I do use both as a tandem process. What one misses the other catches. There is a program I am looking at called SpywareBlaster that catches it before it gets into your machine. Haven't tried it yet but will. Sounds promising and is free.

Link on write up is at Tech TV.

http://www.techtv.com/callforhelp/freefile/story/0,24330,3491627,00.html

There are also links on this page for AdAware and Spybot.

Systemax Sabre Ultimate gaming rig.&&&&I got all the goodies and all the power I need to run anything thrown at me for the next two months!

IP Logged

Reply #6 - Apr 27^th, 2004 at 2:05am

Delta_ Offline
Colonel
Woah!
London, UK

Gender:
Posts: 2032

I do the same as 526th_Fireman. I use both, they are very useful.

My system:Intel Q6600@3.6GHz, Corsair XMS2 4GB DDR2-6400 (4-4-4-12-1T) , Sapphire 7850 OC 2BG 920/5000, X-Fi Fatality, Corsair AX 750, 7 Pro x64

IP Logged

Reply #7 - Apr 27^th, 2004 at 8:19pm

bm_727 Offline
Colonel
Connecticut, USA!

Gender:
Posts: 436

Quote:

There is a program I am looking at called SpywareBlaster that catches it before it gets into your machine. Haven't tried it yet but will. Sounds promising and is free.

Cool thanks for the link i will d/l it now! Tell us how it works out on ur machine

...

&&[glow=green,2,300]I didn't lose my mind- I sold it on Ebay! [/glow]

IP Logged

Reply #8 - Apr 28^th, 2004 at 5:25am

Politically Incorrect Offline
Colonel
Personal opinion given
free of charge!
Williamsport, PA

Gender:
Posts: 3915

Quote:

. There is a program I am looking at called SpywareBlaster that catches it before it gets into your machine.

I have used this since last year, and it seems to work, hard to tell because it never tells you if something has been blocked??? But I do know everything it says it is blocking has never shown up on my machine.

I have used Spybot search& destroy along with it, but recently gave NoAdware a shot and NoAdware found and removed 26 pieces of spyware that Spybot "overlooked".
So now I run both, just to keep track if one is missing something, but since installing NoAdware haven't had a thing on my computer!

IP Logged

Reply #9 - Apr 28^th, 2004 at 5:34am

Politically Incorrect Offline
Colonel
Personal opinion given
free of charge!
Williamsport, PA

Gender:
Posts: 3915

I might have to retract that last sentance Lips Sealed

Lips Sealed

Does anyone know what this is???

I just started getting this pop-up at various times. What is it, where does it come from, is it spyware?
I have looked through the computer and can't find anything???
The instructions seem "fishy"?
I have run a virus scan, spyware scan etc, and find nothing.

IP Logged

Reply #10 - Apr 28^th, 2004 at 8:21am

_526th_Fireman Offline
Colonel
S~ to all fair and honorable
pilots. S~!!
Joshua Texas

Gender:
Posts: 1148

Hi fretnstuff. I have never seen anything like that before, but it seems my memory tells me I saw at the Windows Update site that there is security problem with Messenger Service, buffer overrun as stated.

If you are concerned about it, go directly to the Windows update site and find the patch there.

http://v4.windowsupdate.microsoft.com/en/default.asp

Systemax Sabre Ultimate gaming rig.&&&&I got all the goodies and all the power I need to run anything thrown at me for the next two months!

IP Logged

Reply #11 - Apr 28^th, 2004 at 3:20pm

bm_727 Offline
Colonel
Connecticut, USA!

Gender:
Posts: 436

to fret-

I have heard of this before. Actually, it has happened to me. It does talk about the security issue with that program (messenger service), but i wouldn't click on it just to be safe, as that address isn't the site the patch is at...

Windows messenger service was originally designed to "allow system administrators on client-server networks to send out brief system-wide messages to everyone connected to the network." But, the reason it looks legitimate is because people have figured out ways to use messenger service for spam and thats why you're getting that message Undecided

Undecided

I got rid of them by turning on my MS firewall (included w/ windows) if u dont have uit turned on here's how.
Go to start/control panel/network & internet connection/ network connections and right click on ur connection. go to 'properties' and check the first box that says "internet connection firewall" this has worked for me...

Also, theres a patch for it like fireman said called MS03-043

now, any questions? Wink

Wink

Grin

hope this helps Lips Sealed

Lips Sealed

&&[glow=green,2,300]I didn't lose my mind- I sold it on Ebay! [/glow]

IP Logged

Reply #12 - Apr 28^th, 2004 at 5:44pm

Politically Incorrect Offline
Colonel
Personal opinion given
free of charge!
Williamsport, PA

Gender:
Posts: 3915

Thanks guys for the info, but thing is i can't locate windows messanger anywhere? I never used it.
I went to the site for the patch and XP Home isn't listed??
Not to mention these patches are for a network, and my computer isn't on a network. It did come from dell with the network hook ups and so forth.
I figured I would just disable Windows Messenger like the M$ site said but I can't find it?!

