Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

I need a bit of computer advice/help, please!
12/06/04 | me

Posted on 12/06/2004 8:48:09 PM PST by IamHD

I think that I may have a trojan or a keylogger or something on my computer. I have tried everything that you can think of, short of completely deleting everything from my computer. I have all up to date anti-virus protection, pop-up stoppers, hijackthis, etc., etc., etc. I accidentally found 1,000's of porno, gambling, dialers, etc., in my REGISTRY:

HKEY_CURRENT_USER

LEADS TO INTERNET SETTINGS, THEN HISTORY, FILLED WITH HUNDREDS OF PORNO, GAMBLING AND AD SITES, AND;

LEADS TO A FOLDER CALLED ZONEMAP, WITH IS FILLED WITH OVER A THOUSAND MORE DIALERS, GAMBLING AND PORN SITES.

I have tried everything to delete them, and they keep reappearing in my REGISTRY. If I use my search option and check for these files, they don't show up, but they are in the REGISTRY. In the registry, it shows that these files are in my History and my Favorites, but they aren't. HELP!


TOPICS: Computers/Internet
KEYWORDS:
Navigation: use the links below to view more comments.
first previous 1-2021-4041-60 last
To: IamHD

Seriously, download Firefox. I love it and run it with Spybot. No spyware crap ever since.


41 posted on 12/07/2004 5:49:35 PM PST by rintense
[ Post Reply | Private Reply | To 40 | View Replies]

To: IamHD
Don't feel dumb. I got this thing in July of '01, and was just looking for screensavers through a Google list, (even then you didn't get so many nasties while looking for screensavers and WebShots and various other programs, etc - what a difference in a couple of years ), and just clicking a link on the Google page got me a critter.

Send me your startup list and hijack log in a private mail. I might be able to help, at least somewhat.

42 posted on 12/07/2004 5:55:54 PM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. ©)
[ Post Reply | Private Reply | To 37 | View Replies]

To: IamHD
Did you reformat before you reinstalled your OS and programs ?
I had a problem, were, I had my PC turn off by it's self, then, someone told he it sounded like I had a virus on my PC, and I could not even run any scans on my PC, either SPYWARE scans, or Virus scans.
I would be in the middle of something, and then, BINGO it would shut down by it's self.
There is a program I also use to check for worms, I am not sure if ( COOLWEBSEARCH ) is a worm, but, heres the program that will scan your PC for it.
It's called ( CWShredder V.2.00 ) I just checked, it does scan for COOLWEBSEARCH ,, by INTERMUTE Inc. I think I got it from ( C - NET ) . Take care. When in doubt, reformat.
43 posted on 12/07/2004 6:31:00 PM PST by Prophet in the wilderness (PSALM 53 : 1 The ( FOOL ) hath said in his heart , There is no GOD .)
[ Post Reply | Private Reply | To 32 | View Replies]

To: IamHD
Yup,, I just checked, COOLWEBSEARCH is a worm , or Trojan.
Need to get those off of your PC as fast as you can.
44 posted on 12/07/2004 6:32:55 PM PST by Prophet in the wilderness (PSALM 53 : 1 The ( FOOL ) hath said in his heart , There is no GOD .)
[ Post Reply | Private Reply | To 32 | View Replies]

To: JoJo Gunn

You have FReepmail. :)


45 posted on 12/07/2004 6:38:52 PM PST by IamHD
[ Post Reply | Private Reply | To 42 | View Replies]

To: edchambers
So far, I have not had any problems with using WINDOWS XP SP 2 patch, with ZONELABS firewall.
Only problem I have is, in your connections icon in the task bar, it says " LIMITED or NO CONECTIVITY "
Take care, and I thank you for the INFO.
Hey ? did you check out Peter Jacksons new movie web sight ? he is making a new version of KING KONG , and he is trying to stay in the theme of the original version, but, only improving upon it.
You can actually go to the web sight of the movie ( KONGISKING.NET ) and watch them in the prosses of making the movie. Pete Jackson is even letting people ask questions, and give him some ideas about the movie.
46 posted on 12/07/2004 6:44:02 PM PST by Prophet in the wilderness (PSALM 53 : 1 The ( FOOL ) hath said in his heart , There is no GOD .)
[ Post Reply | Private Reply | To 26 | View Replies]

To: IamHD

Let me be the first to say...."Are you logged in?"


47 posted on 12/07/2004 6:46:41 PM PST by Preech1 (God, Bless America Please!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: IamHD
Question: What are you using to locate the files in your registry?

What happens when you delete them and what are you using to do the deletion.?

I suspect you are not erasing the actual items, but the reg keys that keep track of them. That is why they get replaced.

There are a few free reg cleaners that have a nifty automatic cleaner that does pretty well.

I use reg Medic, that I paid a few dollars for and it is safe to use in auto. It roots out all of the locations and creates a backup if you screw something up.

Your op system is part of the problem. It is a real piece of work. I dumped mine and got XP.

