Go Back   Neko-Sentai » Final Fantasy MMO » FFXI Stuff

Notices

Reply
 
Thread Tools
Old 05-13-2007, 07:27 PM   #1
Siya
Regular Forum User
Forum Member
 
Join Date: Jun 2006
Posts: 152
Thanks: 0
Thanked 0 Times in 0 Posts

Default Paranoia (sp?)

Well I'm just looking for something to calm me down... earlier today while browising www.ffxiah.com to see if some of my stuff sold my mouse was bumped... causing me to click on this ad on the site "ffxi bots here" type of ad... I was able to stop the site from loading and I didn't download anything yet i'm paranoid as hell due to all the recent hackings going on. Just wondering if I'm safe from key loggers ;; since I stopped the page and downloaded nothing. Sorry if this is the wrong spot for this ;;
Siya is offline  
Reply With Quote
Old 05-13-2007, 07:28 PM   #2
Chakrila
Banned
Forum Member
 
Join Date: Sep 2006
Location: hyphy 510
Posts: 1,557
Thanks: 10
Thanked 7 Times in 6 Posts

Default

Task Manager -> Processes
Chakrila is offline  
Reply With Quote
Old 05-13-2007, 07:31 PM   #3
Siya
Regular Forum User
Forum Member
 
Join Date: Jun 2006
Posts: 152
Thanks: 0
Thanked 0 Times in 0 Posts

Default

Notice a lot of shit there I normally never see what would I be looking for exactly?
Siya is offline  
Reply With Quote
Old 05-13-2007, 07:33 PM   #4
Barachiel
Regular Forum User
Forum Member
 
Join Date: Sep 2006
Posts: 1,489
Thanks: 0
Thanked 53 Times in 43 Posts

Default

google is your friend. Search for each process you don't know and it will tell you what they do.
Barachiel is offline  
Reply With Quote
Old 05-13-2007, 07:44 PM   #5
Siya
Regular Forum User
Forum Member
 
Join Date: Jun 2006
Posts: 152
Thanks: 0
Thanked 0 Times in 0 Posts

Default

http://www.liutilities.com/products/...ibrary/ctfmon/

Note: ctfmon.execould also be a process which is registered as a trojan. This Trojan allows attackers to access your computer from remote locations, stealing passwords, Internet banking and personal data. This process is a security risk and should be removed from your system.
Siya is offline  
Reply With Quote
Old 05-13-2007, 07:52 PM   #6
Gulkeeva
Mithra Ero-Sensei
The hentai is out there...
 
Join Date: May 2006
Location: Near Mithra
Posts: 22,205
Thanks: 2,086
Thanked 6,588 Times in 3,421 Posts

Default

ctfmon.exe

Hotfix 5.1.2600.2180
(xpsp_sp2_rtm.040803-2158)
Gulkeeva is offline  
Reply With Quote
Old 05-13-2007, 08:09 PM   #7
Siya
Regular Forum User
Forum Member
 
Join Date: Jun 2006
Posts: 152
Thanks: 0
Thanked 0 Times in 0 Posts

Default

I see a bunch of these things that say it's a legit widows process but also note that that there's a trojan named that too (like ctfmon, smss n such...)... how do I determine if it's legit or bad <.>
Siya is offline  
Reply With Quote
Old 05-13-2007, 08:13 PM   #8
Akumamoto
Regular Forum User
Doujin Team
 
Join Date: Nov 2006
Posts: 535
Thanks: 107
Thanked 163 Times in 17 Posts

Default

It depends on what the order of code was before it got stopped and where it was at. Usually sites with keyloggers that just attach to your PC are extremely rare. Your firewall picks it up. Normally when people get a virus or keylogger, it's from downloading or installing a program from a place that's not "certified" safe, like a Warez place for example.

The biggest thing right now is spyware coming in from your cookies and java. Some things you can't really scan for or ever get rid of with an anti-virus or anti-spyware program, such as rootkits. Rootkits are the dozens of small processes that your PC hides that control all the small stuff such as file indexing, folder GUI, etc. If you're truly scared, update your definitions and do a thorough scan of your PC while it's unplugged from the internet. It'd be safe to assume that major websites with links don't have that kind of content. I always recommend formatting the HDD or running your restore discs at least every 1 year to reset your PC because of what gets tangled in your rootkits.

