Don't worry about your computer having been infected, it's fine!



  • Disclaimer: edited to protect the guilty.

    I wanted to let you know that this one relative's IT guy from his company came over last night to check my computer. He did find two Malware: one was for Google Chrome and the other was something with “PUP” and both were removed. He told me there was no key logger on my computer that he could find and I had my anti-virus set up correctly. Just like @redwizard said, he stated there still possibly could be something hidden but assured me that I should be fine. Thanks for your help and I will let you know if I get any updates.

    I love how the IT guy says:

    there still possibly could be something hidden

    which was the agreeing with me part. But then:

    assured me that I should be fine.

    :wtf:

    Does he really believe that? Or was he too lazy to do a proper job? I'll never know.


  • sockdevs

    So when he says

    one was for Google Chrome

    does he mean an extension or something, or Chrome itself?


  • Winner of the 2016 Presidential Election

    He probably just didn't use google Ultron thereby posing a security risk!

    Filed Under: Common mistake!



  • @RaceProUK said:

    does he mean an extension or something, or Chrome itself?

    All I know is what I posted above. Could be either.


  • :belt_onion:

    Probably SuperAwesomeStartPageAdware 1.4.7 or something. Pretty much every computer with Chrome I touch has that.

    Also, iLivid. Whatever the fuck that is.


  • sockdevs

    A download manager, apparently



  • @redwizard said:

    assured me that I should be fine.

    Right after turning the computer into a brick...thus providing 100% assurance that there was no active virus or malware. :smile:



  • @Onyx said:

    iLivid. Whatever the fuck that is.

    It's a FREE MOVIES trojan-laced FREE MOVIES downloader easily found and FREE MOVIES much beloved by teenage FREE MOVIES sysadmins. I uninstall it on sight and install Video Downloadhelper instead.



  • @flabdablet said:

    I uninstall it on sight and install Video Downloadhelper instead.

    That's the one (except Chrome version) I disabled because it kept clickjacking me to a Flash update site — IIRC, not the official one. At least the name is the same.



  • I wasn't aware that a Chrome version was available.

    There's a metric shitload of video downloaders, many of them packaged as browser extensions, and almost all of them are trojans in one way or another. Closest I've ever seen VDH get to that is trying to upsell its format conversion components.



  • @flabdablet said:

    I wasn't aware that a Chrome version was available.

    Maybe it's not the same thing, but it has the same name — hmm, almost; "Download helper" is two words not one. And it doesn't seem to be in the Chrome store any more. Yeah, I don't think I'll be enabling it again.

    @flabdablet said:

    There's a metric shitload of video downloaders
    The only one I use somewhat regularly is YouTube Center, which does a bunch of useful stuff besides downloading. I just wish it would work with videos embedded in other pages, like here.



  • @HardwareGeek said:

    almost

    Yeah, there's a lot of that.



  • @HardwareGeek said:

    it kept clickjacking me to a Flash update site

    Allow me to clickjack you to mine.



  • @redwizard said:

    Does he really believe that? Or was he too lazy to do a proper job? I'll never know.

    I don't really see the contradiction between the two. "Should be fine" is definitely different than "you are definitely fine." :giggity:

    INB4: :hanzo:



  • @HardwareGeek said:

    The only one I use somewhat regularly is YouTube Center, which does a bunch of useful stuff besides downloading. I just wish it would work with videos embedded in other pages, like here

    It does. At least the version for Opera (=Chromium) that I use does. I use it mainly for enabling HTML5 video by default (YouTube still pushes Flash for Opera for no possible reason)



  • @eor said:

    It does. At least the version for Opera (=Chromium) that I use does.

    Not for me on Chrome. I have it set to audio volume at 20% and disable annotations; neither of which happen on YT videos embedded here.



  • @HardwareGeek said:

    Not for me on Chrome. I have it set to audio volume at 20% and disable annotations; neither of which happen on YT videos embedded here.

    Well I'll be damned. I haven't tried the volume control before but it doesn't seem to work here either. I can set the default bitrateresolution though. Are you seeing this tab?


  • :belt_onion:

    I just use youtube-dl.

