jasmine
New Member
Posts: 36
Former World Start Member: Yes
World Start Name: Jasmine
|
Post by jasmine on Sept 7, 2018 10:27:27 GMT -5
Does anyone know if publisher names such as Microsoft Corporation or Lavasoft can be faked in the Control Panel as part of a scam by someone who doesn't want a user to his or her computer has been "infiltrated" by malware?
|
|
|
|
Post by jholland1964 on Sept 7, 2018 13:10:08 GMT -5
Why are you asking this question? Obviously a fake version of any program could be installed and it would have the name usually seen, like Microsoft Word or whatever. What is it you really want to know? Is it the Lavasoft program you are questioning? I ask this since the possible date of your malware infection in your earlier thread probably occurred sometime around August 2nd and I seen the Lavasoft program was installed on that date. Web Companion by Lavasoft is usually installed by another program that you installed yourself and many people have problems getting rid of it. Did you personally choose to install it or did it just appear? AND, if it just appeared what was it that you downloaded on that same date? If you know what it was get rid of it.
Many people and computer sites regard this as malware because it is often bundled with something else & then installed without the users permission along with whatever it was that they actually chose to download.
So yes, it IS a Lavasoft program not a fake publisher name. Would I keep it on my computer, No. It will likely cause problems. Remove it.
It adds roughly 26 other files along with an auto start command so that it automatically starts up when you boot the computer, it also adds a Windows Service that runs all the time in the background, it adds a background controller service along with a scheduled task in order to launch the program at various scheduled times.
By the way, I removed the extra copy of the same post that you inadvertently added when editing, that is why you cannot see it any longer. |
|
jasmine
New Member
Posts: 36
Former World Start Member: Yes
World Start Name: Jasmine
|
Post by jasmine on Sept 8, 2018 8:32:42 GMT -5
Why are you asking this question? Obviously a fake version of any program could be installed and it would have the name usually seen, like Microsoft Word or whatever. What is it you really want to know? Is it the Lavasoft program you are questioning? I ask this since the possible date of your malware infection in your earlier thread probably occurred sometime around August 2nd and I seen the Lavasoft program was installed on that date. Web Companion by Lavasoft is usually installed by another program that you installed yourself and many people have problems getting rid of it. Did you personally choose to install it or did it just appear? AND, if it just appeared what was it that you downloaded on that same date? If you know what it was get rid of it.
Many people and computer sites regard this as malware because it is often bundled with something else & then installed without the users permission along with whatever it was that they actually chose to download.
So yes, it IS a Lavasoft program not a fake publisher name. Would I keep it on my computer, No. It will likely cause problems. Remove it.
It adds roughly 26 other files along with an auto start command so that it automatically starts up when you boot the computer, it also adds a Windows Service that runs all the time in the background, it adds a background controller service along with a scheduled task in order to launch the program at various scheduled times.
By the way, I removed the extra copy of the same post that you inadvertently added when editing, that is why you cannot see it any longer. Thanks again! I searched in Downloads for both Web Companion and Lavasoft without finding either. Since purchasing this computer, the only anti-virus and anti-malware program I have knowingly used until two days ago was Windows Defender, and I will of course go ahead and uninstall Lavasoft.
In saying "Obviously a fake version of any program could be installed and it would have the name usually seen, like Microsoft Word or whatever" you have answered my question about spoofing publisher names in the Conrol Panel. Thanks! |
|
|
|
Post by jholland1964 on Sept 8, 2018 8:43:23 GMT -5
Jasmine, you have not understood what I said. I absolutely did NOT mean that it is likely that spoofed manufactures will be found in the Control Panel, I meant it COULD possibly happen but not often for sure. I personally have NEVER seen it. Something like that probably would appear as Lavesoft or Lavosoft or something like that, not Lavasoft. Many people wouldn't notice the mis-spelling so it would look legitimate but it isn't. This gives the creator the right to say, the spelling is different than the real version and the user should have noticed.
You will NOT find Web Companion or Lavasoft in Downloads. You WILL find it on your computer because it shows in Programs & Features as having been INSTALLED on August 2. You will not see it in downloads because it came in bundled with SOMETHING else FREE that you DID download from an untrusted web site.