48 posted on 12/07/2004 7:02:54 PM PST by Cold Heat (What are fears but voices awry?Whispering harm where harm is not and deluding the unwary. Wordsworth)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Preech1
Of course not. I'm
49 posted on 12/07/2004 7:09:24 PM PST by IamHD
[ Post Reply | Private Reply | To 47 | View Replies]

To: IamHD
Just read the post where you discovered that spybot loaded the stuff on your registry. I do not have that one, so I have never seen that.

I would not worry too much, now that you have ZA. It works like a charm. But remember that you tell it what to do, so it will open a port if you say it is OK.

I run mine with the warnings turned off unless a prog asks for permissions.

Also, make sure you have a updated virus screener that has a recovery data base. These fool hooks latch onto required files and kill your OS.

Run scan disk at full checkout and then run defrag. You need to kill your browser and all working programs when you do this so nothing interferes with the defrag.

I used to recommend doing it in safe mode, but some os defragers misinterpret and rearrange or loose data so I run it hot booted but programs off.

It really helps the speed if you keep it defraged if you do not have a high speed drive or large capacity. I have a older machine that needs tuneup frequently.

50 posted on 12/07/2004 7:23:05 PM PST by Cold Heat (What are fears but voices awry?Whispering harm where harm is not and deluding the unwary. Wordsworth)
[ Post Reply | Private Reply | To 1 | View Replies]

To: IamHD

As a good start, go to SEARCH. Search by date for all CREATED files in the last two weeks.

That should give you a start.

If you are clueless, you could have stuff in there for a year already.


51 posted on 12/07/2004 7:50:01 PM PST by A CA Guy (God Bless America, God bless and keep safe our fighting men and women.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Prophet in the wilderness

(So far, I have not had any problems with using WINDOWS XP SP 2 patch, with ZONELABS firewall.)

That's exactly what I'm doing.I tried at first running both the XP fire wall and Zone alarm.Windows warned me against doing it but I tried it anyway I seem to remember it being a bit tedious and somewhat confusing.Also the Xp firewall tweaked some setings in IE and made it so alot of websites no longer worked connectivity was sketchy at best.I turned off the windows firewall and have been using Zone Alarm ever since.Also I've noticed that Mozilla Firefox seems to maintain a connection quite a bit more reliably than IE.


52 posted on 12/07/2004 7:57:24 PM PST by edchambers ("Pajamahadin Neocon footsoldier of the Haliburton Death squad Digital brown shirts")
[ Post Reply | Private Reply | To 46 | View Replies]

To: Cold Heat
Now why would we want to dump such a "piece of work" just to have the dubious honor of shelling out hard earned cash for the latest supposedly stable yet without question no safer OS, and to suffer insult to injury need authorization to use it given by some zit cragged former fry cook?
53 posted on 12/07/2004 8:03:06 PM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. ©)
[ Post Reply | Private Reply | To 48 | View Replies]

To: JoJo Gunn
The most recent computer I bought with XP, about two months ago, already had the license key set. I did not like the setup however and reloaded the program. Again, it did not ask.

I don't think they are even using that anymore, except for upgrades. I do not recommend upgrading ME to anything. Just dump it. Been there and done that. Do the clean install option.

The programs are now coded to the machine it is sold with and cannot be used on anything else.

Mission accomplished.

They wanted to stop unlicensed programs from being distributed, and It looks like they did, at least for the masses. Some of us geeks can make them work, but frankly a machine without a backup OS disk is practically useless in this virus and hook loaded Internet.

XP is OK, I like it as much as the 98se, now that most of the bugs are out. The new firewall is effortless and it works, and the browser is not something I have ever had a problem with.

I tried mozilla, and still have it, but it does not like my laptop. It runs ok on the desktop, but composing on Mozilla is difficult due to cursor misalignment problems that I cannot seem to overcome.

54 posted on 12/07/2004 8:20:10 PM PST by Cold Heat (What are fears but voices awry?Whispering harm where harm is not and deluding the unwary. Wordsworth)
[ Post Reply | Private Reply | To 53 | View Replies]

To: IamHD

To me everything looks good. I'd have just answered you on Freepmail, but what I'll say ties in with what I wrote earlier, and someone might benefit from reading this down the road.

I see you're running a program called AdShield. According to this guy, here:

http://www.chrismyden.com/nuke/article.php?thold=-1&mode=flat&order=0&sid=96

you can also append to the block list, either individually or in one large list. I downloaded his list and it contains many very familiar nasties. I don't use that program, but I know it'll place that list in the registry somewhere.

EVERYthing gets placed in the registry, so at first glance don't get upset when you see the name of an undesirable in your machine.


55 posted on 12/07/2004 8:20:48 PM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. ©)
[ Post Reply | Private Reply | To 45 | View Replies]

To: IamHD

bump for later read


56 posted on 12/07/2004 8:25:44 PM PST by BJungNan (Stop Spam - Do NOT buy from junk email.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cold Heat
16 tons, and whaddya get?...

My biggest problem with XP is the precedent.