IP Logged

Reply #13 - Apr 28^th, 2004 at 10:04pm

bm_727 Offline
Colonel
Connecticut, USA!

Gender:
Posts: 436

fret-

go to the link I posted and look under "Affected Software:"
click on the d/l for "Microsoft Windows XP 64-bit Edition"

hope this helps Wink

Wink

Quote:

Not to mention these patches are for a network, and my computer isn't on a network.

By this, I think the 'network' it's referring to is the internet...
Windows Messenger Service was originally developed for office or home networks, but spammers use it on the internet too...

PS- try to turn on your firewall also Wink

Wink

...

&&[glow=green,2,300]I didn't lose my mind- I sold it on Ebay! [/glow]

IP Logged

Reply #14 - Apr 29^th, 2004 at 5:46am

Politically Incorrect Offline
Colonel
Personal opinion given
free of charge!
Williamsport, PA

Gender:
Posts: 3915

Forgot about the firewall, I have a different firewall I use and when I have the XP firewall enabled it messes up everything!
The pop up appears occasionally so I guess if the patch doesn't help I can live with it??? Not to mention since most problems like this have to do with something M$ I don't trust thier firewall the least bit Grin

Grin

IP Logged

Reply #15 - Apr 29^th, 2004 at 5:56am

Politically Incorrect Offline
Colonel
Personal opinion given
free of charge!
Williamsport, PA

Gender:
Posts: 3915

Downloaded the patch for XP 64 bit and it won't let me install it, says something about it not being a valid WIN32 application ???

IP Logged

Reply #16 - Apr 29^th, 2004 at 8:56am

Wing Nut Offline
Colonel
Hoy-Hoy!

Gender:
Posts: 14173

Quote:

Forgot about the firewall, I have a different firewall I use and when I have the XP firewall enabled it messes up everything!
The pop up appears occasionally so I guess if the patch doesn't help I can live with it??? Not to mention since most problems like this have to do with something M$ I don't trust thier firewall the least bit Grin

Grin

Fret, I have a small program that I could e-mail you that will stop those things. If you like, I could e-mail you it...

HP p7-1300w
AMD Athlon II X4 650 Quad-core 3.2 Ghz
23" HP Widescreen monitor/19" Dell monitor
Windows 7 Home Premium
16 Gb DDR3 PC10600 Ram
1 Gb GeForce GTX 550Ti video card
1 TB RAID Drives

If you want to see the most beautiful girl in the world, CLICK HERE!

IP Logged

Reply #17 - Apr 29^th, 2004 at 3:37pm

Ivan Offline
Colonel
No, I'm NOT Russian, I
only like Russian aircraft
The netherlands

Gender:
Posts: 6058

Don't click on the gator popups...

for the rest:
- adaware
- hijackthis
- Spybot search and destroy
All that combined with google search

Russian planes: IL-76 (all standard length ones), Tu-154 and Il-62, Tu-134 and An-24RV&&&&AI flightplans and repaints can be found here

IP Logged

Reply #18 - Apr 29^th, 2004 at 7:02pm

Politically Incorrect Offline
Colonel
Personal opinion given
free of charge!
Williamsport, PA

Gender:
Posts: 3915

Hi Ivan!
I use NoAdware, spyware blaster in conjunction with Spyware seek and destroy.
After running NoAdware and Seek and Destroy I come up with nothing???
I did get the patch mentioned and yet to see the pop up so maybe it worked? It has to be something in my computer because I have a pop-up blocker that stops all pop-ups, except for the one mentioned?
I did notice the other day, the RAM being sucked out of the computer for no apparent reason (768MB) I couldn't figure it out, I thought maybe spyware so i scanned, also did a virus scan and came up empty. Knock on wood that has only happened twice in past year.

IP Logged

Reply #19 - May 3^rd, 2004 at 10:32pm

toffeemen Offline
1st Lieutenant
I love YaBB 1G - SP1!
yorkshire u.k

Gender:
Posts: 2

to turn the messenger services off on win xp Wink

Wink

goto control panel click performance and maintinace click adminisrative tools click services scroll down to messenger then right click goto properties ther you will see startup type,diabled then click apply Grin

Grin

and no more anoying grey boxes easy ehh 8)

IP Logged

Reply #20 - May 4^th, 2004 at 5:45am

Politically Incorrect Offline
Colonel
Personal opinion given
free of charge!
Williamsport, PA

Gender:
Posts: 3915

Thanks!! I didn't even know that "services" thing exsited!!!
What is that anyway, from the discription that it list it is nothing but M$ "spyware" !
It says it has nothing to do with Windows Messanger, so why is it called that??? I wonder what other wonderfull M$ spyware lurks inside of my XP???