That is what you need to figure out, what did you download on August 2nd because whatever that was it came SECRETLY bundled with other programs. You do not DELETE you must Uninstall Web Companion. You must do a search on your computer for Lavasoft and delete what you find, AFTER doing the Uninstall of Web Companion |
|
jasmine
New Member
Posts: 36
Former World Start Member: Yes
World Start Name: Jasmine
|
Post by jasmine on Sept 8, 2018 12:58:57 GMT -5
I previously uninstalled WebCompanion then followed your suggestion to delete Lavasoft. It's now gone. Whatever it was the was downloaded on August 2 does not appear now in Downloads -- under the date of August 2.
|
|
|
|
Post by jholland1964 on Sept 8, 2018 14:49:55 GMT -5
I previously uninstalled WebCompanion then followed your suggestion to delete Lavasoft. It's now gone. Whatever it was the was downloaded on August 2 does not appear now in Downloads -- under the date of August 2.
You have to play detective yourself. The INSTALL date of the Web Companion was August 2nd. That does not mean it was downloaded that day, it could have been days or weeks before. YOU have to do some investigating, there is no way I can tell you what brought it in but it absolutely DID come in with a download that you chose to make. Some things just sit there and wait for some unknown trigger to be pulled that initiates the install. Nobody can tell you jasmine WHAT brought this in, only that it WAS brought in with something that your personally chose to download. 99% of the time these things come onto the computer bundled with something Free from an unsafe web site. That is how some companies make their money, they are paid to include "extras" with their free downloads. This is why we always constantly say to only download programs directly from the developer or manufactures site and if they send you elsewhere then for the download then you do not want it. Direct downloads are preferable from the manufacturer. You don't need ANY special tool for downloading. Often those special tools are what bring in the malware. Special download tools are NEVER needed. You NEVER, EVER need a download accelerator or a download manager or any special tool like that. NEVER use them and if a site says you need something like that to do downloads then get away from that site ASAP and make the conscious decision that you don't need whatever you were going to download. Here is a list of just a few of sites where you should NEVER get a download from: CNET., Download.com, Softomate, Softonic, Soft32, Brothersoft, Tucows, SourceForge. Filewon.com If you see something you think you might like, check out the developer. Don't just download and for heaven's sake don't download anything just based on a google search. If you want to know if something is safe and you cannot find information needed then post here and ask. Somebody for sure will have the answer for you. |
|
|
|
Post by budgall on Sept 8, 2018 16:20:09 GMT -5
Additional advice about downloaded program files:
When installing a downloaded program, always used the advanced install option. A normal install many times will include additional unwanted programs pre selected for installation without prompts asking if you want to install them. Advanced installations usually offer you the chance to deselect these offers. Read all displayed screens carefully, you may need to check or uncheck a box to obtain the desired results.
|
|
jasmine
New Member
Posts: 36
Former World Start Member: Yes
World Start Name: Jasmine
|
Post by jasmine on Sept 9, 2018 9:00:03 GMT -5
I previously uninstalled WebCompanion then followed your suggestion to delete Lavasoft. It's now gone. Whatever it was the was downloaded on August 2 does not appear now in Downloads -- under the date of August 2.
You have to play detective yourself. The INSTALL date of the Web Companion was August 2nd. That does not mean it was downloaded that day, it could have been days or weeks before. YOU have to do some investigating, there is no way I can tell you what brought it in but it absolutely DID come in with a download that you chose to make. Some things just sit there and wait for some unknown trigger to be pulled that initiates the install. Nobody can tell you jasmine WHAT brought this in, only that it WAS brought in with something that your personally chose to download. 99% of the time these things come onto the computer bundled with something Free from an unsafe web site. That is how some companies make their money, they are paid to include "extras" with their free downloads. This is why we always constantly say to only download programs directly from the developer or manufactures site and if they send you elsewhere then for the download then you do not want it. Direct downloads are preferable from the manufacturer. You don't need ANY special tool for downloading. Often those special tools are what bring in the malware. Special download tools are NEVER needed. You NEVER, EVER need a download accelerator or a download manager or any special tool like that. NEVER use them and if a site says you need something like that to do downloads then get away from that site ASAP and make the conscious decision that you don't need whatever you were going to download. Here is a list of just a few of sites where you should NEVER get a download from: CNET., Download.com, Softomate, Softonic, Soft32, Brothersoft, Tucows, SourceForge. Filewon.com If you see something you think you might like, check out the developer. Don't just download and for heaven's sake don't download anything just based on a google search. If you want to know if something is safe and you cannot find information needed then post here and ask. Somebody for sure will have the answer for you. Upon clicking Uninstall (in the Control Panel), I got the message in the attachment.
