Spyware, Viruses, & Security forum

General discussion

Question about downloaded programs

I dont have much experience with malware,etc.and am trying to learn all I can.My kids only use AOL at home. I know techies seem to hate it,but as a mother of young kids,who was ultra paranoid of inappropriate stuff, its been a safe place for the past 13 years.

My son got a new pc with vista for his bday, and while at his father's,(who is clueless about internet security)he was infected with a ton of stuff. His older cousin who is supposedly a pc guru showed them some p2p places(dont know if I can say them here) to get free video games, movies, pc programs, etc. Well,they downloaded some stuff and at one point my son noticed a quick popup from norton about a backdoor trojan, but it went away. He told the men about this and they just shrugged it off and told him it was no biggie,you cant get hurt,gave him this live and learn speech, and left him to his own devices to figure it out. He eventually let me know and was really upset and scared. I said I'd figure it out when he got home.

I've scanned his pc with several programs and cleaned it and it seems ok now,but my biggest question is about the original infected program. He is not sure when exactly he noticed the popup, but tried to give me a history of what they did so we could narrow it down. Now my question is this; if a trojan comes when you download a certain program, does it extract itself OFF that program so that when the pc is supposedly clean, is that original program now usable or do you need to delete it from your pc because it will always be corrupt? When learning about malware,I just never understood if the suspect download truly does have the real program with it,or is it not even there and all that is downloaded is the virus, because if that is the case, I am really lost because he does have these programs and used them! Am I making sense?
Any information or advice who so greatly be appreciated!

Discussion is locked
You are posting a reply to: Question about downloaded programs
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Question about downloaded programs
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Dangerous malware infects via P2P music

In reply to: Question about downloaded programs

This is the latest article about P2P:

Music fans running Windows are being targeted by new worm-like malware that attacks those who download tracks from peer-to-peer (P2P) networks.

Playing an infected music file will launch Internet Explorer, and load a malicious web page which asks the user to download a codec, a well-known trick to get someone to download malware.

The actual download is not a codec but a Trojan horse, which installs a proxy program on the PC, according to David Emm, senior technology consultant at Kaspersky. The proxy program allows hackers to route other traffic through the compromised PC, helping the hacker essentially cover their tracks for other malicious activity, Emm said.


http://www.pcadvisor.co.uk/news/index.cfm?newsid=13781

IF your son still has P2P on his computer, I would urge him to uninstall it.

Did you run an on-line scan on his computer?

Please run the Housecall online virus scan located at:
http://housecall.trendmicro.com/
Follow the prompts to scan your hard drive for viruses. Select the "Autoclean" option so that Housecall will remove any viruses from your system.
When the scan is finished, please restart your computer.

Support for Windows 2000, XP, and Vista

Please download Malwarebytes Anti-Malware or alternate download link

* Make sure you are connected to the Internet.
* Double-click on Download_mbam-setup.exe to install the application.
* When the installation begins, follow the prompts and do not make any changes to default settings.
* When installation has finished, make sure you leave both of these checked:
* - Update Malwarebytes' Anti-Malware
* - Launch Malwarebytes' Anti-Malware
* Then click Finish.
* MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
* If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.

* On the Scanner tab:
* - Make sure the "Perform Quick Acan" option is selected.
* - Then click on the Scan button.
* The next screen will ask you to select the drives to scan. Leave all the drives selected and click on the Start Scan button.
* The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
* When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
* Click OK to close the message box and continue with the removal process.
* Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
* Make sure that everything is checked, and click Remove Selected.
* When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
* The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.

* -- Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

**If you encounter this message:"c:\program files\malwarebytes' Anti-Malware\mbamext.dll Unable to register the dll/ocx: RegSvr32 failed with exit code 0x5" Click on ignore mbamext.dll

Come both up clean?

Collapse -
Marianna's the expert

In reply to: Dangerous malware infects via P2P music

and I'd agree with the above, but have found p2p can be used reasonably safely...for music files.
Any downloading of software, screensavers, or games is fraught. It's not a matter of "if", but "when", and your son's experience seems to indicate "sooner rather than later."
I've browsed around a few security forums, seen a few HJT logs, and it's often folk who have run cracked programs posting them. It would be a fair generalization to treat them all as infected, and avoid.
There are plenty of places that non-infected free programs can be obtained.
Re music files (or videos), any file that asks for a codec download should also be treated with suspicion. I have my media player set to NOT download codecs automatically, preferring to get well known and safe codec packs from an author's website. Seems to work well.
MBAM (as linked above) is very good. Quite a good idea to update it daily, and scan any downloaded file using the context menu, for added security.

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.