Now, I know that my browser was hijacked by something called CoolWebSearch.com, along with a few more. I'm trying to make absolutely certain that I don't have a hidden keylogger somewhere in my computer.
When this happened late Saturday night, my Ad-aware flashed on and turned to the German language, then shutdown, along with my spybot, my anti-virus software, and my firewall, so whatever it was, it got me good. What a nightmare!
I uninstalled and reinstalled all of my programs, and since then, hackers have been trying to get in, BIG time. My firewall is showing a lot of the same IP addresses trying to get into my computer. Everytime I scan with my Ad-aware, spybot, etc., etc., I have a ton of junk to remove, and my computer is running very slow, so I think that there is still something there.
Thanks to everyone! :) I'll stop by when I get an answer on my HijackThis log that I left at 2 different sites.
I'm glad you haven't been that hammered after all. :)
One place you can't go wrong with your hijack list is here:
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
AnnMarie is one sharp cookie, and you can tell her I said so. :)
My editing skills left something to be desired in that last post. Oh well....
There's a way to save all those listed in the Restricted Zone, for the time you might have to do a reinstall.
Go to Start>Run, and type in "regedit" without the quote marks, and then find your way to that "Domains" folder for the RESTRICTED sites. Here's the path:
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
You highlight the Domains folder and then go all the way to the top and click Registry>Export registry file. Give it a name, I usually name it "nasties as of (date)" and save it.
By the way, you'll no doubt notice it's a little time consuming to find the exact place in the registry, and there's a place at the top to bookmark things, just as with a browser, "Favorites". Mark that place and you'll be able to export your unwanted additions with ease.
Since this is about nasties and such, here's another trick about entering unwanted things into that Restricted area. For example:
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\coolwebsearsh.com]
What you can do is copy and paste that into a Notepad file, and save it with whatever name you want, but save it with a .reg at the end. That'll turn it into a registry file, and then you can double click it and enter it into the registry. (You'll get a confirmation box first). Sometimes people on some sites will post comprehensive lists in plain text, and you can make your own file that's quick to enter instead of doing them all one at a time.
To all: Obviously it's not that hard to mess with the registry, so let me give this caveat: in a very real sense we're talking about brain surgery here. You break the registry, you run a good chance of breaking your OS, so be methodical and careful and don't be afraid to ask if you're not sure! Go to Start>Run and then type "scanreg" without quotes and the registry will be checked for errors and then you'll be asked if you want to make a backup. Say YES.
Bookmark this and better yet print it:
http://www.helpwithwindows.com/windows98/start-145.html
Class dismissed.... :)