Should I click "Yes, I'll take the chance", assuming it's awaware's last prospect of retaining a "hold on my computer"? It's a little elbow bending, isn't it? I don't remember seeing this kind of message during an uninstall.
Attachments:
|
|
|
|
Post by jholland1964 on Sept 9, 2018 9:38:00 GMT -5
Many, many, many programs do have a legitimate prompt asking you if you are sure that you want to uninstall the program. There is nothing odd or unusual about this. People often do mistakenly click the wrong program to remove, hence the prompt. As I said, not all programs have this but some do.
But with this one, course uninstall it!! Why would you even ask? It IS malware. You really are not making a lot of sense. Previously you said this:
IF you truly did this then why are you asking this question now? It should not be there at all to even be able to give you a prompt like this.
But PLEASE tell me did you previously uninstall this malware as you claimed or are you just doing it now this morning?
I also have a request and that is when you do create a thread or make a reply that you please stick around long enough for people to read it and reply. You consistently have not done this. You make a post and then leave for usually 24+hours and you always do this. You have done this with nearly every thread you have created. If you would take the time and wait here in order to give people to read and reply to you 90% of your problems could have been solved in an hour or two, not 3 to 5 days. Look through all of your threads and nearly all of them you have received a reply within an hour of your posting the problem. This one is beginning its 3rd day, it all could have been finished before evening on the 7th if you had been polite enough to wait for replies.
Some major problems, like malware are made much worse the longer it takes for the infected computer to be cleaned. Your helpers are not at risk but you and your computer certainly are by not being willing to stick with a problem until it is solved.
|
|
|
|
Post by jholland1964 on Sept 9, 2018 19:16:00 GMT -5
Please give a print screen of the upper area of Add/Remove programs from Microsoft OneDrive on up. We need the names of programs installed and date of the install.
Also, give us the name of all programs you downloaded in the last 45 days and whatever else you may have downloaded, music, videos, pictures, etc. and the web sites they came from.
|
|
jasmine
New Member
Posts: 36
Former World Start Member: Yes
World Start Name: Jasmine
|
Post by jasmine on Sept 10, 2018 8:37:01 GMT -5
Many, many, many programs do have a legitimate prompt asking you if you are sure that you want to uninstall the program. There is nothing odd or unusual about this. People often do mistakenly click the wrong program to remove, hence the prompt. As I said, not all programs have this but some do.
But with this one, course uninstall it!! Why would you even ask? It IS malware. You really are not making a lot of sense. Previously you said this:
IF you truly did this then why are you asking this question now? It should not be there at all to even be able to give you a prompt like this.
But PLEASE tell me did you previously uninstall this malware as you claimed or are you just doing it now this morning?
I also have a request and that is when you do create a thread or make a reply that you please stick around long enough for people to read it and reply. You consistently have not done this. You make a post and then leave for usually 24+hours and you always do this. You have done this with nearly every thread you have created. If you would take the time and wait here in order to give people to read and reply to you 90% of your problems could have been solved in an hour or two, not 3 to 5 days. Look through all of your threads and nearly all of them you have received a reply within an hour of your posting the problem. This one is beginning its 3rd day, it all could have been finished before evening on the 7th if you had been polite enough to wait for replies.
Some major problems, like malware are made much worse the longer it takes for the infected computer to be cleaned. Your helpers are not at risk but you and your computer certainly are by not being willing to stick with a problem until it is solved.
I put the uninstall on my "to-do list" and failed to remember it. I offer both apologies and regrets.
(Ignorance is no excuse for infringing forum standards.)
Attachments:
|
|
|
|
Post by jholland1964 on Sept 10, 2018 15:08:49 GMT -5
(Ignorance is no excuse for infringing forum standards.)
And DID you Uninstall it? And did you do a manual search on the computer for Lavasoft and also for Web Companion? |
|
his or her computer has been "infiltrated" by malware? 