IP Logged

Reply #21 - May 4^th, 2004 at 6:01am

toffeemen Offline
1st Lieutenant
I love YaBB 1G - SP1!
yorkshire u.k

Gender:
Posts: 2

not exactly sure why the msg services was put in there for!! Undecided

Undecided

but to give you some more idea on what nastey suprises lurk in xp click start then in the run box type msconfig click ok then goto services and see whats running and who it belongs too you may be in for a shock Undecided

Undecided

IP Logged

Reply #22 - May 4^th, 2004 at 9:04am

Ivan Offline
Colonel
No, I'm NOT Russian, I
only like Russian aircraft
The netherlands

Gender:
Posts: 6058

Messenger services is meant for corporate usesrs, to sent messages about printer availability and the like.

it's active on a certain port (forgot which one it was).

get zonealarm to get rid of these messages.

Russian planes: IL-76 (all standard length ones), Tu-154 and Il-62, Tu-134 and An-24RV&&&&AI flightplans and repaints can be found here

IP Logged

Reply #23 - May 4^th, 2004 at 6:33pm

bm_727 Offline
Colonel
Connecticut, USA!

Gender:
Posts: 436

Quote:

Windows messenger service was originally designed to "allow system administrators on client-server networks to send out brief system-wide messages to everyone connected to the network."

Wink

Roll Eyes

&&[glow=green,2,300]I didn't lose my mind- I sold it on Ebay! [/glow]

IP Logged

Reply #24 - May 6^th, 2004 at 7:34pm

Politically Incorrect Offline
Colonel
Personal opinion given
free of charge!
Williamsport, PA

Gender:
Posts: 3915

Quote:

not exactly sure why the msg services was put in there for!! Undecided

Undecided

but to give you some more idea on what nastey suprises lurk in xp click start then in the run box type msconfig click ok then goto services and see whats running and who it belongs too you may be in for a shock Undecided

Undecided

HOLY CRAP!!! My Windows XP is full of Microsoft applications running!!!!!! Grin

Grin

That is kind of amazing all the M$ stuff that is running, and over half of it isn't anything I know??? I would like to know how I can get this computer to stop thinking its on a network! I'm not even connected to another computer! and I notice allot of what is running is used for networked computers, what gives???

IP Logged

Reply #25 - May 7^th, 2004 at 1:39am

Wing Nut Offline
Colonel
Hoy-Hoy!

Gender:
Posts: 14173

Fret, follow the link here, and use the page at the beginning of this thread and you'll find 99.999 percent of the spyware on your system.

http://www.simviation.com/cgi-bin/yabb/YaBB.cgi?board=gen;action=display;num=108...

HP p7-1300w
AMD Athlon II X4 650 Quad-core 3.2 Ghz
23" HP Widescreen monitor/19" Dell monitor
Windows 7 Home Premium
16 Gb DDR3 PC10600 Ram
1 Gb GeForce GTX 550Ti video card
1 TB RAID Drives

If you want to see the most beautiful girl in the world, CLICK HERE!

IP Logged

Reply #26 - May 7^th, 2004 at 5:37am

Politically Incorrect Offline
Colonel
Personal opinion given
free of charge!
Williamsport, PA

Gender:
Posts: 3915

Thanks Pippin, just noticed that link, great bit of information there!!

IP Logged

Reply #27 - May 14^th, 2004 at 5:42pm

Scottler Offline
Colonel
Albany, New York USA

Gender:
Posts: 5989

To shut down some of those services, you can either CTRL+ALT+DEL it (not recommended), you can get a program like "EndItAll" (Google it and you'll find it), or you can set up a separate gaming profile on your system.

Get more info at

http://www.blackviper.com/WinXP/supertweaks.htm

You can set your system up so that these "extra" services (which aren't needed for gaming) don't start on boot up. Then you just select the hardware profile you want (in this case, gaming) and you'll start with very little running.

Great edit, Bob.&&&&&&Google it. &&&&www.google.com

IP Logged

Pages: 1

Send Topic

Print

‹ Previous Topic | Next Topic ›

Top of this page

Simviation Forum » Powered by YaBB 2.5 AE!
YaBB Forum Software © 2000-2010. All Rights Reserved.

Valid XHTML

Valid CSS

Powered by Perl

Source Forge