Computer Maintenance

Mon Oct 11, 2004 8:55 am by parabolix

I thought that with the recent outbreak of spyware etc, this would be a handy thread to have in here, to stop random ones from popping up every so often. This can be a place to ask for help or to post any information you may have. If everyone contributes, maybe we can be a small part of helping to lessen the threats that hackers pose every day.

To start, I'll post a little bit about the CWS (Coolwebsearch) Trojan, namely the SearchX variant.

For those of you that don't know, CWS is a widespread trojan that affects many computers, there are dozens of variants of it, but the SearchX variant is especially hard to remove. It burrows itself in your computer and the registry entry is hidden so you cannot read it. The registry entry also restores the infected dll if you delete it, and the infected dll restores the registry. To remove it, go onto your start menu and use run. Type "regedit" (without the quotations) in the box. Be sure to make a backup before editing.

Expand the registry tree until you get to; HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows

Try deleting the key AppInit_DLLs. It gets deleted, but press F5 and you'll see that it is restored again. To get around this problem you will have to do the following:

1. Go back to the part of the tree you were just in, HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows
2. Rename the Windows folder in that part to Windows2.
3. Delete the AppInit_DLLs key from the registry.
4. Rename the folder to Windows again.
5. Now that the key is gone, and the infected file is unable to restore it, run your adaware (or whichever scanner you may use) scanner (after updating it) and delete any infected files.

Linkies

:
Lavasoft - Ad-Aware
CWShredder - CWS Trojan Removal Tool
Hijackthis - Before deleting anything using this program, post log on computer help website
Computer Help Forums - Here is where you can post logs from Hijackthis
Tweaknow - Developers of Regcleaner, buy or download the free version here

See, I try to help the community out sometimes

Edited by - parabolix on 10/11/2004 1:46:45 PM

Mon Oct 11, 2004 11:44 pm by Esquilax

Well that should come in handy, but remember that the best defence is PREVENTION

.

Tue Oct 12, 2004 3:15 pm by parabolix

Duh Esqy

That's another reason for this thread, so people can post knowledge they have about computer problems in general, prevention, repair, anything

Tue Oct 12, 2004 5:14 pm by Boscoe

Three I use are adaware, Spybot Search and Destroy, and Spyware Blaster. All three available at Download.com
AdAware and Spybot S and D are search and remove tools, Spyware Blaster runs continually and protects. Norton AV 2004 also has spyware and trojan removal. Obviously, you have to buy NAV, but the others are all free for private use. So far they've all worked very well together.

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
The Next Thing I Say To You Will Be True
The Last Thing I Said Was False

Tue Oct 12, 2004 6:28 pm by parabolix

Boscoe,

I use the exact same programs you use

. I too have been ok with spyware prevention, though I'm certain I've got a trojan left on here somewhere.

Wed Oct 13, 2004 1:31 am by Esquilax

Well I'd just like to say that you shouldn't NEED those programs if you have a good firewall, use a decent browser (not IE

), don't go to dodgy sites, don't open emails from people you don't know, don't download rubbish, and read the SLAs before you install something. See Para? PREVENTION

.

Wed Oct 13, 2004 2:55 am by kimk

i use zonealarm. and nav2004. so far so good i think.

and prevention rocks!

Wed Oct 13, 2004 3:14 am by Boscoe

Agree completely Esquilax! Unfortunately my kids have their own computer (which I upgrade each time I upgrade mine, they get the old parts...) I've tried to firewall theirs, but they keep complaining to me when they can't get into sites, which are harmless, and having 3 kids whine about not getting into "neopets" would have any father cringe.
We're on a wireless network in the house, and I have to remote monitor theirs to keep them from unknowingly downloading spyware. Also, they use AOL IM (which I personally can't stand) and many trojans come through there. I run all four of the programs I mentioned on their machine, and always find things. Thankfully they don't infiltrate my system, the famous "Boscoe's Bad Boy" from the wireless. My wife, however, still opens emails from unknown sources, and I've had to regedit a few times because of that.
So, Amen to prevention and a good firewall, but sometimes other less computer savvy folks use my system, so I need the programs as well.

Oh, regarding browsers, try Mozilla Firefox, just came out, and I don't have the link handy, but do a google search. Fastest browser I've ever used!
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
The Next Thing I Say To You Will Be True
The Last Thing I Said Was False

Edited by - Boscoe on 10/13/2004 4:15:26 AM

Edited by - Boscoe on 10/13/2004 4:20:14 AM

Wed Oct 13, 2004 4:33 am by Esquilax

Ah yes, the family ; the true threat to computer security. I understand completely Boscoe. My cousin is 27 and he *still* manages to trash his machine on a regular basis (thank you Yahoo! Messenger). He cannot comprehend the meaning of "prevention", let alone "security"

.

As for Firefox, have been using and recommending it for many months. *Looks around to see if Mustang is watching* I believe that the expression among the little people is "Firefox roxxorz!111!1!". Is that right?

Edited by - esquilax on 10/13/2004 5:39:01 AM

Wed Oct 13, 2004 3:13 pm by Boscoe

LOL.

Not only will she be whining for how to fix the system, but for the money to get the "Sims 4" and some extra for pizza.

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
The Next Thing I Say To You Will Be True
The Last Thing I Said Was False

Wed Oct 13, 2004 5:24 pm by Indy11

*Frantically looks through phone directory for numbers of local area convents*

Thu Oct 14, 2004 1:02 am by Esquilax

Here you go Ed, I thought that I'd save you some time;

1
2
3

Thu Oct 14, 2004 1:10 am by cardam|ne

may i ask what a convent is?

----------------------------------------
Author of the Freelancer Neural Net
Administrator of Kryosphere Studios

Thu Oct 14, 2004 1:22 am by Esquilax

No

. Who wants to handle this one in an amusing fashion?

Thu Oct 14, 2004 5:42 am by Indy11

Thanks Esqy!

Cabrini. Hmmmmmmmmm.

Important Message

You are browsing the archived Lancers Reactor forums. You cannot register or login.
The content may be outdated and links may not be functional.

To get the latest in Freelancer news, mods, modding and downloads, go to
The-Starport