Topic: ad-aware

[Lona]

I use ad-aware frequently and only ever have about 2 or 3 files to delete. I ran it last night and had 108 mostly miners whatever they are and most of the files were located in my registry.  I had three files which said possible hackers. I would have thought Norton Firewall should have protected me from hackers. There were other files, I think they were called transient files.  How do all these files get on to your system in the first place?

[Rodders]

Have been tempted to install any 'free' software recently, Lona?

Certain items of software, generically known as Trojans, can open a 'back door' to your machine.  This allows anyone with a scanner to walk straight through your firewall as if it wasn't there and then take control of your PC's functions just as easily as if they were sitting in your chair.

It would be helpful to know exactly what was logged when you ran AAW.

[Lona]

I am doing it just now, Rodders and have already found 10. I will take a snapshot and post it. I don't like the thought of anyone gaining access. I thought that your firewall stopped all intruders. Shows shows you, ignorance is bliss :-[

[Rodders]

That searchbar certainly isn't doing you any favours, Lona.  Uninstall it now (if it will let you).  Then run Ad-Aware again, just to check that the reg entries haven't been re-written.

Wild Tangent is known to 'phone home', but is otherwise regarded as being (currently) quite harmless.  If you're not using WT drivers for sexy WinAmp visuals or for freebie games, then get shot of it.  It won't be easy!

[Rodders]

I should also have stated that you don't appear to have a Trojan at work, so provided your AV detection is bang-up-to-date, you shouldn't worry too much about your machine being remotely controlled by anything AAW has reported there.

[Lona]

Rodders, how were you able to view that file?. I tried to view it and it came up blank. That's why I was sitting here trying to reduce it. I was just about to repost it but saw that you manged to view it. I didn't download that searchbar, Rodders it appeared out of nowhere as my homepage. I went into connections and changed it to blank again but it appeared tonight again. Possibly that is why when I reran ad-ware all these files were back. I will delete them and run ad-ware again. Thanks

[Rodders]

Rodders, how were you able to view that file?

It's just one of the many mystical powers bestowed on PC-Pals Moderators, Lona.  

(Actually, you posted and then removed it again.)

[Rodders]

As for the hi-jacking of your homepage and mysterious appearance of the searchbar, it would seem that your system has granted permission to an ActiveX applet that just went right ahead and stitched you up with the scumware searchbar, whether you wanted it or not.

Tip:  Review your ActiveX permissions.

[Lona]

Thought I would let you know, Rodders, that I found the culprit. It was an .exe file that somehow got on my pc called pornkings.exe. Everytime I opened up it brought up my internet connection box. It was in my startup folder, so with a little help from Bat, it's now gone for good, I hope

[Rodders]

Cool!  Keep yer hand on yer ha'penny!  

[Simon]

I've absolutely no doubt that Bat would have thought of this, Lona, but for the benefit of others, it's possible that the rogue .exe could have changed your dial up number, to something costing about £1 per minute, or worse.  This is more probable, given the fact that the .exe was automatically bringing up your dial up connection box.

Just let us know that you've checked your Internet connection dial up number, can you?   8)

[Lona]

I have checked my internet connection dial up number, Simon and it is still 0808 but that is since I got rid of the rogue.exe.  There is no way of knowing what the number was before I got rid.
I don't think I connected when the box was springing up but then others who use this pc might not have noticed that something was amiss.
I have checked my calls to date since last bill and they are sitting at £27 since March and I am on free local and national calls after 6pm. That £27 is for day time calls only mon/fri so either I have been making a lot of local calls or I could have been using £1 connection fee. All will be revealed when my next bill is due.  Keep your fingers crossed for me

[bat69]

Pleased top be able to help Lona, hope the security you now have prevents this from happening again