Simplify your laptop buying
Spyware, viruses, & security : Project1
Project1
by Ken Deyell - 9/2/07 4:27 PMAfter I open up my Yahoo messenger ver.8.1,and run it, shortly there after when I check in "task manager" Project1 is listed.Oddly enough I have did a file search and a registry search,and can not find any reference to it.I "end it" in task manager,and it does not surface again untill I go back into my Yahoo messenger.It does seem to have a slowing affect when I am using messenger.My scans with spybot and ad-aware are clean.My OS W98SE IE6SP1
Project1
by Ken Deyell - 9/3/07 5:47 AM In reply to: Just a quick reply by R. Proffitt
Thanks for pointing me in this direction.The only thing I haven't confirmed on my system,which is mentionded in some of these postings, is "project1" is not detected by any AV scan.This leads me to believe it is somehow apart of Yahoo messenger.Is there anyway of confirming this and should I have any other concerns.
Just back.
by R. Proffitt - 9/3/07 5:56 AM
In reply to: Project1 by Ken Deyell
What many learn is to get "second opinion" scans of their system. This way you can be sure.
Here's 2 I use since no install is required.
http://www.ewido.net/en/onlinescan/
http://housecall.trendmicro.com/
The discussions I noted in my first fast reply should help in determining what it is.
Bob
Still Evading Me
by Ken Deyell - 9/6/07 4:28 PM In reply to: Just back. by R. Proffitt
Robert I just wanted to let you know I ran two virus scans one with "housecall" the other with "McAfee",and neither one of them detected "project1".I was unable to get "ewido" to scan for me.I would sure like to get my hands on whatever this "project1" is.I did get an email confirmation from Yahoo that it is not any part of their messenger ver. 8.1 and they to suggested a type of virus.I will keep searching to see if anyone has come up with a solution.Thanks for your directions.
Have a look at this thread.....
by Marianna Schmudlach - 9/7/07 10:27 AM
In reply to: Still Evading Me by Ken Deyell
My computer has been infected with project1. Can anyone supply some assistance to be rid of it.
http://forum.grisoft.cz/freeforum/read.php?4,73954,sv=
The Search Goes On
by Ken Deyell - 9/8/07 10:24 AM In reply to: Have a look at this thread..... by Marianna Schmudlach
Marianna I carried out all the scans outlined in the "link",and came up clean except for 2 files the AVG AV progr. found and were removed.Following the scans I proceeded to open Yahoo messenger,and "project1" still appeared in my task manager.I followed the manual removal outlined in the link and the "ntsvsrv.dll" listed was not found either.I did however locate the "wsock32.dll" file which they referenced a size of 14848 bytes.Mine showed 40960 bytes and the date would indicate it as being an original file.Also the 5 files listed in item# 10 to be manually removed were not found.So even with the results of these scans and searches "project1" still eludes me.Sorry for this lengthy reply.
The Search Goes On....
by Marianna Schmudlach - 9/8/07 1:46 PM
In reply to: The Search Goes On by Ken Deyell
Ken,
then I would suggest downloading HJT :
http://forums.cnet.com/5208-6132_102-0.html?forumID=32&threadID=255339&messageID=2533167
and post it in one of the mentioned HJT forums. Hopefully they can SEE what is going on.
Good Luck !
Project1 is Generic
by pmchefalo - 9/10/07 4:20 AM In reply to: The Search Goes On by Ken DeyellProject1 is the default name for a Microsoft Visual Studio project. If you do not supply a name for your code, that's what the compiler, etc. call it. So any hacker in the world can be using "Project1" at any time. Searching for "Project1" is useless.
Since the file is not detected by a simple search (You do allow yourself to see hidden and system files, right?) you may be rooted. Try BlackLight from F-Secure, RootKit Detective from McAfee or RootKit Revealer from Sysinternals/Microsoft.
Rootkits are best removed by re-formatting unless you are capable enough to answer questions here rather than asking them. Make sure you're data is backed up. You probably will be re-formatting anyway since rootkits and their writers are not big respecters of keeping the system running; they tend to load up the system until it won't run or start, especially if av programs detect and disable the visible pieces of code.
Most Windows PCs that are having trouble have been compromised by "malware", either from legitmate but poorly-managed companies (ie Intuit or Symantec) or hardware drivers misapplied or crimeware.
Great Support
by Ken Deyell - 9/10/07 5:02 AM In reply to: Project1 is Generic by pmchefaloJust in the final stages of the HJT proceedure,and have just D/L "rootkitrevealer".Will report on progress.Thx.for the directions.
Get the best Anti-Rootkit to scan your system
by andrewbaggins - 9/10/07 9:08 AM In reply to: Great Support by Ken DeyellHi. Get the most effective anti-rootkit scanner currently available. It's the one by Panda. Go here and step through the pages that advise you how to use it. Basically, you download it and double-click on it to run a scan, after closing your internet browser. There's a checkbox which, if checked, will restart your computer and run an in-depth scan. Click on the link below (or you can get it at Majorgeeks.com, too, I think).
http://www.pandasecurity.com/homeusers/downloads/docs/product/help/rkc/en/rkc_en.htm?
Pmchefalo ..I'm to old :)
by Ken Deyell - 9/11/07 5:23 AM In reply to: Project1 is Generic by pmchefaloI checked out all 3 of the sources you outlined for me todo a "rootkit check" only to find that none of them work with my old W98SE.I hate to ask if you have any further suggestions.
Rootkits on Windows 98?
by pmchefalo - 9/13/07 11:52 PM In reply to: Pmchefalo ..I'm to old :) by Ken DeyellThe malware writers may have the same problem ... many anti-virus makers have dropped Windows 98 support as well.
Sorry, no good suggestions for saving Windows 98. I usually recommend that no one run it on the Internet since it is completely defenseless, because it has no concept of security roles and therefore is always wide-open. It is a pre-Internet product, made obsolete by user expectations that it cannot meet.
Mystery Solved..
by Ken Deyell - 9/14/07 1:23 PM In reply to: Rootkits on Windows 98? by pmchefaloThe "project1" turns out tobe my "mic lock" that I use in Yahoo messenger/chat.It is a stand alone program,and I was able to determine that it's product name is in fact "project1".It is listed by that name in my "task manager".I'm relieved to know I remain clean,but have taken your comments regarding W98 to heart.I apologize to all those that took time to respond to what turned out tobe a non issue.A new PC is in the works for next month.
It's Good That You Weren't Compromised
by pmchefalo - 9/14/07 3:02 PM In reply to: Mystery Solved.. by Ken DeyellKen, if you had been "rooted" there's no telling what data could have been compromised.
In my not-so-humb;e opinion, any programmer who is above newbie-level should not release a Project1.exe into the wild. I would avoid all such program, plus any that:
1) Do not have real icons, but instead the generalized form icons from Visual studio;
2) any that do not have version info "tatooed" om the executable. This can be seen by clicking on the file and looking at it's properties. If the publisher is not listed, and if there is no description and version number, then the work is suspect.
3) Indescribed services. If the msconfig applet doesn't show a description for a Windows service on the tab, the product is suspect. Here's where even Symantec, Adobe, Roxio and even old Microsoft applications start to break down.
4) ActiveX components in Internet Explorer that are not described are likewise suspect. And yes Microsoft releases such beasties themselves.
Safe computing is no fun in the short term, but nakes your life easier in the long-term. We need to insist that coders use professional practices if they expect us to run their applications.
End of Soapbox Spiel.
Good luck in the future.
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