This 7 year old laptop never had a restore or format since I bought it until last week. I had over 300 invalid rootkits and probably about 20 different spyware programs and about 2 trojans that were not removable via any application to date.
Akumamoto is offline  
Reply With Quote
Old 05-13-2007, 08:25 PM   #9
Akumamoto
Regular Forum User
Doujin Team
 
Join Date: Nov 2006
Posts: 535
Thanks: 107
Thanked 163 Times in 17 Posts

Default

Just go to www.google.com and type in the exact process name. You'll find info and possibly some database process places to check on what they do and what they are. Now, in order for a keylogger to even work to record your POL info on a PC, you'd have to type both your POL ID and your POL password on the PC that has the keylogger. This being said, people normally use the internet POL chat thing... don't use it... it's actually a security loophole and this is what keyloggers want you to do.

By just using POL only through your game and not the browser chat one, you avoid your ID being targeted. They'll maybe know your password at most but they'll never get your ID. Without your ID AND password, they can do nothing.

When the game first came out, there was a flaw where you could use the email exploit within POL to ping the server and then the server pinged you the password. This was fixed a long time ago and is no longer possible.

One other thing, all those people you read about on the game or on a forum that say their account was hacked... it's almost 100% bullshit minus the very rare keylogger. People downloading the programs that had them in the first place should be banned anyways.
Akumamoto is offline  
Reply With Quote
Old 05-13-2007, 10:02 PM   #10
Corrderio
Yeah I got nuthin'
Forum Member
 
Join Date: Jul 2006
Location: South Dakota
Posts: 9,263
Thanks: 54
Thanked 399 Times in 206 Posts

Default

If you're scared you have a virus or something on your PC I'd do a free online scanning.

housecall.trendmicro.com

They're pretty good.
Corrderio is offline  
Reply With Quote
Old 05-14-2007, 12:27 AM   #11
Phiban
Regular Forum User
Forum Member
 
Join Date: Mar 2007
Location: Alexander Server
Posts: 239
Thanks: 0
Thanked 4 Times in 4 Posts

Default

Try Security Task Manager http://www.neuber.com/taskmanager/index.html
the link will explain what it does, it's worth using
also AVGfree edition should be able to pick up keyloggers
Phiban is offline  
Reply With Quote
Old 05-14-2007, 12:47 AM   #12
Siya
Regular Forum User
Forum Member
 
Join Date: Jun 2006
Posts: 152
Thanks: 0
Thanked 0 Times in 0 Posts

Default

Would it be possible for someone to link me to a AVG download, I went to download.com yet every time i try to download it it stops at a random %... atm I'm downloading kapersky and scanning with pandasoft
Siya is offline  
Reply With Quote
Old 05-14-2007, 09:45 AM   #13
Phiban
Regular Forum User
Forum Member
 
Join Date: Mar 2007
Location: Alexander Server
Posts: 239
Thanks: 0
Thanked 4 Times in 4 Posts

Default

http://free.grisoft.com/doc/1
Phiban is offline  
Reply With Quote
Old 05-14-2007, 04:25 PM   #14
Siya
Regular Forum User
Forum Member
 
Join Date: Jun 2006
Posts: 152
Thanks: 0
Thanked 0 Times in 0 Posts

Default

Downloaded Kasper, AVG, Process Guard and Security Task Manager updated everything and scanned. Kasper found like 6 virus (which were in a quarentine folder from housecall... I dunno but I deleted those), Pandasoft found a ton of spyware got rid of that, AVG found a trojan on fraps and got rid of it and installed process guard... I should be ok to sleep at night now >.>
Siya is offline  
Reply With Quote
Old 05-14-2007, 06:05 PM   #15
Siya
Regular Forum User
Forum Member
 
Join Date: Jun 2006
Posts: 152
Thanks: 0
Thanked 0 Times in 0 Posts

Default

I just noticed when browing the secreuity task manager, I see 2 things...


Name Rating CPU Memory File Type Manufacturer
? 42% blank .1MB ? Program .
? 42% blank .1MB ? Program .
Siya is offline  
Reply With Quote
Old 05-24-2007, 03:31 AM   #16
ChibiKrillin
Forum Lurker
Forum Lurker
 
Join Date: Sep 2006
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts

Default

www.sysinfo.org

Also MSConfig is your friend
ChibiKrillin is offline  
Reply With Quote
Reply

Lower Navigation
Go Back   Neko-Sentai » Final Fantasy MMO » FFXI Stuff

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -5. The time now is 09:18 AM.

design by: Themes by Design


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
punch-dnaAll company, product, system names and/or company logos and marks are the registered trademarks or trademarks of their respective owners. If you are the copyright holder of any material found on this site and believe it has been used unfairly please contact one of the forum administrators.