    Yes, having a button right there is convenient, but youtube-dl makes up for it by providing lots of useful options. Like downloading entire playlists, extracting audio, etc.



  • @eor said:

    Are you seeing this tab?

    Yes:

    As you can see, volume control is enabled and set at 20%.

    @Onyx said:

    I just use youtube-dl... downloading entire playlists, extracting audio, etc.
    I think YouTube Center can do at least some of those, but I don't use those features, so I'm not sure exactly what. I don't see a way to download an entire playlist, but I didn't put a lot of effort into looking. I used to use another downloader — maybe youtube-dl, but I don't remember for certain — that would download any subtitle file associated with the video; that's a feature I miss (but I think maybe it used an older API, so it didn't work any more, anyway).



  • @HardwareGeek said:

    As you can see, volume control is enabled and set at 20%.

    I just realized now that none of this shit really works anymore, though it used to. A peek into the console reveals that YouTube enforcing https seems to be the culprit:

    YouTubeCenter.js:11883
    Uncaught SecurityError: Failed to read the 'frame' property from 'Window': Blocked a frame with origin "https://www.youtube.com" from accessing a frame with origin "http://what.thedailywtf.com".  The frame requesting access has a protocol of "https", the frame being accessed has a protocol of "http". Protocols must match.
    

    This thread is starting to veer off topic really fast



  • @redwizard said:

    I love how the IT guy says:

    there still possibly could be something hidden

    which was the agreeing with me part. But then:

    assured me that I should be fine.

    :wtf:

    Does he really believe that? Or was he too lazy to do a proper job? I'll never know.

    Meh, I use language like this all the time when talking to non IT-literate users, the translation of what he said into geek-speak is:

    I didn't check for rootkits, but I saw no evidence to indicate a rootkit scan was needed.



  • @eor said:

    This thread is starting to veer off topic really fast

    Welcome to TDWTF.



  • @Zadkiel said:

    I saw no evidence to indicate a rootkit scan was needed.

    Just the fact that any malware was found at all is evidence that a rootkit scan should be done, minimum. Today's rootkits are sufficiently well-written where they don't cause performance or misbehaving issues like the ones of 10 years ago did.

    Where I work, any infection found is an automatic re-stage. No exceptions. (Adware itself with no other malware present is not considered an "infection" in this context, otherwise we'd be re-staging every machine that updates Java and adds the Ask Search Toolbar with it.)



  • @redwizard said:

    @Zadkiel said:
    I saw no evidence to indicate a rootkit scan was needed.

    Just the fact that any malware was found at all is evidence that a rootkit scan should be done,

    Reading between the lines of the OP, the machine was clean. The 'chrome' malware was probably just some tracking cookies, or an out of date java extension, or something, and the other was a PUP, or 'potentially unwanted program' which, well, most can be safely ignored. If I was to do a PUP scan on my PC right now it would probably flag about 10 applications I've got installed, like Cain & Abel - the key word in PUP is 'potentially'.

    The kind of person who ends up with a rootkit is the kind of person who ends up riddled with malware, adware, virusses and is using IE with 38 toolbars and about 1 inch of readable webpage space underneath. OK, I exaggerate, but clearly the tech took one look at this machine, found it clean and well maintained, and thus decided a rootkit scan was un-necessary.



  • I don't know about volume control, but the easiest way to disable annotations is to add a rule to your adblock filter:

    ||youtube.com/annotations_
    

    Of course, you can't easily enable them for a specific video after that. Since annotations are never actually useful, but only serve to get in the way, this is an acceptable compromise.



  • @Zadkiel said:

    decided a rootkit scan was un-necessary

    A run of GMER only takes about 5 minutes. A virus/malware scanner might not see a brand-new variant of some nasty but if it's trying to hide you'll see some suspicious things, if not an outright detection, with a rootkit scanner.
    Its a half-assed job otherwise. Always go full-assed ;)

    @Zadkiel said:

    The kind of person who ends up with a rootkit is the kind of person who ends up riddled with malware

    I've seen an otherwise spotless machine with Zeus on it.


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.