Like I told someone else, can you imagine such a precedent taking hold, where nobody really complains, and one day they wake up and find they have to call Ford or Chevy to get their car started??? Or SONY to turn on their radios? Or Kelloggs to be able to open up the box of corn flakes?

Some doors should never be opened.

I'm as free market as they come, but I don't like that kind of crap. When ME gets threadbare, I suppose I'll have to give Linux a shot. From the rumors of Longhorn, and that "lockbox", they'll likely have those dang fry cooks authorizing your being able to play a .wav file or open a picture from Aunt Bertha.

....I owe my soul to the company store....

57 posted on 12/07/2004 8:43:41 PM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. ©)
[ Post Reply | Private Reply | To 54 | View Replies]

To: JoJo Gunn
Yes, there are some things, like these music services that plant crap on your computer so they can talk, makes me nervous. But the key thing I understood, having seen and repaired dozens of systems with pirated/copied software and no backups.

A one time, prior to the key, there were hundreds of thousands of used computers, perhaps millions that were being resold though jobber warehouses in Texas and other places. They never paid a nickel for the software and all these people ragged Microsoft for computers that did not work or software that was unsupported.

I was forced as a business man at the time to agree with what they did, because I could not come up with a better way to do it. They were really getting whacked by the fallout. They took their time and acted prudently, but I do understand your perception.

58 posted on 12/07/2004 9:11:12 PM PST by Cold Heat (What are fears but voices awry?Whispering harm where harm is not and deluding the unwary. Wordsworth)
[ Post Reply | Private Reply | To 57 | View Replies]

To: Cold Heat

I can understand MS's plight. But I also view them, and so much of the business world, as antagonistic to the customer. Just look at the RIAA with their copy protecting CD's I supposedly have fair use rights to under Federal law, and the MPAA (why do DVD's "have" to have regional codes?). Seems a man like me is always caught in the middle. Either they don't really want, or appreciate, my hard earned cash, which I'll shell out if the product is appealing. CopyGuard and product authorization is like the old adage about locks on the doors of your house - they're to keep your friends out.

Don't get me wrong. I'm not a hard core Gates basher, far from it. I run Firefox 99 percent of the time, (the only real reasons because of the popup blocker and the adblocker), but can kick them around just as well. Mozilla stuff is spread all over the place, and having to scour the web for themes and extensions every dang time they pass wind is a major irritant. Their forum is loaded with typical anti-MS elitists and even more of those famed zit cragged fry cooks, and the mods will protect the adolescent snots instead of older and logical thinking people, so advice is best sought elsewhere.




On the subject of MS backing off on the keys for XP, are you referring to how HP and possibly others don't ship XP recovery discs, instead having it on a protected partition of the hard drive? That way you perhaps don't need authorization after every reinstall, but what about if the HD fails?

Ain't computing fun?


59 posted on 12/07/2004 11:04:15 PM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. ©)
[ Post Reply | Private Reply | To 58 | View Replies]

To: JoJo Gunn
On the subject of MS backing off on the keys for XP, are you referring to how HP and possibly others don't ship XP recovery discs, instead having it on a protected partition of the hard drive?

I have three computers. Two are upgrades to XP and both had the key. My laptop (dell) blew up.(let the smoke out of it during the televised debates)

Anyway, I went to Walmart and bought a new temporary replacement lap. (Averatec) I would never buy a HP. They suck. I was not aware they did not ship a backup. That is very unwise.

It came with XP installed, also a copy of Norton and some other crap. I hate Norton!

Anyway, as Norton usually does for me, it Id's a virus, or what it thought was a virus and quarantined it.I had set the stupid thing to do what I wanted it to do and that is to delete any virus it found so that I did not need to mess with it.

So, it did and it also deleted some code the Xp OS needed to operate and crashed the system. I cussed and reformatted the drive and reloaded the OS clean without the offensive Mr. Norton.

I expected the key thingy to pop up and ask to be sent to MS,but it never did. That bothered me, so I reloaded and again it did not come up.

I took the OS disk for the lap and put it in the desk top for the hell of it, and it came up witha warning that I had inserted it in the wrong computer.(pretty neat!)

Anyway, no key was needed, and that is why it did not come up.

MS monitors the key, only to the extent that if a hundred key requests come through for the same OS serial number on different computers it red flags the OS for some further investigation to see if there is copyright infringement.

If you reload and use the key a thousand times on the same box, they could care less. No red flag.

I have no idea when/if constant reloading on the same box would trigger a flag, but I have reloaded and reformatted dozen times on on of my desktops that I experiment on a great deal. It is my workhorse and the most secure machine I have for banking and stuff. I have never had a problem resetting the key multiple times in one day.

I figure, they really don't need the key anymore, except for the upgrade disks. The copyright protection on the disks are now sufficient to control the copyrights.

60 posted on 12/08/2004 10:04:33 AM PST by Cold Heat (What are fears but voices awry?Whispering harm where harm is not and deluding the unwary. Wordsworth)
[ Post Reply | Private Reply | To 59 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-60 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson